Encrypted watermarks and linux laptop security

Authors:
Markku-Juhani O. Saarinen
Affiliations:
Laboratory for Theoretical Computer Science, Helsinki University of Technology, Finland
Venue:
WISA'04 Proceedings of the 5th international conference on Information Security Applications
Year:
2004

Citing 12
Cited 1

How to construct pseudorandom permutations from pseudorandom functions

SIAM Journal on Computing - Special issue on cryptography
A cryptographic file system for UNIX

CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Personal Secure Booting

ACISP '01 Proceedings of the 6th Australasian Conference on Information Security and Privacy
Tweakable Block Ciphers

CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Keying Hash Functions for Message Authentication

CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
The Design and Implementation of a Transparent Cryptographic File System for UNIX

Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
Fast Block Cipher Proposal

Fast Software Encryption, Cambridge Security Workshop
Two Practical and Provably Secure Block Ciphers: BEARS and LION

Proceedings of the Third International Workshop on Fast Software Encryption
All-or-Nothing Encryption and the Package Transform

FSE '97 Proceedings of the 4th International Workshop on Fast Software Encryption
Mercy: A Fast Large Block Cipher for Disk Sector Encryption

FSE '00 Proceedings of the 7th International Workshop on Fast Software Encryption
Cryptanalysis of the Mercy Block Cipher

FSE '01 Revised Papers from the 8th International Workshop on Fast Software Encryption
A secure and reliable bootstrap architecture

SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy

VPFS: building a virtual private file system with a small trusted computing base

Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008

Quantified Score

Hi-index	0.00

Visualization

Abstract

The most common way to implement full-disk encryption (as opposed to encrypted file systems) in the GNU/Linux operating system is using the encrypted loop device, known as CryptoLoop. We demonstrate clear weaknesses in the current CBC-based implementation of CryptoLoop, perhaps the most surprising being a very simple attack which allows specially watermarked files to be identified on an encrypted hard disk without knowledge of the secret encryption key. We take a look into the practical problems of securely booting, authenticating, and keying full-disk encryption. We propose simple improvements to the current CryptoLoop implementation based on the notions of tweakable encryption algorithms and enciphering modes. We also discuss sector-level authentication codes. The new methods have been implemented as a set of patches to the Linux Kernel series 2.6 and the relevant system tools.