[tor-talk] [tor-dev] resistance to rubberhose and UDP questions
Maxim Kammerer
mk at dee.su
Sat Oct 6 22:37:38 UTC 2012
On Sat, Oct 6, 2012 at 11:44 PM, <tor at lists.grepular.com> wrote:
> "TRESOR is only compatible with real hardware. Run-
> ning TRESOR as guest inside a virtual machine is gen-
> erally insecure as the guest?s registers are stored in the
> host?s main memory."
This is irrelevant to my example.
> Also, the encryption/decryption is done using a key derived from the
> password which you enter at the very beginning of boot up. Not with
> the password or key you provide to cryptsetup/luks. This wasn't clear
> to me when I wrote the blog post which I linked to. It's all in the PDF.
I see now — so they break the assumption that one needs to provide a
correct password to open a volume in LUKS after it is closed, for
instance.
--
Maxim Kammerer
Liberté Linux: http://dee.su/liberte
More information about the tor-talk
mailing list