Using command (dd if=/dev/mmcblk0p1 | sha1sum) while running from initramfs
I have an opensource airgapped raspberry pi project seen at the following link: www.privatekeyvault.com
I have provided a method for installing LUKS full disk encryption seen at the following: https://github.com/johnshearing/PrivateKeyVault#setup-luks-full-disk-encryption
I am trying to mitigate against a Maid in the Middle Attack explained at following: https://github.com/johnshearing/PrivateKeyVault#preventing-the-evil-maid-or-maid-in-the-middle-attack
The concern is someone could install a malware keylogger on the boot partition and collect the password when logging into the encrypted partition while still running initramfs
Once logged into my encrypted partition, I can run the following command to see the sha1sum of the boot partition: dd if=/dev/mmcblk0p1 | sha1sum
I compare this against a previously recorded sha1sum to see if the boot partition has changed. It should never change.
I want to get the sha1sum of the boot partition before logging into the encrypted partition. In other words, before providing my password. This is while I am still running under initramfs. I understand that this is folly because anyone installing a keylogger could also install a false sha1sum program so perhaps it is best to run the sha1sum command after logging into the encrypted partition where it is not possible to change the sha1sum program. Still, I am curious if it is possible to do.
The challenge is that when running the command (df), /dev/mmcblk0p1 does not show up so my command (dd if=/dev/mmcblk0p1 | sha1sum) will not work.
Any ideas how to refer to the boot partition while in initramfs?
Also, any other ideas on how to check if someone has tampered with the boot partition before logging into the encrypted partition?
linux boot security block-device initramfs
edited Dec 12 at 8:31
Rui F Ribeiro
38.8k1479128
asked Dec 12 at 6:57
John Shearing
61
add a comment |
I have an opensource airgapped raspberry pi project seen at the following link: www.privatekeyvault.com
I have provided a method for installing LUKS full disk encryption seen at the following: https://github.com/johnshearing/PrivateKeyVault#setup-luks-full-disk-encryption
I am trying to mitigate against a Maid in the Middle Attack explained at following: https://github.com/johnshearing/PrivateKeyVault#preventing-the-evil-maid-or-maid-in-the-middle-attack
The concern is someone could install a malware keylogger on the boot partition and collect the password when logging into the encrypted partition while still running initramfs
Once logged into my encrypted partition, I can run the following command to see the sha1sum of the boot partition: dd if=/dev/mmcblk0p1 | sha1sum
I compare this against a previously recorded sha1sum to see if the boot partition has changed. It should never change.
I want to get the sha1sum of the boot partition before logging into the encrypted partition. In other words, before providing my password. This is while I am still running under initramfs. I understand that this is folly because anyone installing a keylogger could also install a false sha1sum program so perhaps it is best to run the sha1sum command after logging into the encrypted partition where it is not possible to change the sha1sum program. Still, I am curious if it is possible to do.
The challenge is that when running the command (df), /dev/mmcblk0p1 does not show up so my command (dd if=/dev/mmcblk0p1 | sha1sum) will not work.
Any ideas how to refer to the boot partition while in initramfs?
Also, any other ideas on how to check if someone has tampered with the boot partition before logging into the encrypted partition?
linux boot security block-device initramfs
edited Dec 12 at 8:31
Rui F Ribeiro
38.8k1479128
asked Dec 12 at 6:57
John Shearing
61
add a comment |
I have an opensource airgapped raspberry pi project seen at the following link: www.privatekeyvault.com
I have provided a method for installing LUKS full disk encryption seen at the following: https://github.com/johnshearing/PrivateKeyVault#setup-luks-full-disk-encryption
I am trying to mitigate against a Maid in the Middle Attack explained at following: https://github.com/johnshearing/PrivateKeyVault#preventing-the-evil-maid-or-maid-in-the-middle-attack
The concern is someone could install a malware keylogger on the boot partition and collect the password when logging into the encrypted partition while still running initramfs
Once logged into my encrypted partition, I can run the following command to see the sha1sum of the boot partition: dd if=/dev/mmcblk0p1 | sha1sum
I compare this against a previously recorded sha1sum to see if the boot partition has changed. It should never change.
