Is there a possibility to make Linux install automatically delete the data if wrong decryption key is set x amount of times?
Would be nice too, if it started automatically to overwrite the data too even full disk overwrite takes a lots of time.
I tried to google docs, but I don’t know the right words.
You have no control over how an adversary accesses the drive, so no.
However, if it’s enough to erase the data if wrong key is entered AND the original operating system is running it should be possible. But I agree, that limitation doesn’t really make sense in a security point of view.
Besides that, I believe that luks encryption with sufficiently complex password (and updates) is practically the same than empty drive for the attacker. More interesting setup would be to give out different data depending on which key is given, there was some windows-based software which could do that back in the day, I’m not sure if it’s still around and don’t remember the name for it right now.
It would at least add a layer of obfuscation if someone extorts a key from the owner.
This is the correct answer. Your best bet is to simply make your encryption as strong as possible, because once an attacker gains access, they will be able to clone the encrypted data and access it in any way they choose. Any sort of interventions you put in place will only work on your machine.
That’s what I was thinking. If someone realllly wanted to break into your computer, they would take your storage device and brute force there. The decryption screen that shows on boot will probably prevent a brute force attack.