[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Unlock LUKS with login/password

On 2023-03-09 06:21:10 +0000 (+0000), Stephan Verbücheln wrote:
> Can you explain or refer to literature why encrypted /boot is
> pointless?

Doesn't really need literature, just some rational thought.

People often confuse encryption with attestation. Try to explain
what security benefits you gain from keeping the contents of /boot

Sure, you don't want someone with physical access to the machine
changing the files in /boot in order to backdoor the system startup
process, but you don't need to encrypt the contents to gain that
property. Attestation (a.k.a. "secure boot") relies on cryptographic
signatures to avoid using files which have been altered, regardless
of whether /boot has been encrypted:


But take it a step further, if someone has extended physical access
to your machine, it's pretty easy to (depending on the device) add
a hardware keylogger, packet sniffer, other circuits which can even
supply the attacker with reverse-tunneled remote access once you've
unlocked and booted the machine.

Disk encryption is great (when properly implemented) to protect
sensitive information on your machine from prying eyes if it gets
stolen, but unless you're putting sensitive data in /boot why go to
the added trouble of encrypting it?
Jeremy Stanley

Attachment: signature.asc
Description: PGP signature

Reply to: