Thanks for all of the input. In the end I think I'm going to go with the simplest solution (along the way, I found ima-linux and signelf).
Let me know if what issues there are with this: Encrypt the LUKS passkey in a text file. Encrypt a user defined message and file checksums in another file with a different password. Decrypt this file first and display the message (letting the user know that if it doesn't look right, they should stop). Get the hashes of all of the files and compare them with the data in the text file and report if anything didn't match. If all is good, prompt for the password of the second file. If there are no issues, I find this simplest and most elegant. On Wed, May 29, 2013 at 12:52 PM, Thierry Moreau <[email protected]> wrote: > shawn wilson wrote: >> >> I guess I should've said what my use case is: >> I want a boot system that unlocks a partition where everything is >> checked [...] >> >> However, someone could replace >> gpg with a version that logs to something. > > > OK, simply provide a Faraday cage to the user and instruct them to boot the > device inside of it, hence ensuring a boot process without any RF connection > to the exterior. > > I'm only half joking: if you don't trust the hardware for having a > trustworthy boot in some read-only section in the device, then you stated an > impossible problem. > > Also, you may be paranoid about a user device being replaced altogether > without the victim noticing the replacement. Do you check that the serial > number of your favorite gadget remains stable over time? > > So in practice you must bear some residual risks when you tailor the boot > process towards your goal. In the tailoring project, you might find that GPG > is an overkill when only hash/signature validation is required. > > >>>> This is sort of a trusting trust question. > > > So you knew the answer already. > > > -- > - Thierry Moreau > > CONNOTECH Experts-conseils inc. > 9130 Place de Montgolfier > Montreal, QC, Canada H2M 2A1 > > Tel. +1-514-385-5691 _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
