LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

"Evil Maid" attack against disk encryption

"Evil Maid" attack against disk encryption

Posted Oct 30, 2009 2:11 UTC (Fri) by bronson (subscriber, #4806)
In reply to: "Evil Maid" attack against disk encryption by nybble41
Parent article: "Evil Maid" attack against disk encryption

> You could use one-time passwords

If you enter your one-time password on a subverted system, the attacker suddenly has access to all your data. He only needs access once.

> Or you could re-encrypt the entire disk

Not if your system is subverted. Sure, it would appear to you that everything is being re-encrypted, but in reality the back door the maid slipped will be used to copy everything the next time you leave your computer behind. (this is just one scenario, the attacker could also weaken the encryption algo, ship your data out over the network, etc etc)

> You could also make the encryption hardware external to the main system

Perhaps, but this doesn't exist today and sounds awfully expensive to develop.

(Log in to post comments)

"Evil Maid" attack against disk encryption

Posted May 6, 2010 23:18 UTC (Thu) by nybble41 (subscriber, #55106) [Link]

> If you enter your one-time password on a subverted system, the attacker suddenly has access to all your data. He only needs access once.

All your *current* data, yes; I don't see a way around that. The idea was to protect any future data you may put on the device from a different host PC.

> Not if your system is subverted.

The idea was to remove the USB key and re-encrypt it on a known-clean system, not re-encrypt on the compromised PC. Again, this is to protect against future unauthorized access, not to protect any data which may have already been exposed.

> Perhaps, but this doesn't exist today and sounds awfully expensive to develop.

I don't think it would be all that expensive; it's basically just a TPM chip with some trivial input hardware for the password. Internal hard-disk encryption exists today, though I don't know if it's any good. The drives I know of with that feature require full re-encryption to change the password, if they support it at all, but that wouldn't be hard to fix.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds