Differences between revisions 64 and 65
Revision 64 as of 2006-08-17 14:46:01
Size: 4692
Editor: MaxVozeler
Comment:
Revision 65 as of 2009-03-16 03:30:03
Size: 4716
Editor: anonymous
Comment: converted to 1.6 markup
Deletions are marked like this. Additions are marked like this.
Line 4: Line 4:
partman-crypto adds support to DebianInstaller for configuring, setting up and installing onto encrypted block devices. It allows users to setup [http://loop-aes.sf.net/ loop-AES], [http://www.saout.de/misc/dm-crypt/ dm-crypt] and [http://luks.endorphin.org/ LUKS] encrypted partitions for their Debian system during installation. partman-crypto is intended to use secure defaults while allowing experienced users to change settings as they require. partman-crypto adds support to DebianInstaller for configuring, setting up and installing onto encrypted block devices. It allows users to setup [[http://loop-aes.sf.net/|loop-AES]], [[http://www.saout.de/misc/dm-crypt/|dm-crypt]] and [[http://luks.endorphin.org/|LUKS]] encrypted partitions for their Debian system during installation. partman-crypto is intended to use secure defaults while allowing experienced users to change settings as they require.
Line 6: Line 6:
[[TableOfContents(2)]] <<TableOfContents(2)>>
Line 10: Line 10:
partman-crypto is now included in beta3 and daily builds of DebianInstaller. Support for plain dm-crypt, LUKS and loop-AES is mostly complete and tested. The current focus is on testing the existing features, fixing known bugs and on improving usability. Bugs and feature requests are tracked on the partman-crypto [http://bugs.debian.org/partman-crypto BTS page]. partman-crypto is now included in beta3 and daily builds of DebianInstaller. Support for plain dm-crypt, LUKS and loop-AES is mostly complete and tested. The current focus is on testing the existing features, fixing known bugs and on improving usability. Bugs and feature requests are tracked on the partman-crypto [[http://bugs.debian.org/partman-crypto|BTS page]].
Line 16: Line 16:
 * Installation guide on [http://d-i.alioth.debian.org/manual/en.i386/ch06s03.html#partman-crypto Configuring encrypted partitions]
 * [http://bugs.debian.org/partman-crypto Known bugs and feature requests]
 * [http://svn.debian.org/wsvn/d-i/trunk/packages/partman/partman-crypto SVN repository]
 * [http://svn.debian.org/wsvn/d-i/trunk/packages/partman/partman-crypto/README?op=file Documentation for hackers] / [http://svn.debian.org/wsvn/d-i/trunk/packages/partman/partman-crypto/TODO?op=file TODO]
 * Installation guide on [[http://d-i.alioth.debian.org/manual/en.i386/ch06s03.html#partman-crypto|Configuring encrypted partitions]]
 * [[http://bugs.debian.org/partman-crypto|Known bugs and feature requests]]
 * [[http://svn.debian.org/wsvn/d-i/trunk/packages/partman/partman-crypto|SVN repository]]
 * [[http://svn.debian.org/wsvn/d-i/trunk/packages/partman/partman-crypto/README?op=file|Documentation for hackers]] / [[http://svn.debian.org/wsvn/d-i/trunk/packages/partman/partman-crypto/TODO?op=file|TODO]]
Line 38: Line 38:
 * [http://csrc.nist.gov/cryptval/140-2.htm FIPS 140-2]
 * [http://rfc.net/rfc4086.html RFC4086 - Randomness Requirements for Security]
 * [[http://csrc.nist.gov/cryptval/140-2.htm|FIPS 140-2]]
 * [[http://rfc.net/rfc4086.html|RFC4086 - Randomness Requirements for Security]]
Line 55: Line 55:
 * [http://nusquama.org/~max/d-i/crypto/ Old daily builds] ( /!\ no longer updated - please use normal builds)  * [[http://nusquama.org/~max/d-i/crypto/|Old daily builds]] ( /!\ no longer updated - please use normal builds)

partman-crypto adds support to DebianInstaller for configuring, setting up and installing onto encrypted block devices. It allows users to setup loop-AES, dm-crypt and LUKS encrypted partitions for their Debian system during installation. partman-crypto is intended to use secure defaults while allowing experienced users to change settings as they require.

Status

partman-crypto is now included in beta3 and daily builds of DebianInstaller. Support for plain dm-crypt, LUKS and loop-AES is mostly complete and tested. The current focus is on testing the existing features, fixing known bugs and on improving usability. Bugs and feature requests are tracked on the partman-crypto BTS page.

/!\ IMPORTANT: partman-crypto is still in development and has not received an independent audit for weak keys, leaking of key data or other implementation flaws. Please don't use it for production before a stable release.

Resources

Ideas, Features, Problems

This sections is about ideas, feature requests, known problems and how those could be solved/implemented/etc. Feel free to add any features that you'd like to see.

Key generation / Lack of entropy

Encryption keys for loop-AES (and random keys for dm-crypt) are created from /dev/random. It is important that we have a good source of entropy to allow us to extract the required a mount of key data from /dev/random (each loop-AES v3 key requires 2925 bytes of random data). Currently the low amount of entropy in the kernel pool causes the key generation to block for a long time.

There are some ideas for how to solve this:

  • Don't create keys from inside d-i; Ask users to create them on another system and provide them to partman-crypto on a removable device.
  • Ask the user to type randomly on the keyboard. This is done by cdebconf-entropy. It turned out that typing alone requires too many key presses to be user-friendly. The plugin is still used to show a progressbar during key creation.
  • Use a hardware RNG if available. One problem with doing this is that not many systems actually have a usable hardware RNG and that detecting them is very difficult. There is also the issue of bad HWRNGs that produce low-quality output. Packages like rng-tools implement FIPS-140-2 tests before feeding the kernel pool to protect against this.
  • Use non-RNG hardware devices that may produce random output. Examples of this are audio and video devices which can be sourced using audio-entropyd or video-entropyd. Here the problem of low-quality randomness exists as well.

The current idea is to check if rngd (package rng-tools) could be extended to read from one or more FIFOs and character devices, do FIPS tests and feed the kernel entropy pool. If this is feasible audio-entropyd, video-entropyd, software for collecting network traffic timings etc. could be packaged and be made to feed rngd. TODO: Ask the maintainer of rng-tools (hmh@d.o) if this approach is sound and practically feasible.

Contributing

People working on partman-crypto currently include

If you would like to contribute, send feedback, suggestions or criticism, get in touch with us on the Debian Boot mailinglist <debian-boot@lists.debian.org>

History