Hi, > On Fri, Feb 05, 2016 at 14:13:21 CET, Yves-Alexis Perez wrote: > > On ven., 2016-02-05 at 12:02 +0100, Arno Wagner wrote: > > > > Think external drives / removable storage? > > > > > > An attacker with physical access that you do not notice has > > > won. Storage encryption does not protect here. Think, for > > > example, "evil maid" type attacks. Storage encryption > > > is only for theft of the device (which you notice) or > > > attacker access which you notice in other ways. > > > > This is exactly why integrity matters? The point is to have an usb > > drive / > > external disk *fully* encrypted. The decryption is done by the > > host > > (which is trusted). In that case, confidentiality and integrity > > are both > > important. > > No. You are trying to solve the wrong problem. First, disk > encryption with 1:1 mapping will never give you integrity > protection and the other variants kill performance. I partially agree. What's about using GCM or CCM mode of operation for disk encryption ? ;) In order to solve the evil maid issue you need hardware security and a secure boot process. > > And second, who says anything abot the "evil maid" changing > things in the encrypted container? That's correct. > > Seriosuly, what you want you do not do with disk encryption, > but with PGP/GnuPG on file-level. > > Regards, > Arno Regards Zaolin
Attachment:
signature.asc
Description: This is a digitally signed message part
_______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
