I’m evaluating plausible attacks on a field-deployed Raspberry Pi 4 encrypted with LUKS using a Zymkey. The documentation gives an overview of the unlock process:
- The kernel initializes initramfs
- initramfs presents the locked LUKS key to Zymkey
- Zymkey validates the signature and decrypts the key*
- The decrypted key is presented to LUKS and the root file system is then decrypted
My reading of the above leads me to the assumption that the decrypted key is handed to LUKS plaintext over i2c. I.e, there was no handshake prior in order to use asymmetric keys to securely hand the unlock password across the i2c. Is this correct? Can the data pin be “sniffed” to reveal the password?
Regards