Date: Sun, 18 May 2008 13:18:46 +0100 From: Robert Woolley <robert.woolley@rwoolley.com> To: freebsd-security@freebsd.org Cc: abi@e-arroyo.net Subject: Re: Vulnerability with compromised geli credentials? Message-ID: <20080518131846.375f85aa@gumby.homeunix.com.> In-Reply-To: <39408.75.36.168.192.1211071273.squirrel@209.51.135.2> References: <39408.75.36.168.192.1211071273.squirrel@209.51.135.2>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 17 May 2008 17:41:13 -0700 (PDT) "Abiron Arroyo" <abi@e-arroyo.net> wrote: > > I'm not really a developer, but was considering if there is a key > vulnerability in geli given that when you change a key there isn't a > disk update. > > Consider the scenario where a new file system is created and populated > with some files. At a later time the original key is changed because > someone has gained access to the key and passphrase. A new key is > generated and attached, but none of the files are modified. > The data is encrypted with a random master-key that's generated during the init stage. That key is itself encrypted with a user-key generated from the passphrase and keyfile, and the encrypted masterkey is stored on the disk. The master-key itself is never changed; if the new files were encrypted with a different key you wouldn't be able to read the old ones.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080518131846.375f85aa>