From owner-freebsd-hackers@FreeBSD.ORG Fri Mar 4 23:32:02 2005 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1BECB16A4CE for ; Fri, 4 Mar 2005 23:32:02 +0000 (GMT) Received: from hiroshima.ihack.net (209-6-103-199.c3-0.smr-ubr1.sbo-smr.ma.cable.rcn.com [209.6.103.199]) by mx1.FreeBSD.org (Postfix) with ESMTP id A7DE943D46 for ; Fri, 4 Mar 2005 23:32:01 +0000 (GMT) (envelope-from abuse@spamalicious.com) Received: by hiroshima.ihack.net (Postfix, from userid 27753) id B7CD62A65D3; Fri, 4 Mar 2005 23:31:30 +0000 (UTC) From: "Charles M. Hannum" Organization: By Noon Software, Inc. To: "ALeine" Date: Fri, 4 Mar 2005 23:31:30 +0000 User-Agent: KMail/1.7 References: <200503040317.j243HrZ2016007@marlena.vvi.at> In-Reply-To: <200503040317.j243HrZ2016007@marlena.vvi.at> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200503042331.30560.abuse@spamalicious.com> X-Mailman-Approved-At: Sat, 05 Mar 2005 13:01:48 +0000 cc: elric@imrryr.org cc: briggs@netbsd.org cc: perry@piermont.com cc: phk@phk.freebsd.dk cc: hackers@freebsd.org cc: tech-security@netbsd.org cc: ticso@cicely.de Subject: Re: FUD about CGD and GBDE X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Mar 2005 23:32:02 -0000 On Friday 04 March 2005 03:17, ALeine wrote: > Your assumption is wrong. First of all, the first sector of the > encrypted image does not necessarily start at the beginning of > the disk, nor does the last sector have to be the last sector > of the disk. At initialization first_sector, last_sector and > total_sectors can be set so that the encrypted image is placed > at an offset from both sides of the disk. If you also use > random_flush that free space (padding) is filled with random > garbage automatically, so one cannot detect where the encrypted > image actually begins or ends. >... > You also have to take into acount the fact that there are at > least 4 512 byte lock sectors (regardless of the size of the > logical sector) which will thwart your automated brute forcing > attempt further. Lock sectors can be anywhere, their location is > picked randomly at initialization and everything else has to map > around them, so you cannot assume anything about their location > or know that you stumbled upon them. There are at least two ways to determine this information fairly easily: 1) If you're doing analysis of a cold disk, it is ~trivial to tell the difference between a sector that has been written only once and a sector that has been rewritten. 2) When used in a SAN environment, or an environment where multiple accesses to the drive can be done over time, it is possible to determine this fairly quickly using traffic analysis. The GBDE paper even touches on this in section 10.3. Have you read it?