Zymkey and LUKS sniff attack?

cbriggs · October 4, 2021, 4:07am

I’m evaluating plausible attacks on a field-deployed Raspberry Pi 4 encrypted with LUKS using a Zymkey. The documentation gives an overview of the unlock process:

The kernel initializes initramfs
initramfs presents the locked LUKS key to Zymkey
Zymkey validates the signature and decrypts the key*
The decrypted key is presented to LUKS and the root file system is then decrypted

My reading of the above leads me to the assumption that the decrypted key is handed to LUKS plaintext over i2c. I.e, there was no handshake prior in order to use asymmetric keys to securely hand the unlock password across the i2c. Is this correct? Can the data pin be “sniffed” to reveal the password?

Regards

Bob_of_Zymbit · October 5, 2021, 12:02am

@cbriggs - See the answer here:

cbriggs · October 5, 2021, 12:58am

My apologies. I thought I had searched sufficiently but clearly I hadn’t.

Thank-you kindly for the swift response and answer.

Topic		Replies	Views
Read-only LUKS encrypted root filesystem, possible? ZYMKEY4	3	1233	June 13, 2019
Security of disk encryption key ZYMKEY4	1	1222	March 18, 2019
Removing the Zymkey after decryption? Encrypting File System	2	184	October 26, 2023
Newbuy questions Getting Started	5	218	February 17, 2024
Zymkey 4i, Ubuntu Desktop 21.10, Rpi4, LUKS Encrypting File System	1	667	July 12, 2023

Zymkey and LUKS sniff attack?

Related Topics