I want to get the sha1sum of the boot partition before logging into the encrypted partition. In other words, before providing my password. This is while I am still running under initramfs. I understand that this is folly because anyone installing a keylogger could also install a false sha1sum program so perhaps it is best to run the sha1sum command after logging into the encrypted partition where it is not possible to change the sha1sum program. Still, I am curious if it is possible to do.
The challenge is that when running the command (df), /dev/mmcblk0p1 does not show up so my command (dd if=/dev/mmcblk0p1 | sha1sum) will not work.
Any ideas how to refer to the boot partition while in initramfs?
Also, any other ideas on how to check if someone has tampered with the boot partition before logging into the encrypted partition?
linux boot security block-device initramfs
edited Dec 12 at 8:31
Rui F Ribeiro
38.8k1479128
asked Dec 12 at 6:57
John Shearing
61
I have an opensource airgapped raspberry pi project seen at the following link: www.privatekeyvault.com
I have provided a method for installing LUKS full disk encryption seen at the following: https://github.com/johnshearing/PrivateKeyVault#setup-luks-full-disk-encryption
I am trying to mitigate against a Maid in the Middle Attack explained at following: https://github.com/johnshearing/PrivateKeyVault#preventing-the-evil-maid-or-maid-in-the-middle-attack
The concern is someone could install a malware keylogger on the boot partition and collect the password when logging into the encrypted partition while still running initramfs
Once logged into my encrypted partition, I can run the following command to see the sha1sum of the boot partition: dd if=/dev/mmcblk0p1 | sha1sum
I compare this against a previously recorded sha1sum to see if the boot partition has changed. It should never change.
I want to get the sha1sum of the boot partition before logging into the encrypted partition. In other words, before providing my password. This is while I am still running under initramfs. I understand that this is folly because anyone installing a keylogger could also install a false sha1sum program so perhaps it is best to run the sha1sum command after logging into the encrypted partition where it is not possible to change the sha1sum program. Still, I am curious if it is possible to do.
The challenge is that when running the command (df), /dev/mmcblk0p1 does not show up so my command (dd if=/dev/mmcblk0p1 | sha1sum) will not work.
Any ideas how to refer to the boot partition while in initramfs?
Also, any other ideas on how to check if someone has tampered with the boot partition before logging into the encrypted partition?
linux boot security block-device initramfs
linux boot security block-device initramfs
edited Dec 12 at 8:31
Rui F Ribeiro
38.8k1479128
asked Dec 12 at 6:57
John Shearing
61
edited Dec 12 at 8:31
Rui F Ribeiro
38.8k1479128
asked Dec 12 at 6:57
John Shearing
61
edited Dec 12 at 8:31
Rui F Ribeiro
38.8k1479128
edited Dec 12 at 8:31
Rui F Ribeiro
38.8k1479128
edited Dec 12 at 8:31
Rui F Ribeiro
38.8k1479128
38.8k1479128
asked Dec 12 at 6:57
John Shearing
61
asked Dec 12 at 6:57
John Shearing
61
asked Dec 12 at 6:57
John Shearing
61
61
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
I'm not going to answer your nominal question because there's too little information to answer. There's no particular reason why you'd need to refer to the boot partition differently from the initramfs. If the normal name doesn't work, it means the initramfs is using different paths, or hasn't loaded the driver yet at the point where you're running this command. If you want to get help with this, you have to explain in detail how you're building the initramfs and where you're adding this command.
I'm posting this as an answer and not as a comment to tell you not to bother.
What you're trying to do is fundamentally impossible. If an attacker can change your boot partition, they'll just change the initramfs to remove this check.
Doing the check from the encrypted partition isn't much better, but it's actually very slightly harder to attack. The adversary would have to either set up an emulated environment (technically possible, but difficult to do in a way that you wouldn't notice) or restore the boot partition to the expected state before loading your main OS (possible, but the attacker only gets one shot).
