[tor-talk] [tor-dev] resistance to rubberhose and UDP questions

tor at lists.grepular.com tor at lists.grepular.com
Sat Oct 6 21:49:15 UTC 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 06/10/12 22:44, tor at lists.grepular.com wrote:

> From:
> http://www1.informatik.uni-erlangen.de/tresorfiles/tresor.pdf
> 
> "TRESOR is only compatible with real hardware. Run- ning TRESOR as
> guest inside a virtual machine is gen- erally insecure as the
> guest?s registers are stored in the host?s main memory."
> 
> This is a serious project. They have considered many different
> styles of attack, and have included attack code. The PDF is
> comprehensive.

Also, the encryption/decryption is done using a key derived from the
password which you enter at the very beginning of boot up. Not with
the password or key you provide to cryptsetup/luks. This wasn't clear
to me when I wrote the blog post which I linked to. It's all in the PDF.

- -- 
Mike Cardwell  https://grepular.com/     http://cardwellit.com/
OpenPGP Key    35BC AF1D 3AA2 1F84 3DC3  B0CF 70A5 F512 0018 461F
XMPP OTR Key   8924 B06A 7917 AAF3 DBB1  BF1B 295C 3C78 3EF1 46B4
-----BEGIN PGP SIGNATURE-----

iQGGBAEBCgBwBQJQcKdbMBSAAAAAACAAB3ByZWZlcnJlZC1lbWFpbC1lbmNvZGlu
Z0BwZ3AuY29tcGdwbWltZTgUgAAAAAAVABpwa2EtYWRkcmVzc0BnbnVwZy5vcmdt
aWtlLmNhcmR3ZWxsQGdyZXB1bGFyLmNvbQAKCRCdJiMBwdHnBDZJB/9LP/Ay+ObS
G8YnT+3hRPN8Du3LUNDI8646B40Tj0TdcXA6Roo9Tq/bsFonLAurROGCgYW9ybQR
NYY7hTWf2D7IKDZQTaUWVY1D5lT5T9WX3CMQlGc8PPNovbkWVOGj/OjwUfqqr7HJ
RQDWE4pOIBgXw8r5TdQDFjWhsJGQ9ipA5POrDJecGiQqa1mBJh6Tz3ABGP3vflM5
uG64YVfnAna5KnP7hEdDwWOOV5Nn16ZYpDSwRZUpbWKd7IH5j6FL0Hr1+dfnbPjF
TMibS1rYcWvybkQkITlp/3vlfsZOBTvfetdYyl9dtjNb6apo330vOTvSaWCA4k12
nYaSx4AnXrc1
=SreS
-----END PGP SIGNATURE-----


More information about the tor-talk mailing list