Announcement

**chithanh** · 14 March 2019, 07:25 PM

Michael
Do you have tests planned how AES-based LUKS compares against Google's new Adiantum encryption? That would be interesting, especially with vs. without AES hardware acceleration.

Also I think the choice of I/O scheduler is important to a degree, as it can partially mask the additional access latency incurred by LUKS.

**chithanh** · 14 March 2019, 07:32 PM

Originally posted by Slithery View Post

Which would only be of any use if you could guarantee that no-one else had physical access to your machine. Otherwise they could drop a modified binary in your system path to do anything they wanted.

Both LUKS full-disk encryption and /home encryption are susceptible to this problem. Neither is resistant against "Evil Maid" style attacks. Even if you boot from external media normally which contains the crypto keys (on USB or SD card or whatever), the attacker could still switch boot order to boot from a specially crafted internal partition, then corrupt your boot media, and then continue to boot from there.

Originally posted by cybertraveler View Post

If someone is targeting you specifically to steal data or deply malicious code on your systems and they can get physical access to the systems, pretty much all bets are off (unless you have one of those fancy ORWL computers, for instance).

No, there exist concepts which are at least somewhat resistant against Evil Maid scenarios. Google Chromebooks are an example.

**torsionbar28** · 14 March 2019, 09:06 PM

What's the purpose of encrypting the OS disk or boot volumes? I encrypt /home and that's it. (Plus I have /tmp as a ram disk so its contents do not persist across reboots.)

**cybertraveler** · 14 March 2019, 09:13 PM

Originally posted by chithanh View Post

No, there exist concepts which are at least somewhat resistant against Evil Maid scenarios. Google Chromebooks are an example.

:P Re-read what I wrote, that you quoted.

**uxmkt** · 15 March 2019, 04:36 AM

You need to benchmark (with) an Atom-class device. i7 is just not big enough a deal.

**Aaron** · 15 March 2019, 05:24 AM

Originally posted by M@yeulC View Post

Side note: I recently installed ubuntu on a friend's computer, and it looks like the installer doesn't offer any luks on lvm options, so we had to do it manually. I wonder what's the performance penalty of this, but I would expect it to be minimal compared to plain luks.

Were you installing it with another OS? My 18.04 install uses a LUKS/LVM automatic setup and it looks like that is an option in the installer from some quick Googling:

Full disk encryption with Ubuntu installation

http://www.youtube.com/watch?v=pCsvj_bi0A8&t=3m10s

In this video you can watch how to install ubuntu and encrypt the OS using Ubuntu mini iso netinstall. More detailed steps :http://utappia.org/2016/03/23/how...

From memory, though, the FDE options are more limited for dual-boot setups.

**Aaron** · 15 March 2019, 05:30 AM

Originally posted by chithanh View Post

Both LUKS full-disk encryption and /home encryption are susceptible to this problem. Neither is resistant against "Evil Maid" style attacks. Even if you boot from external media normally which contains the crypto keys (on USB or SD card or whatever), the attacker could still switch boot order to boot from a specially crafted internal partition, then corrupt your boot media, and then continue to boot from there.

No, there exist concepts which are at least somewhat resistant against Evil Maid scenarios. Google Chromebooks are an example.

The "Attacker Model" section of
https://www.ru.nl/publish/pages/9092...ft-paper_1.pdf
does a good job of summarising the various threat models and where FDE helps (and does not).

**Venemo** · 15 March 2019, 05:49 AM

Originally posted by chithanh View Post

Both LUKS full-disk encryption and /home encryption are susceptible to this problem. Neither is resistant against "Evil Maid" style attacks. Even if you boot from external media normally which contains the crypto keys (on USB or SD card or whatever), the attacker could still switch boot order to boot from a specially crafted internal partition, then corrupt your boot media, and then continue to boot from there.

What if you password-protect the BIOS and only allow to boot from external media after entering the password?

**linner** · 15 March 2019, 07:58 AM

Regardless of performance I have been running FDE on every single system I manage for over 20 years. My biggest threat is thieves stealing hardware then having full access to the data and even basic FDE protects against that. Recently I have been looking to move to encrypted /boot due to very real espionage threats. I don't understand why management keeps hiring Chinese spies and giving them way too much access. "This time it will be different." Idiots.

**chithanh** · 15 March 2019, 12:49 PM

Originally posted by cybertraveler View Post

:P Re-read what I wrote, that you quoted.

I was specifically referring to the "all bets are off" remark. If you boot a Chromebook and it does not give you the developer mode warning, then you can be reasonably sure that the verified boot process is still intact.

Originally posted by Aaron View Post

The "Attacker Model" section of
https://www.ru.nl/publish/pages/9092...ft-paper_1.pdf
does a good job of summarising the various threat models and where FDE helps (and does not).

The question was if FDE is more secure in any threat scenario than /home encryption, and I find nothing in the Attacker Model section that indicates it is.

Originally posted by Venemo View Post

What if you password-protect the BIOS and only allow to boot from external media after entering the password?

An Evil Maid has the ability to remove the local boot disk and modify it, or temporarily replace it with another one. Once booted, EFI boot order etc. can be manipulated from the operating system.

Announcement

The 2019 Laptop Performance Cost To Linux Full-Disk Encryption

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment