On Sun, Oct 20, 2013 at 10:28:08AM +0200, Milan Broz wrote: > On 10/20/2013 07:52 AM, .. ink .. wrote: > > > I raised the question not out of fear of anything or spreading FUD on > > truecrypt but out of seeking a better understanding of how LUKS > > header in particular and header using encrypted volumes in general > > are created and managed and if they could be used to manage a > > backdoor of some sort. > > If you have header generated by some unknown binary, you do not need > to store master or whatever so complicated. Just mangle how master key > is generated (predictable RNG or so) and you have undetectable backdoor. Yes, indeed! My suggestion to hide the master key in the salts is far to complicated. > If you have root access to device with active mapping, you can always > read encryption key from memory and store it elsewhere, send by WiFi... See also FAQ Item 6.10. > And, btw some NAS manufacturers add backdoors and weaks security, > even for LUKS partitioning systems... > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3200 > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3278 > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1431 > (and probably others I missed) Urgh. People remain stupid... > Anyway, if anyone want to audit usptream cryptsetup code, > it is more then welcome! > > Just please do not turn it to some funded service with unclear > motivation behind. > I will be more than happy to provide any cooperation related > to source code audit. I will too. Although Milan has far superiour knowledge of the sources, I can provide a second opinion on anything that seems to be suspicuous or unclear. Arno > Milan > _______________________________________________ > dm-crypt mailing list > dm-crypt@xxxxxxxx > http://www.saout.de/mailman/listinfo/dm-crypt -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@xxxxxxxxxxx GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- There are two ways of constructing a software design: One way is to make it so simple that there are obviously no deficiencies, and the other way is to make it so complicated that there are no obvious deficiencies. The first method is far more difficult. --Tony Hoare _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
