From: Pavel Machek <pavel@suse.cz>
To: Dan Podeanu <pdan@spiral.extreme.ro>,
Torrey Hoffman <torrey.hoffman@myrio.com>
Cc: "'David Maynor'" <david.maynor@oit.gatech.edu>,
linux-kernel@vger.kernel.org
Subject: Re: encrypted swap
Date: Tue, 7 Aug 2001 23:44:40 +0200 [thread overview]
Message-ID: <20010807234440.A2032@bug.ucw.cz> (raw)
In-Reply-To: <D52B19A7284D32459CF20D579C4B0C0211C9A8@mail0.myrio.com> <Pine.LNX.4.33L2.0108072212590.18776-100000@spiral.extreme.ro>
In-Reply-To: <Pine.LNX.4.33L2.0108072212590.18776-100000@spiral.extreme.ro>; from Dan Podeanu on Tue, Aug 07, 2001 at 10:23:15PM +0300
Hi!
> > Now that laptop is stolen at an airport. The thief decides
> > to try to improve his take by grabbing useful information
> > from documents. The encrypted documents are untouchable,
> > of course. It _doesn't matter_ that the thief has the
> > hardware, the decryption key is protected by a passphrase
> > which is _nowhere_ on the hard drive.
> >
> > The only place that sensitive, unencrypted data could be
> > on such a machine is in swap. In fact, it is _likely_ to
> > be in swap.
> >
> > Encrypted swap solves this _particular_ problem nicely,
> > does it not?
>
> You got it bit.. wrong. Or, non-specific. If you assume that your laptop
> is stolen while its powered, then encrypted swap won't help you (strings
> /proc/kcore & the likes). If its going to be stolen while its offline, you
> can have your shutdown scripts blank the swap partition and the boot
> scripts call mkswap on it.
>
> Or, somehow better & safer (or, explain the drawback):
>
> spiral:~# dd if=/dev/zero of=/swap bs=1024k count=16
> 16+0 records in
> 16+0 records out
> spiral:~# losetup -e DES /dev/loop0 /swap
> Password:
> Init (up to 16 hex digits):
> spiral:~# mkswap /dev/loop0
> Setting up swapspace version 1, size = 16773120 bytes
> spiral:~# swapon /dev/loop0
> spiral:~# cat /proc/swaps
> Filename Type Size Used Priority
> /dev/loop0 partition 16376 0 -3
>
> There, you have the swap encrypted, up and running. Of course, if
> you need
You have your swap encrypted, but I'm not sure for how long you'll see
it running before it deadlocks. Unless -e DES and loop were designed
for use with swap (were they?), this is tricky. Does anyone know if
swapping over loop is safe?
> more fancy encryption than the default, XOR or DES, get the crypto patch.
> You only need to have a script that does the stuff, that runs when the
> system boots, without shutdown scripts (in case of power/battery failure
> these might not be executed, hence the swap would not be wiped). Of
> course, you'll need to enter the losetup password upon booting, which
> might prove annoying (then again, if kernel would provide swap
> encryption, the only way to make it non-decryptable would be for you to
> enter a password, same drawback actually).
You could generate random password each boot. Should work well enough.
Pavel
--
I'm pavel@ucw.cz. "In my country we have almost anarchy and I don't care."
Panos Katsaloulis describing me w.r.t. patents at discuss@linmodems.org
next prev parent reply other threads:[~2001-08-07 22:33 UTC|newest]
Thread overview: 104+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-08-07 18:53 encrypted swap Torrey Hoffman
2001-08-07 19:15 ` Thomas Pornin
2001-08-07 19:23 ` Dan Podeanu
2001-08-07 19:48 ` Andreas Dilger
2001-08-07 20:04 ` Marty Poulin
2001-08-07 21:06 ` David Wagner
2001-08-07 21:56 ` D. Stimits
2001-08-07 21:44 ` Pavel Machek [this message]
2001-08-07 19:48 ` Justin Guyett
2001-08-07 20:05 ` Alan Cox
2001-08-07 20:17 ` Bill Rugolsky Jr.
