Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
:. How to hide an encryption key in the hardware?
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
dmitrio
Tux's lil' helper
Tux's lil' helper


Joined: 10 Dec 2002
Posts: 115
Location: Pago Pago

PostPosted: Wed Apr 23, 2003 11:52 pm    Post subject: :. How to hide an encryption key in the hardware? Reply with quote

Hi!

Suppose we have an encrypted FS.

What an option do we have to hide a key inside a hardware?
or maybe use as a paraphrase some hardware setting (like serial number or something else)

I mean that particular system should loadup only in combination of the same hardware.
(minimal check would be the system board and the hard drive)
At boot time it should not ask for any passwords - just check hardware config and if it OK then boot up.

And wouldn't bootup if you'll plug the HDD in to the other computer.

Any ideas?
_________________

... Leaving ground, destination is unknown,
into the darkness and far away from home,
Will your dream come true and what will you find,
when fate is your guide ...
Back to top
View user's profile Send private message
kashani
Advocate
Advocate


Joined: 02 Sep 2002
Posts: 2032
Location: San Francisco

PostPosted: Thu Apr 24, 2003 12:19 am    Post subject: Reply with quote

I've heard rumors of people who have attached some hardware (RSA??) serial device to the serial port. The machine would query that before doing various tasks. The problem then becomes, if they can steal the hard drive why not a serial device too. :)

kashani
_________________
Will personally fix your server in exchange for motorcycle related shop tools in good shape.
Back to top
View user's profile Send private message
dmitrio
Tux's lil' helper
Tux's lil' helper


Joined: 10 Dec 2002
Posts: 115
Location: Pago Pago

PostPosted: Thu Apr 24, 2003 12:58 am    Post subject: Reply with quote

kashani wrote:
I've heard rumors of people who have attached some hardware (RSA??) serial device to the serial port. The machine would query that before doing various tasks. The problem then becomes, if they can steal the hard drive why not a serial device too. :)


yes, i agree with it, i don't wont to use any floppy, usb keys, hardlock keys and so on
samething like put together serial number from HDD and a chip on systemboard or something like it..

any idea would be really helpfull!
_________________

... Leaving ground, destination is unknown,
into the darkness and far away from home,
Will your dream come true and what will you find,
when fate is your guide ...
Back to top
View user's profile Send private message
puggy
Bodhisattva
Bodhisattva


Joined: 28 Feb 2003
Posts: 1992
Location: Oxford, UK

PostPosted: Thu Apr 24, 2003 1:09 am    Post subject: Reply with quote

I think you'd definitley be sacrificing security to do this.
If someone stole your whole computer for instance...
Also, serial numbers etc can be faked...

Puggy
_________________
Where there's open source , there's a way.
Back to top
View user's profile Send private message
dmitrio
Tux's lil' helper
Tux's lil' helper


Joined: 10 Dec 2002
Posts: 115
Location: Pago Pago

PostPosted: Thu Apr 24, 2003 2:30 am    Post subject: Reply with quote

puggy wrote:
I think you'd definitley be sacrificing security to do this.
If someone stole your whole computer for instance...
Also, serial numbers etc can be faked...

yes, i know this,
but i would like to set things up, so it will work only in particular hardware configuration, not anybody else,
even if it mirrored to another HDD it wouldn't work.
_________________

... Leaving ground, destination is unknown,
into the darkness and far away from home,
Will your dream come true and what will you find,
when fate is your guide ...
Back to top
View user's profile Send private message
xming
Guru
Guru


Joined: 02 Jul 2002
Posts: 441

PostPosted: Thu Apr 24, 2003 10:48 am    Post subject: Reply with quote

Code:
root # hdparm -i /dev/hda

/dev/hda:

 Model=HITACHI_DK23DA-30, FwRev=00J1A0G2, SerialNo=113SGP
 Config={ HardSect NotMFM HdSw>15uSec Fixed DTR>10Mbs }
 RawCHS=16383/16/63, TrkSize=0, SectSize=0, ECCbytes=4
 BuffType=DualPortCache, BuffSize=2048kB, MaxMultSect=16, MultSect=16
 CurCHS=16383/16/63, CurSects=16514064, LBA=yes, LBAsects=58605120
 IORDY=yes, tPIO={min:240,w/IORDY:120}, tDMA={min:120,rec:120}
 PIO modes:  pio0 pio1 pio2 pio3 pio4
 DMA modes:  mdma0 mdma1 mdma2
 UDMA modes: udma0 udma1 udma2 udma3 udma4 *udma5
 AdvancedPM=yes: mode=0x80 (128) WriteCache=enabled
 Drive conforms to: ATA/ATAPI-5 T13 1321D revision 3:  2 3 4 5
Back to top
View user's profile Send private message
dmitrio
Tux's lil' helper
Tux's lil' helper


Joined: 10 Dec 2002
Posts: 115
Location: Pago Pago

PostPosted: Thu Apr 24, 2003 1:47 pm    Post subject: Reply with quote

xming wrote:
Code:
root # hdparm -i /dev/hda


Thanx xming, it's a one piece of the mosaic :)
_________________

... Leaving ground, destination is unknown,
into the darkness and far away from home,
Will your dream come true and what will you find,
when fate is your guide ...
Back to top
View user's profile Send private message
xming
Guru
Guru


Joined: 02 Jul 2002
Posts: 441

PostPosted: Thu Apr 24, 2003 2:26 pm    Post subject: another one Reply with quote

ifconfig eth0, then you have the mac address (I know macs are changeable but in combination with serial id from the hd, it should be reaaly uniq)

oh and cat /proc/bus/usb/devices might give you more data

xming
Back to top
View user's profile Send private message
dmitrio
Tux's lil' helper
Tux's lil' helper


Joined: 10 Dec 2002
Posts: 115
Location: Pago Pago

PostPosted: Thu Apr 24, 2003 3:04 pm    Post subject: Re: another one Reply with quote

xming wrote:
ifconfig eth0, then you have the mac address (I know macs are changeable but in combination with serial id from the hd, it should be reaaly uniq)

oh and cat /proc/bus/usb/devices might give you more data



MAC address should be unique, nice tip! tnx :D

i have nothing on usb - so it wouldn't work

is here any possibilities to get something like CPU serial number
or maybe info from chips on system board?
_________________

... Leaving ground, destination is unknown,
into the darkness and far away from home,
Will your dream come true and what will you find,
when fate is your guide ...
Back to top
View user's profile Send private message
Diggen
n00b
n00b


Joined: 27 Feb 2003
Posts: 17
Location: Germany

PostPosted: Thu Apr 24, 2003 4:03 pm    Post subject: Reply with quote

Whats about
#cat /proc/pci
Back to top
View user's profile Send private message
axxackall
l33t
l33t


Joined: 06 Nov 2002
Posts: 651
Location: Toronto, Ontario, 3rd Rock From Sun

PostPosted: Thu Apr 24, 2003 5:05 pm    Post subject: Reply with quote

Whereever you hide the key, if it on the computer - I steal and I have and I use it without any problem.

The only thing you can steal from me is myself, specifically the combination of my knowledge (not spoken yet!) and my (alive!) body.

Basically, I advise to use biometric devices, which can read the image of you (retina or fingerprint), ask you the password, encode the image with your password into your bio-pattern and compare it to the pattern from the DB (must be encrypted agian with your bio-pattern).

Now if I steal your PC I cannot use it without your bio-pattern. If I steal the password - I don't have you body for image. If I kill you - I don't know the password and, besides, good biometrics devices recognize the dead body by personal (usually invisible) micro-motions of your eye retina.