There is no way to protect against an evil maid attack if you can't trust your bootloader all the way. If there is a single untrusted step, everything that comes after it is untrusted. The only way to protect against an evil maid attack is to have a full secure boot chain, where every step verifies the next step. Each step must either halt the boot if the next step isn't authentic (and up-to-date if you're concerned about downgrade attacks), or must record the state of the next step and then send it to a third-party trusted verifier. If there is a gap in this chain of trust, then you have no way to know that the subsequent steps are reporting genuine data.
This is impossible to do on a Raspberry Pi because the ROM doesn't verify what it loads. You can't help trusting your boot partition unless you're willing to use different hardware. I unfortunately don't have a recommendation: the market isn't good for trusted boot for hobbyist projects on Arm platforms.
By the way, even if your command worked, it has a couple of flaws.
dd if=/dev/mmcblk0p1 | sha1sumis the same assha1sum </dev/mmcblk0p1. With no parameters other thanifandof,ddjust copies its input to its output. Beware that with certain parameters,ddactually corrupts the data! Don't useddunless you really need to and you're sure that the way you're using it doesn't risk corruption.- SHA-1 is broken. It's not broken for all use cases, and it would be hard to exploit in your case (someone would have to arrange to plant some crafted, harmless content into the legitimate boot partition), but it is irresponsible to use SHA-1 in a new design. Use
sha256sum.
answered Dec 12 at 7:50
Gilles
527k12710561580
Thanks Gilles, Will start using sha256sum without using dd. Why only one shot to restore state and where would adversary store password? I need to learn more. Maybe Linux From Scratch is a good place to start. Any suggestions? I am also thinking about hashing all the files in the boot partition in some unknown order (al la merkeltree). The advantage is the answer will not be known to the attacker before hand where as the answer to a sha256sum would be known. Do you have thoughts on this approach? I advise my users to keep card and device in tamper evident package but would like extra check.
– John Shearing
Dec 13 at 1:04
@JohnShearing “Why only one shot”: the attacker needs to arrange to report the expected hash to the encrypted software or modify the execution of the encrypted software. By far the easiest way to do that is to restore the boot partition to its pre-attack state. “The advantage is the answer will not be known to the attacker” — if you want that then use a MAC instead of the hash, but what's the point? The attacker doesn't need to know the expected hash.
– Gilles
Dec 13 at 7:52
Thanks for the clarification. Sounds like only sure test to know if there has been tampering is a test to see if the device was physically opened. And even then, how can one possibly know for sure? Looks like the best we can do is make things difficult for an attacker and perhaps more costly to open the box then the contents is worth. In any case I am enjoying the exersize and I hope other people who make the device will have fun too. Thanks again for all your help.
– John Shearing
Dec 13 at 18:32
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f487510%2fusing-command-dd-if-dev-mmcblk0p1-sha1sum-while-running-from-initramfs%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
I'm not going to answer your nominal question because there's too little information to answer. There's no particular reason why you'd need to refer to the boot partition differently from the initramfs. If the normal name doesn't work, it means the initramfs is using different paths, or hasn't loaded the driver yet at the point where you're running this command. If you want to get help with this, you have to explain in detail how you're building the initramfs and where you're adding this command.
I'm posting this as an answer and not as a comment to tell you not to bother.
What you're trying to do is fundamentally impossible. If an attacker can change your boot partition, they'll just change the initramfs to remove this check.
Doing the check from the encrypted partition isn't much better, but it's actually very slightly harder to attack. The adversary would have to either set up an emulated environment (technically possible, but difficult to do in a way that you wouldn't notice) or restore the boot partition to the expected state before loading your main OS (possible, but the attacker only gets one shot).
There is no way to protect against an evil maid attack if you can't trust your bootloader all the way. If there is a single untrusted step, everything that comes after it is untrusted. The only way to protect against an evil maid attack is to have a full secure boot chain, where every step verifies the next step. Each step must either halt the boot if the next step isn't authentic (and up-to-date if you're concerned about downgrade attacks), or must record the state of the next step and then send it to a third-party trusted verifier. If there is a gap in this chain of trust, then you have no way to know that the subsequent steps are reporting genuine data.
