[Pkg-cryptsetup-devel] What is the benefit of SSL/GnuPG encrypting
keys instead of XOR?
David Härdeman
david at 2gen.com
Tue Mar 21 23:31:25 UTC 2006
Hi,
I've just joined the list because I'm interested in adding LUKS
cryptoroot support to the Debian installer (partman-crypto that is).
So far I've been working on other components which are also necessary
for this. Most importantly, adding luks cryptoroot support to
initramfs-tools and klibc so that the initramfs can recognize and setup
a luks encrypted root (see bug #348147).
I've followed the "Status of partman-crypto" thread with great interest,
but I can't really understand what the benefit is of SSL/GnuPG
encrypting keys which are stored on for instance removable media.
Presumably it allows for a kind of two-factor authentication (knowing
passphrase plus having possession of removable media with encrypted
key being necessary to access harddrive).
However, exactly the same benefit can be acheived by simply XOR:ing the
passphrase and the key stored on the media together. The main advantage
being that no extra binaries are needed on the initrd/initramfs/etc
(GnuPG seems like a quite heavy requirement in early userspace).
Additionally, should the media with the key be lost or copied without
the knowledge of the user, it is possible for the person who has
gotten hold of the encrypted keyfile to attempt a brute-force attack as
GnuPG use also means that it is possible to know when the correct
keyphrase has been found.
In contrast, if the keyfile is simply XOR:ed with the passphrase, there
is no way of brute-force attacking the key unless the attacker also has
access to something which to test the result upon (i.e. the encrypted
harddrive).
Am I missing something here?
Regards,
David Härdeman
david at 2gen.com
More information about the Pkg-cryptsetup-devel
mailing list