-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 06/10/12 23:37, Maxim Kammerer wrote:
>> "TRESOR is only compatible with real hardware. Run- ning TRESOR >> as guest inside a virtual machine is gen- erally insecure as the >> guest?s registers are stored in the host?s main memory." > > This is irrelevant to my example. Yes. I replied too quickly to your email and realised my mistake shortly afterwards. Hence the second email. >> Also, the encryption/decryption is done using a key derived from >> the password which you enter at the very beginning of boot up. >> Not with the password or key you provide to cryptsetup/luks. This >> wasn't clear to me when I wrote the blog post which I linked to. >> It's all in the PDF. > > I see now ? so they break the assumption that one needs to provide > a correct password to open a volume in LUKS after it is closed, > for instance. Yes. They do that. As is documented. I guess this is one of the reasons why it's not in the mainline kernel. - -- Mike Cardwell https://grepular.com/ http://cardwellit.com/ OpenPGP Key 35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4 -----BEGIN PGP SIGNATURE----- iQGGBAEBCgBwBQJQcLTAMBSAAAAAACAAB3ByZWZlcnJlZC1lbWFpbC1lbmNvZGlu Z0BwZ3AuY29tcGdwbWltZTgUgAAAAAAVABpwa2EtYWRkcmVzc0BnbnVwZy5vcmdt aWtlLmNhcmR3ZWxsQGdyZXB1bGFyLmNvbQAKCRCdJiMBwdHnBOjVCACtNKnB4nnG /LgWr548F+nyzw5li/8SNQC+oXtGwSlqRDLVCrNC+RkJKG2+BAz0ZcgjmmrYJxRq lYW/nzvdMIijbcRBp8UvOHNqrie9OAKI/3oZswJXFz7EBZX/3VyFuu5SVzG7mR/X 2TRfNmXKV0rPamKIJcSrJGgYbo0kFDqRenG641qy9v+VjGwBds3oVQzjpvb08KKz exL7dMTq0X7SwK41adPmLNfPTlbkivg4yN0ctrVyvhiFuCJdSx16eusqsPk1A69C OUCUv5X4w2hpnV5ErlWD32J/1kMRsQ637J5o3SMvgxzF2rqVALEVvOhSDEcseRxn KAkjQdT1u9ZA =l+dT -----END PGP SIGNATURE----- _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
