[Help] How to Replace File Operations in File System?
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Thu Feb 20 10:32:14 EST 2014
On Thu, 20 Feb 2014 17:48:07 +0800, freeman said:
> However as I planed it, I don't want involve the user too much-
> just to keep simple. I plan to build a safe box, and people throw
> personal things into it. That's all.
The first question is - what are you trying to protect against? The
answer to that will influence your design.
As Bruce Schneier said in the intro to Applied Cryptography:
There are two kinds of cryptography in this world: cryptography that will stop
your kid sister from reading your files, and cryptography that will stop major
governments from reading your files. This book is about the latter.
It's one thing to write a silly kernel module that will rot13 your
files. It's totally another to design a complete system that works.
Do you need to worry about a directory being open for access to encrypted
files, and another rogue process on the system simply going and reading
the files and the crypto doesn't matter? (This is an issue for cryptLUKS,
for instance - it defends against somebody stealing a powered-off laptop,
but not against processes that get access to a running system. You may wish
to think for a bit about what security is provided by a system that is
suspended, rather than powered off - particularly in the case of
cold-boot attacks....)
Do you need to worry about somebody replacing the binary that prompts
the user for the passphrase before loading it into the kernel, with a
version that saves the passphrase for later, after the device has been
"recovered" via theft or similar? (And yes, this *has* been used before,
see 'FBI v Scarfo', where they installed a keylogger to snag a PGP passphrase:
https://epic.org/crypto/scarfo.html
Do you need to worry about other more generic keystroke loggers?
Do you need to worry about the fact that most user passphrases won't
have enough entropy to be used directly as crypto keys? If you merely
use the passphrase for salting a randomized key (such as the way gpg,
ssh, and cryptLUKS use your passphrase), how do you address the problem
of insufficient random entropy at key generation time?
That's just the obvious stuff you will need to worry about. :)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 848 bytes
Desc: not available
Url : http://lists.kernelnewbies.org/pipermail/kernelnewbies/attachments/20140220/77852d5b/attachment.bin
More information about the Kernelnewbies
mailing list