You are not logged in.

#1 2024-09-16 05:27:17

wleivam
Member
Registered: 2024-09-16
Posts: 1

LUKS key file generator

Hi everyone!

First of all, I want to thank the community, because all the work and documentation is really useful.

After that, I create this post to contribute to the good work and to share one of my visions... "the typed password are deprecated!". With all these AI and Quantum stuffs, our security and privacy are in danger, that's why I believe in "exponential encryption".

In this occasion, I've created a compiled script as an example (https://github.com/wleivam/binary_rust_cryptkey) to use in the disk encryption process, on the LUKS utility. The idea is to create an encrypted key file using hashes of certain data under a random order, and store the binary to generate the key on the fly in the initramfs.

This is my first post in the community, so, please, be patient.

And finally, I want to end this by quoting a book.

"If you want to keep a secret, you must also hide it from yourself". 1984 by George Orwell.

Offline

#2 2024-09-16 21:10:39

Strike0
Member
From: Germany
Registered: 2011-09-05
Posts: 1,445

Re: LUKS key file generator

Hey! Interesting, thanks for sharing.
My first thought is your contribution might as well deserve the full quote:
“If you want to keep a secret, you must also hide it from yourself. You must know all the while that it is there, but until it is needed you must never let it emerge into your consciousness in any shape that can be given a name.”
― George Orwell, 1984

If you abbreviate it to the first sentence, a method like https://wiki.archlinux.org/title/Univer … _with_LUKS may be even more suitable, because of how it hides the secret from yourself. Admittedly, a FIDO token is easier to loose as well, yet that fits the first sentence.

Offline

Board footer

Powered by FluxBB