search

FreeApophis / TrueCrypt

This repository applies all Versions of the Original TrueCrypt Source Files in order
Other
841 stars 296 forks source link

TrueCrypt support OpenPGP Card #23

Closed jht5945 closed 8 years ago

jht5945 commented 8 years ago

What about this idea, the password for TrueCrypt protected by OpenPGP Card, then mount a TrueCrypt disk will like this:

  1. Open TrueCrypt
  2. Select TrueCrypt Disk
  3. Plug OpenPGP Card
  4. Input OpenPGP Card PIN
  5. OpenPGP Card decrypt password
  6. The password decrypt TrueCrypt Disk

About OpenPGP Card: https://en.wikipedia.org/wiki/OpenPGP_card

rmackinnon commented 8 years ago

One problem I can see with this workflow is that a physical key (being OpenPGP or smartcard) may or may not require a court order or more to be surrendered, but in some instanced is covered by the 5th amendment here in the US[1]. Yes the pin on the card is protected as privileged information and would require compulsion by the court to be divulged[2] if the judge felt it did not violate the witnesses 5th amendment right. Nothing say though that the pin simply wouldn't just be bruit forced after the key physical is obtained. There are safeguards you can have in place within the card, but is not a guaranty that the encryption will not be broken. Also there is liability on where the "encrypted" decryption password is stored. Having the password stored (even encrypted) on a physical volume or device seems like another vector someone could use to attack your volume and forgo the need for your OpenPGP card altogether.

Personally I do like the idea of having a smartcard/pgp card as a 2FA device in addition to other certs/passwords for a volume.

[1] http://www.uclalawreview.org/the-fifth-amendment-encryption-and-the-forgotten-state-interest/ [2] https://en.wikipedia.org/wiki/In_re_Boucher

On Fri, Mar 11, 2016 at 10:01 AM, Hatter Jiang notifications@github.com wrote:

What about this idea, the password for TrueCrypt protected by OpenPGP Card, then mount a TrueCrypt disk will like this:

  1. Open TrueCrypt
  2. Select TrueCrypt Disk
  3. Plug OpenPGP Card
  4. Input OpenPGP Card PIN
  5. OpenPGP Card decrypt password
  6. The password decrypt TrueCrypt Disk

About OpenPGP Card: https://en.wikipedia.org/wiki/OpenPGP_card

— Reply to this email directly or view it on GitHub https://github.com/FreeApophis/TrueCrypt/issues/23.

mouse07410 commented 8 years ago

First, the feature I propose is not encrypting the passphrase, but encrypting the (truly randomly generated) volume key using a smart card. Instead of deriving that key from a passphrase.

Second, I had PIV cards in mind, though OpenPGP support would be fine too.

Finally, not every threat model has court orders as its highest risk. Plus, smart cards usually are PIN- or password-protected, and I'm sure one can plead the 5th for that PIN exactly the same way one would for the volume password of TrueCrypt.

mouse07410 commented 8 years ago

Forgot to mention that smart cards usually lock after some very small number of failed attempts to enter PIN. Most people,set it between 5 and 10. Official policies (such as German standard) fix it at 3. So while technically it may be possible to extract the secret from a smart card - in practice the probability of success is nil.

FreeApophis commented 8 years ago

TrueCrypt Development has been moved to CipherShed:

Lets move the discussion over there: https://github.com/CipherShed/CipherShed/issues/46