[ANNOUNCE] ROCKate Tor LiveCD V0.4.0.0

Benjamin Schieder blindcoder at scavenger.homeip.net
Thu Jun 21 19:06:10 UTC 2007


On 21.06.2007 11:55:46, coderman wrote:
> On 6/21/07, Benjamin Schieder <blindcoder at scavenger.homeip.net> wrote:
> >...
> >Key management is an implementation detail and should be of no concern
> >to ROCKate users.
> 
> right.  but this means more work for you (to manage loop-aes keys) as
> luks makes things simple(r) already. :)

Well, personally I'm for luks, unless there are reasons against it. I'm
no cryptographer, so I have to look at people with the respective knowledge
here.
Apart from that, as developer of ROCKate I consider it my job to make stuff
as accessible as possible without compromising security. This goes for a
preconfigured FireFox as it goes for filesystem encryption.

> >> 1. cryptoloop, dm-crypt, bestcrypt, truecrypt, and loop-aes  - Why
> >> cryptoloop should not be used.
> >>    http://mareichelt.de/pub/texts.cryptoloop.php
> >
> >Last update is over a year old. Which parts do apply to todays kernel?
> 
> all of the statements are current for the most part. the author
> updated relevant sections to name versions where the watermarking /
> plain-text attack issues were fixed in truecrypt / dm-crypt.
> 
> dm-crypt still exposes more information than is desired during partial
> block updates. (change the last bit in a loop-aes 512byte block and
> you get a new block.  dm-crypt just updates the last cipher block
> sized portion at the end of the 512 block - 16 bytes)
> 
> overall, any of them are a pretty good choice.  the crypto will be the
> last thing an adversary tries to attack here, so your key management
> and user clue will be the crux.

So far, I've seen three ways of doing filesystem encryption:
1) simply enter a passphrase, it gets hashed to a key one-way-or-another
   (hashalot, luks)
2) create the dm-crypt table, encrypt it with a gpg key. on reboot, request
   gpg key passphrase, pipe the table back to dm-setup
3) let the user select a cipher and then enter a passphrase (may be combined
   with 1, seen with loop-aes
4) Let the user do it manually

These are listed in decreasing convenience.

Since running `dmsetup table' still gives the required line to decrypt the
block device and LiveCDs generally do not have a secure `root' account,
running `dmsetup remove my_tor_home' after mount should be obvious.
(Yes, one can still read it through other means, but hey, don't make it
 too easy)

> key scrubbing and robust key schedule (less data is encrypted per key
> than the others) for loop-aes multi-v3 may provide a useful benefit
> depending on your needs...

The need is a Tor LiveCD.


Greetings,
	Benjamin
-- 
Benjamin 'blindCoder' Schieder
Registered Linux User #289529: http://counter.li.org
finger blindcoder at scavenger.homeip.net | gpg --import
-- 
/lusr/bin/brain: received signal: SIGIDIOT
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20070621/70e6c53d/attachment.pgp>


More information about the tor-talk mailing list