This is impossible to do on a Raspberry Pi because the ROM doesn't verify what it loads. You can't help trusting your boot partition unless you're willing to use different hardware. I unfortunately don't have a recommendation: the market isn't good for trusted boot for hobbyist projects on Arm platforms.
By the way, even if your command worked, it has a couple of flaws.
dd if=/dev/mmcblk0p1 | sha1sumis the same assha1sum </dev/mmcblk0p1. With no parameters other thanifandof,ddjust copies its input to its output. Beware that with certain parameters,ddactually corrupts the data! Don't useddunless you really need to and you're sure that the way you're using it doesn't risk corruption.- SHA-1 is broken. It's not broken for all use cases, and it would be hard to exploit in your case (someone would have to arrange to plant some crafted, harmless content into the legitimate boot partition), but it is irresponsible to use SHA-1 in a new design. Use
sha256sum.
answered Dec 12 at 7:50
Gilles
527k12710561580
Thanks Gilles, Will start using sha256sum without using dd. Why only one shot to restore state and where would adversary store password? I need to learn more. Maybe Linux From Scratch is a good place to start. Any suggestions? I am also thinking about hashing all the files in the boot partition in some unknown order (al la merkeltree). The advantage is the answer will not be known to the attacker before hand where as the answer to a sha256sum would be known. Do you have thoughts on this approach? I advise my users to keep card and device in tamper evident package but would like extra check.
– John Shearing
Dec 13 at 1:04
@JohnShearing “Why only one shot”: the attacker needs to arrange to report the expected hash to the encrypted software or modify the execution of the encrypted software. By far the easiest way to do that is to restore the boot partition to its pre-attack state. “The advantage is the answer will not be known to the attacker” — if you want that then use a MAC instead of the hash, but what's the point? The attacker doesn't need to know the expected hash.
– Gilles
Dec 13 at 7:52
Thanks for the clarification. Sounds like only sure test to know if there has been tampering is a test to see if the device was physically opened. And even then, how can one possibly know for sure? Looks like the best we can do is make things difficult for an attacker and perhaps more costly to open the box then the contents is worth. In any case I am enjoying the exersize and I hope other people who make the device will have fun too. Thanks again for all your help.
– John Shearing
Dec 13 at 18:32
add a comment |
I'm not going to answer your nominal question because there's too little information to answer. There's no particular reason why you'd need to refer to the boot partition differently from the initramfs. If the normal name doesn't work, it means the initramfs is using different paths, or hasn't loaded the driver yet at the point where you're running this command. If you want to get help with this, you have to explain in detail how you're building the initramfs and where you're adding this command.
I'm posting this as an answer and not as a comment to tell you not to bother.
What you're trying to do is fundamentally impossible. If an attacker can change your boot partition, they'll just change the initramfs to remove this check.
Doing the check from the encrypted partition isn't much better, but it's actually very slightly harder to attack. The adversary would have to either set up an emulated environment (technically possible, but difficult to do in a way that you wouldn't notice) or restore the boot partition to the expected state before loading your main OS (possible, but the attacker only gets one shot).
There is no way to protect against an evil maid attack if you can't trust your bootloader all the way. If there is a single untrusted step, everything that comes after it is untrusted. The only way to protect against an evil maid attack is to have a full secure boot chain, where every step verifies the next step. Each step must either halt the boot if the next step isn't authentic (and up-to-date if you're concerned about downgrade attacks), or must record the state of the next step and then send it to a third-party trusted verifier. If there is a gap in this chain of trust, then you have no way to know that the subsequent steps are reporting genuine data.
This is impossible to do on a Raspberry Pi because the ROM doesn't verify what it loads. You can't help trusting your boot partition unless you're willing to use different hardware. I unfortunately don't have a recommendation: the market isn't good for trusted boot for hobbyist projects on Arm platforms.
