From owner-freebsd-security@FreeBSD.ORG Fri Jun 15 21:43:51 2012 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 303EE106566C for ; Fri, 15 Jun 2012 21:43:51 +0000 (UTC) (envelope-from rsimmons0@gmail.com) Received: from mail-vb0-f54.google.com (mail-vb0-f54.google.com [209.85.212.54]) by mx1.freebsd.org (Postfix) with ESMTP id D1EDD8FC0A for ; Fri, 15 Jun 2012 21:43:50 +0000 (UTC) Received: by vbmv11 with SMTP id v11so2466822vbm.13 for ; Fri, 15 Jun 2012 14:43:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; bh=X1Vy5Lua5VDAkqL1zgEvY6aDJWFzw5IXJi0J1hPrCu0=; b=BZs8k7kBi5jKh2l+y2k7NoAv3HOwISmHdWkc9diUez6vYdLRQ3CpvtFGnrHirmgyXP vDAU77N7ivdnIUrLRYkFdQTxxt8Asr13wj7wJPPmv9iFUBIBA/l3TuJeN4xOXvXnNmXx DIuooGlgPnKOOCmISBXAJswwcwDuoBTsY3dBZDaPWVePzDIBtUg4WZkbrDNrheGilzFH qA4PP6v+ZKUqmEiWaquqYi+Xm6Rm49ZmXXVYTopPs5oywR5kEJ/cN535iNLxDMEd0wiY QbIcY9cyUU3qsHaxR0piI6vLFsJP8tiOEzSxry2yf5S4tpC0S5K+2Y657Mtsu9RE8BlJ U97g== MIME-Version: 1.0 Received: by 10.52.176.232 with SMTP id cl8mr3022496vdc.115.1339796630231; Fri, 15 Jun 2012 14:43:50 -0700 (PDT) Received: by 10.52.113.97 with HTTP; Fri, 15 Jun 2012 14:43:50 -0700 (PDT) In-Reply-To: References: <4FDB7AC4.3060709@argolis.org> Date: Fri, 15 Jun 2012 17:43:50 -0400 Message-ID: From: Robert Simmons To: freebsd-security@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Subject: Re: Pre-boot authentication / geli-aware bootcode X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Jun 2012 21:43:51 -0000 On Fri, Jun 15, 2012 at 5:24 PM, Simon L. B. Nielsen wr= ote: > On Fri, Jun 15, 2012 at 7:11 PM, Matt Piechota wro= te: >> On 06/15/2012 01:40 PM, Simon L. B. Nielsen wrote: >>> >>> On Jun 11, 2012 1:22 AM, "Robert Simmons" =A0wrote= : >>>> >>>> Would it be possible to make FreeBSD's bootcode aware of geli encrypte= d >>> >>> volumes? >>>> >>>> I would like to enter the password and begin decryption so that the >>>> kernel and /boot are inside the encrypted volume. =A0Ideally the only >>>> unencrypted area of the disk would be the gpt protected mbr and the >>>> bootcode. >>>> >>>> I know that Truecrypt is able to do something like this with its >>>> truecrypt boot loader, is something like this possible with FreeBSD >>>> without using Truecrypt? >>> >>> I just booted off a USB flash key. Then your entire drive can be >>> encrypted. >>> >> >> While true, the point (to me at least) is that with your kernel (and in >> Linux's case, initrd) in the clear it's possible for someone to bury a >> trojan of some sort in there waiting for you to boot up and start doing >> something nefarious (open backdoors, keylogging, etc.). I suppose you co= uld >> check hashes of the kernel stuff and whatnot on booting to see if they >> haven't been modified, but that's not fool-proof either. That's obviousl= y >> some pretty cloak and dagger stuff, but the company I work for requires = full >> disk encryption. I've never actually asked if /boot counts, somewhat fea= ring >> the answer and resulting hassle from the largely paper-pushing security >> types. > > If you are worried about somebody compromising the system with direct > access, you can't fix that if you are booting of it. Truecrypt does > not prevent somebody compromising the truecrypt loader from gaining > access to your system after you have supplied the compromised loader > with your password. > > 10 seconds of google searching: > http://theinvisiblethings.blogspot.ie/2009/10/evil-maid-goes-after-truecr= ypt.html > >> The USB key method isn't bad, but it realistically only adds obfuscation >> unless you keep your laptop and the key separate. Knowing myself, I'd fo= rget >> one or the other fairly often. :) > > I got a USB key which was ~1.2x2cm (from memory) so I just kept it in > my keychain, and it was only attached to a computer when the system > was booting (well, mostly) and when I had to upgrade kernel so I would > say it added more than obfuscation, but nothing is perfect. As I could > not get in at home without said keychain forgetting it wasn't really > much of a problem (or rather, more of a problem wrt. getting in than > wrt. booting laptop :-) ). > > It also provide a second factor'ish authentcation for the laptop as I > used GELI keyfiles on the USB key as part of the encryption key. > > Not saying it's perfect, but worked well for me (past tense as I don't > use a FreeBSD laptop anymore). > > Frankly I think there is a much simpler solution to this problem... if > you ever not loose access long enough to the laptop that somebody > could have done something funny, wipe drive and reinstall. It all > depends on your level of paranoia / requirements for security. > > PS. just because you are paranoid, doesn't mean they are not out to get y= ou :-). That article is a fascinating read. I like the idea of the Disk Hasher stick solution. Perhaps that idea could be made more secure if the hash stick itself was encrypted: http://www.imation.com/en-US/Mobile-Security/Mobile-Security-Products/Secur= e-Data/Imation-Flash-Drives-Powered-by-IronKey/Imation-Enterprise-S200-Flas= h-Drive-Powered-by-IronKey/ Along those lines, I wonder if a GPF Crypto Stick could be used to authenticate the geli decryption process rather than your insecure USB stick? http://www.privacyfoundation.de/crypto_stick/crypto_stick_english/