* PSA for LUKS users @ 2023-04-20 2:45 Felix Lechner via 2023-04-20 4:03 ` Vagrant Cascadian 0 siblings, 1 reply; 6+ messages in thread From: Felix Lechner via @ 2023-04-20 2:45 UTC (permalink / raw) To: Guix Devel, help-guix Hi, Given the broad popularity of LUKS full-disk encryption among our fellow Guix users, I thought the community might appreciate reading about potentially weak key-derivation functions in older LUKS installations. [1] The article even offers fixes, although I cannot say whether your system will boot after you follow the steps since I do not use LUKS personally. Stay safe! Kind regards Felix Lechner [1] https://mjg59.dreamwidth.org/66429.html ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: PSA for LUKS users 2023-04-20 2:45 PSA for LUKS users Felix Lechner via @ 2023-04-20 4:03 ` Vagrant Cascadian 2023-04-20 9:32 ` Jonathan Brielmaier 2023-04-20 9:39 ` Attila Lendvai 0 siblings, 2 replies; 6+ messages in thread From: Vagrant Cascadian @ 2023-04-20 4:03 UTC (permalink / raw) To: Felix Lechner, Guix Devel, help-guix [-- Attachment #1: Type: text/plain, Size: 1731 bytes --] On 2023-04-19, Felix Lechner via wrote: > Given the broad popularity of LUKS full-disk encryption among our > fellow Guix users, I thought the community might appreciate reading > about potentially weak key-derivation functions in older LUKS > installations. [1] > > The article even offers fixes, although I cannot say whether your > system will boot after you follow the steps since I do not use LUKS > personally. Stay safe! ... > [1] https://mjg59.dreamwidth.org/66429.html In short, those instructions will almost certainly break Guix System! While recent grub2 finally has limited support for luks2, it only supports the weaker KDF (key derivation function) (PBKDF2?), as I understand it, though would be happy to be proven wrong! Because Guix System does not yet support a separate /boot partition, this means if you want "full-disk encryption" you are limited to weak KDF for the whole filesystem, instead of just a weak /boot partition (e.g. either luks1, luks2 with weaker pbkdf2, or entirely unencrypted). There is a bug about being able to use a split /boot partition: https://issues.guix.gnu.org/48172 Alternately, you could probably get a weaker encrypted rootfs (using luks1 or luks2+PBKDF) and still have a state-of-the-art luks2+argon2id partition for /home. Maybe if you were adventurous /var/guix, which might allow detecting a compromise with "guix gc" which contains the checksums of files in /gnu/store? With both the split /boot approach or the weaker rootfs with stronger /home partition, there is some risk of a (admittedly very sophisticated and still probably quite expensive) evil maid attack. https://en.wikipedia.org/wiki/Evil_maid_attack Well... fun times, folks! live well, vagrant [-- Attachment #2: signature.asc --] [-- Type: application/pgp-signature, Size: 227 bytes --] ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: PSA for LUKS users 2023-04-20 4:03 ` Vagrant Cascadian @ 2023-04-20 9:32 ` Jonathan Brielmaier 2023-04-20 9:39 ` Attila Lendvai 1 sibling, 0 replies; 6+ messages in thread From: Jonathan Brielmaier @ 2023-04-20 9:32 UTC (permalink / raw) To: Vagrant Cascadian, Felix Lechner, Guix Devel, help-guix Am 20.04.23 um 06:03 schrieb Vagrant Cascadian: > On 2023-04-19, Felix Lechner via wrote: >> Given the broad popularity of LUKS full-disk encryption among our >> fellow Guix users, I thought the community might appreciate reading >> about potentially weak key-derivation functions in older LUKS >> installations. [1] >> >> The article even offers fixes, although I cannot say whether your >> system will boot after you follow the steps since I do not use LUKS >> personally. Stay safe! > ... >> [1] https://mjg59.dreamwidth.org/66429.html > > In short, those instructions will almost certainly break Guix System! Can confirm :) At least the described backup & restore procedure does work. I also think, that our cryptsetup is quite old, so I built a patch for updating: https://issues.guix.gnu.org/62960 > While recent