Expensive? Perhaps. But how much is your risk to loose your data from HD?
Back to top
View user's profile Send private message
axxackall
l33t
l33t


Joined: 06 Nov 2002
Posts: 651
Location: Toronto, Ontario, 3rd Rock From Sun

PostPosted: Thu Apr 24, 2003 5:05 pm    Post subject: Reply with quote

BTW, it might be cheaper to buy an account in remote network storage and mount that space through a password-encrypted secure-tunnel.
Back to top
View user's profile Send private message
dmitrio
Tux's lil' helper
Tux's lil' helper


Joined: 10 Dec 2002
Posts: 115
Location: Pago Pago

PostPosted: Thu Apr 24, 2003 5:43 pm    Post subject: Reply with quote

Hi
question that the computer is in russia - so all the expensive stuff wouldn't work
and it should work in autopilot mode,
but if somebody will try to get hands on will get nothing (without root password) (case of masks-show)
i know a little bit about how is recovery of HDD going on - so it will be pretty reliable to bind hdd encryption to hardware enviroment.
_________________

... Leaving ground, destination is unknown,
into the darkness and far away from home,
Will your dream come true and what will you find,
when fate is your guide ...
Back to top
View user's profile Send private message
axxackall
l33t
l33t


Joined: 06 Nov 2002
Posts: 651
Location: Toronto, Ontario, 3rd Rock From Sun

PostPosted: Thu Apr 24, 2003 6:43 pm    Post subject: Reply with quote

dmitrio wrote:
Hi
question that the computer is in russia - so all the expensive stuff wouldn't work
and it should work in autopilot mode,
but if somebody will try to get hands on will get nothing (without root password) (case of masks-show)
i know a little bit about how is recovery of HDD going on - so it will be pretty reliable to bind hdd encryption to hardware enviroment.


1. You're right, in Russia all hardware is expensive, but the labour cost is almost free. So, encrypt the disk three times and give each password to 3 different people. Make sure that those men are available to type their passwords when the system reboots. I guess, those men (pick very cheap ones) must be included as a part of the "auto-pilot" mode (sort of biometrics, but using someone else's data) :)

2. The lack of the root password is not a problem. I can "repair" the system with "lost" root password having an access to unencrypted boot sector, if the sector reads the key from the repeatable hardware source in order open the root (and/or other) partitions. Russian goverment special forces have enough talents doing it on a daily basis.

3. For those of us who doesn't know what is maski-show, it's an unofficial name for the official procedure of russian federal tax (and not only tax) police forces to search for financial (and not only financial) criminal evidences. They use to wear their black-color face-masks, when they come having their search warrant (and their weapon). The guy is trying to protect details of someone's "activity" from the russian goverment. Don't be shocked, in Russia it's a normal life.
Back to top
View user's profile Send private message
dmitrio
Tux's lil' helper
Tux's lil' helper


Joined: 10 Dec 2002
Posts: 115
Location: Pago Pago

PostPosted: Thu Apr 24, 2003 8:33 pm    Post subject: Reply with quote

axxackall wrote:

1. You're right, in Russia all hardware is expensive, but the labour cost is almost free. So, encrypt the disk three times and give each password to 3 different people. Make sure that those men are available to type their passwords when the system reboots. I guess, those men (pick very cheap ones) must be included as a part of the "auto-pilot" mode (sort of biometrics, but using someone else's data) :)

I would like to exclude any human factor since it's a weakes link (IMO)

axxackall wrote:

2. The lack of the root password is not a problem. I can "repair" the system with "lost" root password having an access to unencrypted boot sector, if the sector reads the key from the repeatable hardware source in order open the root (and/or other) partitions. Russian goverment special forces have enough talents doing it on a daily basis.

this solution looks pretty elegant: root encryption to prevent it ;)

axxackall wrote:

3. For those of us who doesn't know what is maski-show, it's an unofficial name for the official procedure of russian federal tax (and not only tax) police forces to search for financial (and not only financial) criminal evidences. They use to wear their black-color face-masks, when they come having their search warrant (and their weapon). The guy is trying to protect details of someone's "activity" from the russian goverment. Don't be shocked, in Russia it's a normal life.

BTW thanks for the explanation - i didn't think, that some ppl may have no idea what i'm talking about :oops:

I would like to introduce solution to discuss a possible security holes in it /or maybe other possibilites/ and how to fix it.
Any opinion is highly appreciated.

