[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Keyfile Support for GRUBs LUKS
|
From: |
Vladimir 'φ-coder/phcoder' Serbinenko |
|
Subject: |
Re: Keyfile Support for GRUBs LUKS |
|
Date: |
Wed, 20 Nov 2013 06:48:40 +0100 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20131005 Icedove/17.0.9 |
On 20.11.2013 06:43, Glenn Washburn wrote:
> Modifying the cipher text just
> manifests as random data corruption of the plain text device, again not
> a security issue and nothing that signatures would prevent.
It's a security threat. Imagine you have somewhere a routine which
verifies SSH-key when connecting by network. Replace it with random
data. With some significant probability this decodes to valid opcodes
but which do no check. Now everyone can use your SSH.
encryption provides secrecy. Signatures provide verification. Using one
to achieve the other will always fail.
signature.asc
Description: OpenPGP digital signature
- Keyfile Support for GRUBs LUKS, Ralf Ramsauer, 2013/11/19
- Re: Keyfile Support for GRUBs LUKS, Glenn Washburn, 2013/11/19
- Re: Keyfile Support for GRUBs LUKS, Elliott Mitchell, 2013/11/19
- Re: Keyfile Support for GRUBs LUKS, Glenn Washburn, 2013/11/20
- Re: Keyfile Support for GRUBs LUKS,
Vladimir 'φ-coder/phcoder' Serbinenko <=
- Re: Keyfile Support for GRUBs LUKS, Glenn Washburn, 2013/11/20
- Re: Keyfile Support for GRUBs LUKS, Vladimir 'φ-coder/phcoder' Serbinenko, 2013/11/20
- Re: Keyfile Support for GRUBs LUKS, Glenn Washburn, 2013/11/21
- Re: Keyfile Support for GRUBs LUKS, Darren J Moffat, 2013/11/25
- Re: Keyfile Support for GRUBs LUKS, Elliott Mitchell, 2013/11/20
- Re: Keyfile Support for GRUBs LUKS, Vladimir 'φ-coder/phcoder' Serbinenko, 2013/11/20
- Re: Keyfile Support for GRUBs LUKS, Glenn Washburn, 2013/11/20
Re: Keyfile Support for GRUBs LUKS, Vladimir 'phcoder' Serbinenko, 2013/11/21