By the way, even if your command worked, it has a couple of flaws.
dd if=/dev/mmcblk0p1 | sha1sumis the same assha1sum </dev/mmcblk0p1. With no parameters other thanifandof,ddjust copies its input to its output. Beware that with certain parameters,ddactually corrupts the data! Don't useddunless you really need to and you're sure that the way you're using it doesn't risk corruption.- SHA-1 is broken. It's not broken for all use cases, and it would be hard to exploit in your case (someone would have to arrange to plant some crafted, harmless content into the legitimate boot partition), but it is irresponsible to use SHA-1 in a new design. Use
sha256sum.
answered Dec 12 at 7:50
Gilles
527k12710561580
Thanks Gilles, Will start using sha256sum without using dd. Why only one shot to restore state and where would adversary store password? I need to learn more. Maybe Linux From Scratch is a good place to start. Any suggestions? I am also thinking about hashing all the files in the boot partition in some unknown order (al la merkeltree). The advantage is the answer will not be known to the attacker before hand where as the answer to a sha256sum would be known. Do you have thoughts on this approach? I advise my users to keep card and device in tamper evident package but would like extra check.
– John Shearing
Dec 13 at 1:04
@JohnShearing “Why only one shot”: the attacker needs to arrange to report the expected hash to the encrypted software or modify the execution of the encrypted software. By far the easiest way to do that is to restore the boot partition to its pre-attack state. “The advantage is the answer will not be known to the attacker” — if you want that then use a MAC instead of the hash, but what's the point? The attacker doesn't need to know the expected hash.
– Gilles
Dec 13 at 7:52
Thanks for the clarification. Sounds like only sure test to know if there has been tampering is a test to see if the device was physically opened. And even then, how can one possibly know for sure? Looks like the best we can do is make things difficult for an attacker and perhaps more costly to open the box then the contents is worth. In any case I am enjoying the exersize and I hope other people who make the device will have fun too. Thanks again for all your help.
– John Shearing
Dec 13 at 18:32
add a comment |
I'm not going to answer your nominal question because there's too little information to answer. There's no particular reason why you'd need to refer to the boot partition differently from the initramfs. If the normal name doesn't work, it means the initramfs is using different paths, or hasn't loaded the driver yet at the point where you're running this command. If you want to get help with this, you have to explain in detail how you're building the initramfs and where you're adding this command.
I'm posting this as an answer and not as a comment to tell you not to bother.
What you're trying to do is fundamentally impossible. If an attacker can change your boot partition, they'll just change the initramfs to remove this check.
Doing the check from the encrypted partition isn't much better, but it's actually very slightly harder to attack. The adversary would have to either set up an emulated environment (technically possible, but difficult to do in a way that you wouldn't notice) or restore the boot partition to the expected state before loading your main OS (possible, but the attacker only gets one shot).
There is no way to protect against an evil maid attack if you can't trust your bootloader all the way. If there is a single untrusted step, everything that comes after it is untrusted. The only way to protect against an evil maid attack is to have a full secure boot chain, where every step verifies the next step. Each step must either halt the boot if the next step isn't authentic (and up-to-date if you're concerned about downgrade attacks), or must record the state of the next step and then send it to a third-party trusted verifier. If there is a gap in this chain of trust, then you have no way to know that the subsequent steps are reporting genuine data.
This is impossible to do on a Raspberry Pi because the ROM doesn't verify what it loads. You can't help trusting your boot partition unless you're willing to use different hardware. I unfortunately don't have a recommendation: the market isn't good for trusted boot for hobbyist projects on Arm platforms.
