On Tue, Dec 20, 2016 at 4:00 PM, Jean-Philippe Ouellet <j...@vt.edu> wrote:
> Unless you can come up with some cryptographically-sound way to
> integrate the information provided by a 2nd factor as a hard
> requirement to complete the secrets-unsealing-at-boot process, then
> the evil-maided computer could simply say "Yup, everything is okay,
> thanks" and you'd be none the wiser.

And even then, the existence of a 2nd factor does not somehow make the
computer more trustworthy. The existence of some external token says
nothing about whether or not your computer has been modified.

What 2fa in the context of evil maid attacks is specifically just
eliminating the fact that there is a static password to be exfiltrated
via an evil-maided computer, optimistically seeking to somehow
diminish the usefulness of a captured and recovered passphrase (by
re-encrypting your actual disk encryption key under a different
passphrase for use on subsequent boots). It does now somehow detect
that your computer has been evil-maided, nor prevent it from being so.

(Also, sorry for top-posting last time.)

You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
For more options, visit https://groups.google.com/d/optout.

Reply via email to