Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Would it make sense to include some LUKS partition data item to make the response unique? #70

Open
cobratbq opened this issue Jul 30, 2021 · 3 comments
Open

Would it make sense to include some LUKS partition data item to make the response unique? #70

cobratbq opened this issue Jul 30, 2021 · 3 comments

Comments

@cobratbq
Copy link

cobratbq commented Jul 30, 2021
edited

This week I have discovered the yubikey-luks package inside debian/ubuntu. I'm reading up a bit on how the mechanism works. Now I'm left with the following question. IIUC the resulting response is - in its basic configuration - solely dependent on the password entered which is used as challenge. This means, that if you use this mechanisms on multiple PCs, capturing the result on one PC gives you the passphrase to use on other PC's.

Could we include something unique/identifying of the LUKS partition (e.g. partition UUID) to make the response of the challenge - and therefore the response - distinct for each PC?

update I am having second thoughts about using the UUID, as it is likely changeable, so would corrupt the key slot. I am still curious to your opinion on this.

update to add reasoning:

In the end, you receive a consistent response from the security key, so whatever you do, you cannot protect from capturing the final secret value that unlocks the LUKS partition. This is not a goal.

However, you can avoid that you can discover the secret with only the security key accessible. Including a piece of unique/distinct LUKS/partition information in the challenge, means that you need to have access to the partition at least once - in addition to having access to the security key.
@cobratbq cobratbq changed the title Would it make sense to include the LUKS partition UUID to make the response unique? Would it make sense to include some LUKS partition data item to make the response unique? Jul 30, 2021
@Vincent43
Copy link
Contributor

Vincent43 commented Jul 31, 2021
edited

Yes uuid is changeable so there will be significant risk of locking out user from the data.

@cobratbq
Copy link
Author

cobratbq commented Aug 1, 2021

Updated description to include rationale: if we use a piece of unique information from the partition/LUKS, we ensure that both the security key and the partition need to be accessible once before the secret value that decrypts the LUKS partition can be discovered.

@Samdaaman
Copy link

Samdaaman commented Feb 13, 2022
edited

I had a similar idea!

@cobratbq check out this pull request (or this branch on my fork)

Obviously this is a beta feature that I have developed myself so would recommend that you have a master password that you can unlock the partition with normally if the feature fails for whatever reason

@Samdaaman Samdaaman mentioned this issue Feb 13, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@cobratbq @Vincent43 @Samdaaman