dm-crypt best practices
or how to keep medium level schmucks out of your data

TasLUG 20 Feb 2014

What is dm-crypt?

• Device Mapper - cryptography
• Standard way of encrypting block devices on linux
• You may know cryptsetup
• Installers for major distros use it under LUKS

Threat models

Everyone is out to get you.

• Dumb thief
• Smart thief
• 1337 thief
• Corporate espionage
• Regular cops
• Computer cops
• Three letter agencies

Stuff disk encryption doesn't fix

• Excellent passwords on sticky notes
• Rootkits
• People standing behind you
• Tempest (lol)
• Compromised hardware

Stuff this does fix

• 1337 thieves/corporate espionage
• Anyone with skillz but less than $50k to spend on you
• Crappy passwords (sometimes)
• Compelled password disclosure (sometimes)

The plan

• Encrypted hard drive with dm-crypt/LUKS
• LUKS uses a key file rather than a password
• Key file is stored encrypted on an external drive
• Bootloader also stored on that external drive

Encrypting the drive

    dd if=/dev/urandom of=./root.key.tmp bs=512 count=4
    password=`echo -n "YOUR_PASSWORD_GOES_HERE" | openssl dgst -whirlpool -hex | cut -d ' ' -f 2`
    openssl aes256 -in root.key.tmp -out root.key
    openssl bf-cbc -in root.key.tmp -pass pass:"${password}" -salt -out "./root.key"
    modprobe dm_mod
    cryptsetup -c aes-xts-plain64 -s 512 -h sha512 -v luksFormat /dev/sda2 ./root.key.tmp
    shred root.key.tmp
    

Install your operating system

• Use manual partition config
• Use partitions you've mounted separately
• Install grub on the USB disk

Fix initcpio

• Use hooks from Arch
• Should work fine with any distro

What does the initcpio hook do?

    openssl bf-cbc -pass pass:"${password}" -d -in "${encfile}" -out "${decfile}" >/dev/null 2>&1
    if [ "$?" != "0" ]; then
        echo "Keyfile could not be decrypted" && break
    fi
    

We can be cleverer

    openssl bf-cbc -pass pass:"${password}" -d -in "${encfile}" -out "${decfile}" >/dev/null 2>&1
    if [ "$?" != "0" ]; then
        if [ "${password}" == "MY_DISTRESS_PASSWORD" ]; then
            cryptsetup luksKillSlot ${root_device}
            dd if=/dev/zero of=${usb_device} bs=1024 count=${size_of_device}
            dd if=/dev/zero of=${usb_device} bs=1024 count=${size_of_device}
            dd if=/dev/zero of=${usb_device} bs=1024 count=${size_of_device}
            dd if=/dev/zero of=${usb_device} bs=1024 count=${size_of_device}
        fi
    fi
    

What's left to attack?

• Hardware: CCC covered this
• Software while you're online
• You

Questions?

Links

• Slides: mjec.net/talks/dm-crypt

Slideshow made with deck.js

Slides are CC-BY-SA 3.0 AU