grub2 finally has limited support for luks2, it only > supports the weaker KDF (key derivation function) (PBKDF2?), as I > understand it, though would be happy to be proven wrong! The support seems pretty limited, as I only updated the LUKS version of my root-partition to version 2 (still PBKDF) and it already refused to boot... ~Jonathan ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: PSA for LUKS users 2023-04-20 4:03 ` Vagrant Cascadian 2023-04-20 9:32 ` Jonathan Brielmaier @ 2023-04-20 9:39 ` Attila Lendvai 2023-04-20 13:55 ` kiasoc5 1 sibling, 1 reply; 6+ messages in thread From: Attila Lendvai @ 2023-04-20 9:39 UTC (permalink / raw) To: Vagrant Cascadian; +Cc: Felix Lechner, Guix Devel, help-guix > While recent grub2 finally has limited support for luks2, it only > supports the weaker KDF (key derivation function) (PBKDF2?), as I > understand it, though would be happy to be proven wrong! i have just spent half an hour reading the linked PR's and patch emails, and unfortunately you seem to be right. i don't see why progress is so slow on this. some of the patches are 5+ years old! and the submitters seem to be constructive and responsive. a good entry point that collects the relevant links: https://github.com/johnlane/grub/issues/21 -- • attila lendvai • PGP: 963F 5D5F 45C7 DFCD 0A39 -- “The probability of the people in power being individuals who would dislike the possession and exercise of power is on a level with the probability that an extremely tender-hearted person would get the job of whipping-master on a slave plantation.” — Frank H. Knight ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: PSA for LUKS users 2023-04-20 9:39 ` Attila Lendvai @ 2023-04-20 13:55 ` kiasoc5 2023-04-20 16:31 ` Josselin Poiret 0 siblings, 1 reply; 6+ messages in thread From: kiasoc5 @ 2023-04-20 13:55 UTC (permalink / raw) To: Attila Lendvai, Vagrant Cascadian; +Cc: Felix Lechner, Guix Devel, help-guix On 4/20/23 05:39, Attila Lendvai wrote: >> While recent grub2 finally has limited support for luks2, it only >> supports the weaker KDF (key derivation function) (PBKDF2?), as I >> understand it, though would be happy to be proven wrong! > > > i have just spent half an hour reading the linked PR's and patch emails, and unfortunately you seem to be right. > > i don't see why progress is so slow on this. some of the patches are 5+ years old! and the submitters seem to be constructive and responsive. > > a good entry point that collects the relevant links: > > https://github.com/johnlane/grub/issues/21 > Argon2 support was slated to be in the next release of Grub (2.12) but apparently this is not realistic: https://www.mail-archive.com/grub-devel@gnu.org/msg35370.html ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: PSA for LUKS users 2023-04-20 13:55 ` kiasoc5 @ 2023-04-20 16:31 ` Josselin Poiret 0 siblings, 0 replies; 6+ messages in thread From: Josselin Poiret @ 2023-04-20 16:31 UTC (permalink / raw) To: kiasoc5, Attila Lendvai, Vagrant Cascadian Cc: Felix Lechner, Guix Devel, help-guix [-- Attachment #1: Type: text/plain, Size: 487 bytes --] It would probably be doable to run a very small Linux EFI stub as a bootloader on x86, that way you can side-step the lacking grub support. Integrating it with Guix would surely be a bit harder though. kiasoc5 <kiasoc5@disroot.org> writes: > Argon2 support was slated to be in the next release of Grub (2.12) but > apparently this is not realistic: As for LUKS2 support in Grub, as long as you use PBKDF2 it should now be supported by HEAD. Best, -- Josselin Poiret [-- Attachment #2: signature.asc --] [-- Type: application/pgp-signature, Size: 682 bytes --] ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2023-04-20 16:32 UTC | newest] Thread overview: 6+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2023-04-20 2:45 PSA for LUKS users Felix Lechner via 2023-04-20 4:03 ` Vagrant Cascadian 2023-04-20 9:32 ` Jonathan Brielmaier 2023-04-20 9:39 ` Attila Lendvai 2023-04-20 13:55 ` kiasoc5 2023-04-20 16:31 ` Josselin Poiret
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).