Re: Keyfile Support for GRUBs LUKS

[Elliott Mitchell]

On Tue, Nov 19, 2013 at 07:31:35PM -0600, Glenn Washburn wrote:
> I've had this setup ever since grub had LUKS support, except for the
> signature checking.  I don't really see the point of checking
> signatures if the kernel and initrd are encrypted.

You're setting yourself up for a *lot* of pain then.  In places where
security is important, *always* check signatures.  Utilizing encryption
without checking signatures leaves you *wide-open* to attacks!  In a
case like this, by observing whether the system continues or halts the
attacker will be able to figuring out how the incoming stream was
handled.  While this may not allow them to figure out what the keys are,
it will allow them to easily break in.

Not checking signatures has repeatedly killed zillions of security
products.  If you worry about security, signatures are non-optional!


-- 
(\___(\___(\______          --=> 8-) EHM <=--          ______/)___/)___/)
 \BS (    |         address@hidden  PGP 87145445         |    )   /
  \_CS\   |  _____  -O #include <stddisclaimer.h> O-   _____  |   /  _/
8A19\___\_|_/58D2 7E3D DDF4 7BA6 <-PGP-> 41D1 B375 37D0 8714\_|_/___/5445