Re: encrypted file system issues (was Re: PGP master keys)

2006-05-02 Thread Bill Frantz
[A bit off topic but I thought I'd let it through anyway. Those uninterested in OS design should skip the rest of this message. --Perry] On 5/1/06, [EMAIL PROTECTED] (Perry E. Metzger) wrote: Disk encryption systems like CGD work on the block level, and do not propagate CBC operations across

Re: PGP master keys

2006-05-01 Thread Travis H.
On 29 Apr 2006 02:00:18 -, StealthMonger [EMAIL PROTECTED] wrote: Interesting epilog: theregister has apparently now edited out all mention of master keys. They probably had their misunderstanding pointed out to them by countless people by now. But... did anyone else note the phrasing of

encrypted file system issues (was Re: PGP master keys)

2006-05-01 Thread Perry E. Metzger
Travis H. [EMAIL PROTECTED] writes: Does anyone have any experience with disk or filesystem encryption, especially with regard to unclean shutdowns and power failures? Normal file systems are designed to fail in ways that are easy to clean up with fsck, but when you start to throw encryption

Disk Encryption (was: Re: PGP master keys)

2006-05-01 Thread Jeffrey I. Schiller
I use the following approach to encrypting my disks. I use an encrypted loopback device. The version of losetup I use permits me to store the disk key in a PGP encrypted file and decrypt it (with gpg) when needed. I made many backups of the both my personal keyring and the file with the encrypted

Re: PGP master keys

2006-05-01 Thread leichter_jerrold
| issues did start showing up in the mid-90s in the corporate world ... | there were a large number of former gov. employees starting to show up | in different corporate security-related positions (apparently after | being turfed from the gov). their interests appeared to possibly reflect

Re: PGP master keys

2006-05-01 Thread Anne Lynn Wheeler
[EMAIL PROTECTED] wrote: A similar issue occurs in a civilian context, sometimes with fake employees, other times with fake bills. Often, these get found because they rely on the person committing the fraud being there every time a check arrives: It's the check sitting around with no one

Re: encrypted file system issues (was Re: PGP master keys)

2006-05-01 Thread Travis H.
On 5/1/06, Perry E. Metzger [EMAIL PROTECTED] wrote: Not if you design it correctly. Disk encryption systems like CGD work on the block level, and do not propagate CBC operations across blocks, So is it vulnerable to any of the attacks here? http://clemens.endorphin.org/LinuxHDEncSettings I

Re: PGP master keys

2006-04-29 Thread Anne Lynn Wheeler
Anne Lynn Wheeler wrote: issues did start showing up in the mid-90s in the corporate world ... there were a large number of former gov. employees starting to show up in different corporate security-related positions (apparently after being turfed from the gov). their interests appeared to

Re: PGP master keys

2006-04-28 Thread Hadmut Danisch
On Wed, Apr 26, 2006 at 10:41:12PM -0400, Steven M. Bellovin wrote: Ah -- corporate key escrow. An overt back door for Little Brother, rather than a covert one for Big Brother You should check the list of recipient keys in PGP messages from time to time anyway. I recently found a bug in

Re: PGP master keys

2006-04-28 Thread Anne Lynn Wheeler
Steven M. Bellovin wrote: Ah -- corporate key escrow. An overt back door for Little Brother, rather than a covert one for Big Brother the key escrow meetings attempted to differentiate between keys used for authentication and keys used for securing corporate data (I only went to a

Re: PGP master keys

2006-04-28 Thread Anne Lynn Wheeler
note from the corporate side ... is was specifically the escrow of encryption keys for data at rest ... as part of prudent corporate asset protection; it was not escrow of authentication keys nor escrow of encryption keys used for communication. the internal network was larger than the

Re: PGP master keys

2006-04-28 Thread Anne Lynn Wheeler
and real-time reference from today ... on backup tapes ... at off-site location that weren't encrypted (and should have been): Data storage firm apologizes for loss of railroad data tapes Information on as many as 17,000 workers at risk

Re: PGP master keys

2006-04-28 Thread StealthMonger
Steven M. Bellovin [EMAIL PROTECTED] writes: In an article on disk encryption (http://www.theregister.co.uk/2006/04/26/pgp_infosec/), the following paragraph appears: BitLocker has landed Redmond in some hot water over its insistence that there are no back doors for law

Re: PGP master keys

2006-04-27 Thread Derek Atkins
Quoting Steven M. Bellovin [EMAIL PROTECTED]: In an article on disk encryption (http://www.theregister.co.uk/2006/04/26/pgp_infosec/), the following paragraph appears: BitLocker has landed Redmond in some hot water over its insistence that there are no back doors for law

Re: PGP master keys

2006-04-27 Thread David Shaw
On Wed, Apr 26, 2006 at 09:53:27PM -0400, Steven M. Bellovin wrote: In an article on disk encryption (http://www.theregister.co.uk/2006/04/26/pgp_infosec/), the following paragraph appears: BitLocker has landed Redmond in some hot water over its insistence that there are no back

Re: PGP master keys

2006-04-27 Thread Steven M. Bellovin
On Wed, 26 Apr 2006 22:24:22 -0400, Derek Atkins [EMAIL PROTECTED] wrote: Quoting Steven M. Bellovin [EMAIL PROTECTED]: In an article on disk encryption (http://www.theregister.co.uk/2006/04/26/pgp_infosec/), the following paragraph appears: BitLocker has landed Redmond in some

PGP master keys

2006-04-26 Thread Steven M. Bellovin
In an article on disk encryption (http://www.theregister.co.uk/2006/04/26/pgp_infosec/), the following paragraph appears: BitLocker has landed Redmond in some hot water over its insistence that there are no back doors for law enforcement. As its encryption code is open