By the way, even if your command worked, it has a couple of flaws.
dd if=/dev/mmcblk0p1 | sha1sumis the same assha1sum </dev/mmcblk0p1. With no parameters other thanifandof,ddjust copies its input to its output. Beware that with certain parameters,ddactually corrupts the data! Don't useddunless you really need to and you're sure that the way you're using it doesn't risk corruption.- SHA-1 is broken. It's not broken for all use cases, and it would be hard to exploit in your case (someone would have to arrange to plant some crafted, harmless content into the legitimate boot partition), but it is irresponsible to use SHA-1 in a new design. Use
sha256sum.
answered Dec 12 at 7:50
Gilles
527k12710561580
I'm not going to answer your nominal question because there's too little information to answer. There's no particular reason why you'd need to refer to the boot partition differently from the initramfs. If the normal name doesn't work, it means the initramfs is using different paths, or hasn't loaded the driver yet at the point where you're running this command. If you want to get help with this, you have to explain in detail how you're building the initramfs and where you're adding this command.
I'm posting this as an answer and not as a comment to tell you not to bother.
What you're trying to do is fundamentally impossible. If an attacker can change your boot partition, they'll just change the initramfs to remove this check.
Doing the check from the encrypted partition isn't much better, but it's actually very slightly harder to attack. The adversary would have to either set up an emulated environment (technically possible, but difficult to do in a way that you wouldn't notice) or restore the boot partition to the expected state before loading your main OS (possible, but the attacker only gets one shot).
There is no way to protect against an evil maid attack if you can't trust your bootloader all the way. If there is a single untrusted step, everything that comes after it is untrusted. The only way to protect against an evil maid attack is to have a full secure boot chain, where every step verifies the next step. Each step must either halt the boot if the next step isn't authentic (and up-to-date if you're concerned about downgrade attacks), or must record the state of the next step and then send it to a third-party trusted verifier. If there is a gap in this chain of trust, then you have no way to know that the subsequent steps are reporting genuine data.
This is impossible to do on a Raspberry Pi because the ROM doesn't verify what it loads. You can't help trusting your boot partition unless you're willing to use different hardware. I unfortunately don't have a recommendation: the market isn't good for trusted boot for hobbyist projects on Arm platforms.
By the way, even if your command worked, it has a couple of flaws.
dd if=/dev/mmcblk0p1 | sha1sumis the same assha1sum </dev/mmcblk0p1. With no parameters other thanifandof,ddjust copies its input to its output. Beware that with certain parameters,ddactually corrupts the data! Don't useddunless you really need to and you're sure that the way you're using it doesn't risk corruption.- SHA-1 is broken. It's not broken for all use cases, and it would be hard to exploit in your case (someone would have to arrange to plant some crafted, harmless content into the legitimate boot partition), but it is irresponsible to use SHA-1 in a new design. Use
sha256sum.
answered Dec 12 at 7:50
Gilles
527k12710561580
answered Dec 12 at 7:50
Gilles
527k12710561580
answered Dec 12 at 7:50
Gilles
527k12710561580
answered Dec 12 at 7:50
Gilles
527k12710561580
527k12710561580
Thanks Gilles, Will start using sha256sum without using dd. Why only one shot to restore state and where would adversary store password? I need to learn more. Maybe Linux From Scratch is a good place to start. Any suggestions? I am also thinking about hashing all the files in the boot partition in some unknown order (al la merkeltree). The advantage is the answer will not be known to the attacker before hand where as the answer to a sha256sum would be known. Do you have thoughts on this approach? I advise my users to keep card and device in tamper evident package but would like extra check.
– John Shearing
Dec 13 at 1:04
@JohnShearing “Why only one shot”: the attacker needs to arrange to report the expected hash to the encrypted software or modify the execution of the encrypted software. By far the easiest way to do that is to restore the boot partition to its pre-attack state. “The advantage is the answer will not be known to the attacker” — if you want that then use a MAC instead of the hash, but what's the point? The attacker doesn't need to know the expected hash.
– Gilles
Dec 13 at 7:52
Thanks for the clarification. Sounds like only sure test to know if there has been tampering is a test to see if the device was physically opened. And even then, how can one possibly know for sure? Looks like the best we can do is make things difficult for an attacker and perhaps more costly to open the box then the contents is worth. In any case I am enjoying the exersize and I hope other people who make the device will have fun too. Thanks again for all your help.