Upon bootup initrd gathering information from different pieces of hardware
then it will put together a some of that information
and use it as a paraphrase for unencryption of the encrypted root partition

in emergency case, we have to boot up with another initrd (or other source) and put the paraphrase manually.
(since we know which parts of hardware ID we used for paraphrase
so it wouldn't be any problem to bootup with correct password)

_________________

... Leaving ground, destination is unknown,
into the darkness and far away from home,
Will your dream come true and what will you find,
when fate is your guide ...
Back to top
View user's profile Send private message
axxackall
l33t
l33t


Joined: 06 Nov 2002
Posts: 651
Location: Toronto, Ontario, 3rd Rock From Sun

PostPosted: Thu May 01, 2003 5:04 am    Post subject: Reply with quote

dmitrio wrote:
I would like to exclude any human factor since it's a weakes link (IMO)
...[snip]...
this solution looks pretty elegant: root encryption to prevent it ;)


Whatever you do - you boot-sector is unencrypted (unless you order a special PC with BIOS, which can read encrypted boot-sector, decrypt it and then execute it - but make sure that I don't have a copy of that BIOS). So, I can boot from alternative boot device (floppy, CDROM, if not presented - I open PC and install the missed hardware by my hands), then read your boot sector (it's unecrypted, remember?), trace it (it's not big, so it won't take long) and see where it gets the key and what algoritm is used to decrypt the rest of the system. It's not a big deal for me as the boot sector gathers your hardware parameters, which are repeatable or predictable or calculable information. So, I'll break such security in no time, especially if big money behind :)

There is no way to protect your system without gathering the source of paraphrase from unrepeatable sources. Any randomization device won't work as it's also random for decryptor (in other words - it doesn't give a real password), but it's not uniq among similar devices (in other words - no way to recognise the identifying style of the device).

The only way to gather such information is to get it from external sources, which must give in unrepeatable way (otherwise I can get it too as yesterday I've opened your PC and installed a small bug in your bootsector, which watch (spy) the paraphrase (I can wipe out the change by correcting the CRC algorithm in the boot sector).

So, the real solution for you is using special decryption device, which the person wears with him/her, connects at the moment of authentication, the boot sector distributes the task of decrption to that device, the root is decrypted, the device is disconnected. Then I am "a weak link" in hands of Russian Govt and your boss may sleep without problems.

How about the guy with that device? It's your boss. That's right, he is the only guy whom your boss trusts and he is the guy who boots the system, while you make sure that uptime is enough to tolerate long trips of your boss.
Back to top
View user's profile Send private message
dmitrio
Tux's lil' helper
Tux's lil' helper


Joined: 10 Dec 2002
Posts: 115
Location: Pago Pago

PostPosted: Thu May 01, 2003 9:35 pm    Post subject: Reply with quote

after a little search in different docs, including our thread, i'm turn around and looking for information about external devices, and you saying that it can be traceable.
looks like i have couple choses
1. get a unique BIOS with encription support
2. use a authentification key with person
some of the computers are locked - so nobody have access to it, accept admin, so person with ID key wouldn't work

is it any other ways to secure the system, using external devices, without human intervention?
_________________

... Leaving ground, destination is unknown,
into the darkness and far away from home,
Will your dream come true and what will you find,
when fate is your guide ...
Back to top
View user's profile Send private message
panserg
Apprentice
Apprentice


Joined: 16 Apr 2003
Posts: 188

PostPosted: Thu May 01, 2003 10:11 pm    Post subject: Reply with quote

dmitrio,

Don't forget to check NIST about security, National Institute of Standartization. Check there "Drafts" and "Special Publications", especially "800 series". It's a set of classic articles about IT security, with very well done analytical and classificational materials. IT security practice in US goverment has been build based on it. I am sure that Russian govt is using very similar guidelines. Also, the goverment may use those guidelines to prepare the practivce of breaking enimy's IT security. Thus, knowing such guidelines may help you to build the system better protected from your goverment.

Another source of information would be The National Security Agency, but they don't have much of articles published. BTW, they are the guys who sponsor SE-Linux.

One more article explains what mean "C2 Trusted" security level and what is the problem of "boot floppy".
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum