Re: Should I use gbde or geli?
- From: Peter Jeremy <peterjeremy@xxxxxxxxxxxxxxxx>
- Date: Mon, 30 Jan 2006 18:39:36 +1100
On Sun, 2006-Jan-29 12:10:34 +0100, Christian Baer wrote:
>On Sun, 29 Jan 2006 13:29:43 +1100 Peter Jeremy wrote:
>I am reading up on the basics of this subject. However, the theory
>doesn't really cover too much of the practical sides like the real
>differences between approaches or even gbde and geli.
Unfortunately, no-one with that knowledge has popped up. You could
try writing to the authors of gbde and geli and ask their opinions.
>Human failure can never be ruled out, if you can call being forced to do
>something at gunpoint a "failure".
If an attacker gets away with the data, by whatever means, then the
security system has failed. If you considered armed robbery a likely
situation (which you've ruled out), then you would need to protect
against it.
>One of the aces we may have is the fact that noone (including the
>employees) will know that the information is encrypted.
Actually, even though you haven't mentioned the company, someone with
the resources to consider breaking AES would probably not find it too
difficult to find the company's name. You _have_ admitted that you
are one of the people who knows the passphrase.
>We have been talking of AES all the time. How secure is blowfish? It's
>open source but not too well analysed so far. Can you say something
>about that. I have a problem trusting something that the NSA suggests,
>as there is always the possibility of a flaw in that. I know, some wild
>conspiricy, but worth a consideration at least.
The AES algorithm and its design principles are all public (and the
algorithm was developed outside the US). It has been through a
rigorous examination by the crypto community and the open community
haven't found any problems. Obviously, we don't know what the NSA
(and other spook agencies) found but NSA has two primary functions:
Protecting US information from prying eyes (promoting strong,
unbreakable crypto) and decrypting the rest of the world's secrets
(promoting weak crypto). The crypto experts I've spoken to believe
that AES is the result of the former group and if NSA found any
weaknesses, they would have killed it. Keep in mind that (despite the
paranoia) DES _was_ secure and the S-box construction was kept secret
because it was designed to protect against differential crytanalysis -
which was not a publicly known technique at the time. I suggest you
look up the sci.crypt FAQ.
>> alarm. You might find it easier to protect the master keys with a
>> (volatile) passphrase and rely on adequate protection of the
>> passphrase. (You might also consider looking up "secret sharing"
>> "threshold system").
>
>I'm not really sure where you're going with this volatile pass-phrase.
You were talking about automatically destroying the master key (which
makes recovering the data difficult). I'm suggesting that you rely on
protecting the master key so it can't be recovered, even if the disc
is stolen.
> If some burglar were to steal the
>computer it most likely would be cut off from power.
If I knew that the computer had sensitive information that would be
lost to me if the computer got powered off, I would ensure that the
computer didn't lose power whilst I was stealing it. Maybe I can
steal the UPS with the computer. If not, I could try opening the
case and paralleling my own supply.
--
Peter Jeremy
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"
- References:
- Should I use gbde or geli?
- From: Christian Baer
- Re: Should I use gbde or geli?
- From: Peter Jeremy
- Re: Should I use gbde or geli?
- From: Christian Baer
- Should I use gbde or geli?
- Prev by Date: Re: Should I use gbde or geli?
- Next by Date: Is CVS security on topic for this list?
- Previous by thread: Re: Should I use gbde or geli?
- Next by thread: Is CVS security on topic for this list?
- Index(es):
Relevant Pages
|
|