– John Shearing
Dec 13 at 18:32
add a comment |
Thanks Gilles, Will start using sha256sum without using dd. Why only one shot to restore state and where would adversary store password? I need to learn more. Maybe Linux From Scratch is a good place to start. Any suggestions? I am also thinking about hashing all the files in the boot partition in some unknown order (al la merkeltree). The advantage is the answer will not be known to the attacker before hand where as the answer to a sha256sum would be known. Do you have thoughts on this approach? I advise my users to keep card and device in tamper evident package but would like extra check.
– John Shearing
Dec 13 at 1:04
@JohnShearing “Why only one shot”: the attacker needs to arrange to report the expected hash to the encrypted software or modify the execution of the encrypted software. By far the easiest way to do that is to restore the boot partition to its pre-attack state. “The advantage is the answer will not be known to the attacker” — if you want that then use a MAC instead of the hash, but what's the point? The attacker doesn't need to know the expected hash.
– Gilles
Dec 13 at 7:52
Thanks for the clarification. Sounds like only sure test to know if there has been tampering is a test to see if the device was physically opened. And even then, how can one possibly know for sure? Looks like the best we can do is make things difficult for an attacker and perhaps more costly to open the box then the contents is worth. In any case I am enjoying the exersize and I hope other people who make the device will have fun too. Thanks again for all your help.
– John Shearing
Dec 13 at 18:32
Thanks Gilles, Will start using sha256sum without using dd. Why only one shot to restore state and where would adversary store password? I need to learn more. Maybe Linux From Scratch is a good place to start. Any suggestions? I am also thinking about hashing all the files in the boot partition in some unknown order (al la merkeltree). The advantage is the answer will not be known to the attacker before hand where as the answer to a sha256sum would be known. Do you have thoughts on this approach? I advise my users to keep card and device in tamper evident package but would like extra check.
– John Shearing
Dec 13 at 1:04
Thanks Gilles, Will start using sha256sum without using dd. Why only one shot to restore state and where would adversary store password? I need to learn more. Maybe Linux From Scratch is a good place to start. Any suggestions? I am also thinking about hashing all the files in the boot partition in some unknown order (al la merkeltree). The advantage is the answer will not be known to the attacker before hand where as the answer to a sha256sum would be known. Do you have thoughts on this approach? I advise my users to keep card and device in tamper evident package but would like extra check.
– John Shearing
Dec 13 at 1:04
@JohnShearing “Why only one shot”: the attacker needs to arrange to report the expected hash to the encrypted software or modify the execution of the encrypted software. By far the easiest way to do that is to restore the boot partition to its pre-attack state. “The advantage is the answer will not be known to the attacker” — if you want that then use a MAC instead of the hash, but what's the point? The attacker doesn't need to know the expected hash.
– Gilles
Dec 13 at 7:52
@JohnShearing “Why only one shot”: the attacker needs to arrange to report the expected hash to the encrypted software or modify the execution of the encrypted software. By far the easiest way to do that is to restore the boot partition to its pre-attack state. “The advantage is the answer will not be known to the attacker” — if you want that then use a MAC instead of the hash, but what's the point? The attacker doesn't need to know the expected hash.
– Gilles
Dec 13 at 7:52
Thanks for the clarification. Sounds like only sure test to know if there has been tampering is a test to see if the device was physically opened. And even then, how can one possibly know for sure? Looks like the best we can do is make things difficult for an attacker and perhaps more costly to open the box then the contents is worth. In any case I am enjoying the exersize and I hope other people who make the device will have fun too. Thanks again for all your help.
– John Shearing
Dec 13 at 18:32
Thanks for the clarification. Sounds like only sure test to know if there has been tampering is a test to see if the device was physically opened. And even then, how can one possibly know for sure? Looks like the best we can do is make things difficult for an attacker and perhaps more costly to open the box then the contents is worth. In any case I am enjoying the exersize and I hope other people who make the device will have fun too. Thanks again for all your help.
– John Shearing
Dec 13 at 18:32
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f487510%2fusing-command-dd-if-dev-mmcblk0p1-sha1sum-while-running-from-initramfs%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
