subject:"\[Tails\-dev\] CBC malleability attack"

Re: [Tails-dev] CBC malleability attack

2013-12-26 Thread Marco Calamari

On Wed, 2013-12-25 at 21:34 +0100, intrigeri wrote:
 Hi,
 
 Marco Calamari wrote (24 Dec 2013 11:42:36 GMT) :
  After readint the descritpion of this attack (injection attack type
  against LUKS-CBC volumes) 
 
  http://www.jakoblell.com/blog/2013/12/22/practical-malleability-attack-against-cbc-encrypted-luks-partitions/
 
  I check that my persistent partition (built a lot of TAILS
   version ago) is of CBC type.
 
 If an attacker gets write access to a Tails USB stick, they can as
 well corrupt the initramfs or some other part of the system, and from
 there have a persistent file be modified during next boot, without
 having to guess what block this file is stored at in the persistent
 volume. Seems easier than the attack against CBC, no?
 
 Or did I miss the threat model you had in mind?

Hi

no, absolutely, you're right; but CBC is under critics since a long
time,
 so at least doing persistency without it should not need
 an explicit danger, but only because it is not best of breed
 and the alternative block cypher is already there and comes
 for free

  Time to switch to XTS and/or warn user having CBC partition to 
  reformat?
 
 Note that cryptsetup 1.6 defaults to XTS. Once Tails is based on
 Wheezy, we might want to install this version, assuming a backport is
 not too painful to produce and maintain. Anyone volunteering to
 try this?
 
 Additionally, this would provide compatibility with the on-disk
 TrueCrypt format (which is not very useful until the rest of the
 udisks / GNOME Disks / Nautilus stack has this support, wishlist bug
 reported there a while ago, needs someone to write the code).


-- 
+--- http://www.winstonsmith.org  ---+
| il Progetto Winston Smith: scolleghiamo il Grande Fratello |
| the Winston Smith Project: unplug the Big Brother  |
| Marco A. Calamari mar...@marcoc.it  http://www.marcoc.it   |
| DSS/DH:  8F3E 5BAE 906F B416 9242 1C10 8661 24A9 BFCE 822B |
+ PGP RSA: ED84 3839 6C4D 3FFE 389F 209E 3128 5698 --+


signature.asc
Description: This is a digitally signed message part
___
tails-dev mailing list
tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev

[Tails-dev] CBC malleability attack

2013-12-24 Thread Marco Calamari

After readint the descritpion of this attack (injection attack type
 against LUKS-CBC volumes) 

http://www.jakoblell.com/blog/2013/12/22/practical-malleability-attack-against-cbc-encrypted-luks-partitions/

I check that my persistent partition (built a lot of TAILS
 version ago) is of CBC type.

Time to switch to XTS and/or warn user having CBC partition to 
 reformat?

Thanks a lot and good X-mas

-- 
+--- http://www.winstonsmith.org  ---+
| il Progetto Winston Smith: scolleghiamo il Grande Fratello |
| the Winston Smith Project: unplug the Big Brother  |
| Marco A. Calamari mar...@marcoc.it  http://www.marcoc.it   |
| DSS/DH:  8F3E 5BAE 906F B416 9242 1C10 8661 24A9 BFCE 822B |
+ PGP RSA: ED84 3839 6C4D 3FFE 389F 209E 3128 5698 --+


signature.asc
Description: This is a digitally signed message part
___
tails-dev mailing list
tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev

Re: [Tails-dev] CBC malleability attack

[Tails-dev] CBC malleability attack

2 matches

Site Navigation

Mail list logo

Footer information