[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Keyfile Support for GRUBs LUKS

From: Vladimir 'φ-coder/phcoder' Serbinenko
Subject: Re: Keyfile Support for GRUBs LUKS
Date: Wed, 20 Nov 2013 06:48:40 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20131005 Icedove/17.0.9

On 20.11.2013 06:43, Glenn Washburn wrote:
> Modifying the cipher text just
> manifests as random data corruption of the plain text device, again not
> a security issue and nothing that signatures would prevent.
It's a security threat. Imagine you have somewhere a routine which
verifies SSH-key when connecting by network. Replace it with random
data. With some significant probability this decodes to valid opcodes
but which do no check. Now everyone can use your SSH.
encryption provides secrecy. Signatures provide verification. Using one
to achieve the other will always fail.

Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]