Re: Just how secure encrypted linux partitions really are?

[Jeffrey Walton <noloader () gmail com>]

On Sun, Dec 12, 2010 at 2:14 AM, Thor (Hammer of God)
<thor () hammerofgod com> wrote:
> > > Hello to All,
> > >
> > > If anyone have serious hands-on experience with this, I would like to
> > > know some hard facts about this matter... I thought to ask you,
> > > because here're some of the top experts in this field, so I could find few
> > better places.
> > > Hope you can nodge me in the right direction, and take the time to
> > > answer this.
> > >
> > > ...
> > >
> > > Could some of you please give me some of your thoughts about this?
> > > And, maybe, what other methods of file system encryption are out there
> > > which are more secure?
> > If you are using a PBE (password based encryption), its no stronger than the
> > password. Though stated regarding Microsoft's BitLocker, the same applies
> > to all PBE systems: "BitLocker, at its core, is a password technology, we simply
> > have to get the password...", Exploration of Windows 7, Advanced Forensics
> > Topic (page 70).
> >
> > If your file system key is on a USB thumb drive, the security is probably only
> > as strong as the physical security on the thumb drive.
> >
> > Jeff
>
> Hey Jeff - not sure if you read the LE deck or just referenced Wikipedia, but regarding Bitlocker, there is a good 
> bit more to it.  Saying to "simply" get the password (not sure who would have written that) isn't "simple."  It's not 
> like the password (passphrase) is stored anywhere...  And yes, there should be some physical security around the USB 
> key, where the actual KEY is, but with Bitlocker anyway, you can leverage TPM, etc to make things far more difficult.
>
> I'm not familiar with CentOS's drive encryption solution - does it operate like bitlocker in that system 
> configuration hashes must match that stored by BL before mounting?   That's one of the benefits of Bitlocker - even 
> if you have the PIN, you can't mount the drive in another machine.   If CentOS acts in a similar manner, then just 
> getting the password won't help.
>
> When you throw TPM in the mix with a PIN (as the actual deck refers to), then you need the PIN to get to the TPM to 
> get the keys used to check the stored hash against the system before it can mount.  TPM-based encryption is pretty 
> easy, so if CentOS supports that, it very well be far more difficult (or statistically impossible) to decrypt.    In 
> Bitlocker's case, if a recovery key infrastructure is in place, then those could be leveraged as well.
Agreed if the TPM is present.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/