On Thu, Oct 17, 2013 at 07:50:43AM +0200, frantisek holop wrote: > hi there, > > if i have a usb key, that is softraid encrypted, > it has 2 DUID's. the first one (before bioctl) > can be used to script bioctl when the key is inserted. > when the SR CRYPTO drive is attached, it has another > DUID. this can be used for mounting/unmounting. > > my question is, is that a security threat to have this > 2nd DUID in /etc/fstab? could it be used as "cleartext" > for brute forcing the SR CRYPTO drive?
There are many other known plaintext bits in a filesystem, starting with the FFS magic marker. I don't think DUID matters at all in this context. Now whether it's possible to mount a known plaintext attack on AES-XTS, I leave that to the cryptographers. > > i also noticed that bioctl -c C -l accepts DUID's, > but bioctl -d does not. it this by design? I would love a fix for this... > > -f > -- > i'm weird, but i'm saving up to be eccentric.