[not found] <fa.kmbqblv.v3uvig@ifi.uio.no>
2001-08-18 14:53 ` Encrypted Swap Ted Unangst
2001-08-18 15:17 ` Mr. James W. Laferriere
2001-08-20 11:03 ` Helge Hafting
-- strict thread matches above, loose matches on Subject: below --
2001-08-17 17:10 David Christensen
2001-08-17 17:21 ` Richard B. Johnson
2001-08-17 18:41 ` Eric W. Biederman
2001-08-17 19:05 ` Dan Hollis
2001-08-18 9:52 ` Eric W. Biederman
2001-08-18 10:24 ` Nicholas Knight
2001-08-18 12:32 ` Eric W. Biederman
2001-08-17 19:20 ` Richard B. Johnson
2001-08-18 10:34 ` Eric W. Biederman
2001-08-07 21:40 encrypted swap David Spreen
2001-08-07 17:30 Encrypted Swap David Maynor
2001-08-07 17:27 ` Rik van Riel
2001-08-07 15:28 encrypted swap David Maynor
2001-08-07 15:51 ` Florian Weimer
2001-08-07 15:06 David Maynor
2001-08-07 15:11 ` Florian Weimer
2001-08-07 15:43 ` Joel Jaeggli
2001-08-07 15:30 ` Garett Spencley
2001-08-07 16:21 ` David Spreen
2001-08-08 8:11 ` Helge Hafting
2001-08-07 14:37 David Maynor
2001-08-07 14:48 ` Billy Harvey
2001-08-07 16:03 ` Chris Wedgwood
[not found] <no.id>
2001-08-07 14:17 ` Encrypted Swap Alan Cox
2001-08-07 15:16 ` Crutcher Dunnavant
2001-08-07 16:01 ` Chris Wedgwood
2001-08-07 2:28 David Spreen
2001-08-07 3:56 ` Justin Guyett
2001-08-07 4:01 ` Chris Wedgwood
2001-08-07 4:12 ` Steve VanDevender
2001-08-07 4:23 ` John Polyakov
2001-08-07 4:36 ` Chris Wedgwood
2001-08-07 5:12 ` Garett Spencley
2001-08-07 5:55 ` Ryan Mack
2001-08-07 6:27 ` John Polyakov
2001-08-06 23:28 ` Rob Landley
2001-08-07 10:10 ` Christopher E. Brown
2001-08-07 14:05 ` Joel Jaeggli
2001-08-07 6:41 ` Crutcher Dunnavant
2001-08-07 6:57 ` Evgeny Polyakov
2001-08-07 6:45 ` Ryan Mack
2001-08-07 7:08 ` Evgeny Polyakov
2001-08-07 7:23 ` Sean Hunter
2001-08-07 8:39 ` Ben Ford
2001-08-07 12:28 ` Kevin Krieser
2001-08-07 12:39 ` Richard B. Johnson
2001-08-07 14:21 ` Ignacio Vazquez-Abrams
2001-08-07 7:26 ` Ryan Mack
2001-08-07 7:34 ` Jeffrey Considine
2001-08-07 7:49 ` Crutcher Dunnavant
2001-08-07 9:01 ` Peter Wächtler
2001-08-07 12:37 ` Michael Bacarella
2001-08-17 14:50 ` Holger Lubitz
2001-08-17 15:39 ` Richard B. Johnson
2001-08-17 15:57 ` Holger Lubitz
2001-08-17 16:34 ` Gerhard Mack
2001-08-17 16:50 ` Richard B. Johnson
2001-08-17 17:06 ` Adrian Cox
2001-08-17 17:16 ` Richard B. Johnson
2001-08-17 17:22 ` Jacob Alifrangis
2001-08-17 17:36 ` Adrian Cox
2001-08-17 18:51 ` Nicholas Knight
2001-08-17 19:30 ` Richard B. Johnson
2001-08-18 8:51 ` Adrian Cox
2001-08-18 11:02 ` Eric W. Biederman
2001-08-19 8:51 ` Adrian Cox
2001-08-20 1:27 ` Richard B. Johnson
2001-08-20 11:08 ` Helge Hafting
2001-08-20 11:50 ` Ian Stirling
2001-08-21 13:55 ` Andreas Bombe
2001-08-17 20:00 ` Andreas Dilger
2001-08-07 20:09 ` Maciej Zenczykowski
2001-08-07 7:34 ` Steve VanDevender
2001-08-07 7:55 ` Crutcher Dunnavant
2001-08-07 15:17 ` Garett Spencley
2001-08-07 7:49 ` Helge Hafting
2001-08-07 7:58 ` Crutcher Dunnavant
2001-08-07 9:23 ` Helge Hafting
2001-08-07 13:29 ` Wichert Akkerman
2001-08-07 15:56 ` Chris Wedgwood
2001-08-07 16:54 ` Alan Cox
2001-08-07 17:10 ` Chris Wedgwood
2001-08-07 9:52 ` Brian May
2001-08-07 14:48 ` Joel Jaeggli
2001-08-07 15:59 ` Chris Wedgwood
2001-08-07 16:18 ` Joel Jaeggli
2001-08-07 16:24 ` Florian Weimer
2001-08-08 2:13 ` Dr. Kelsey Hudson
2001-08-07 20:30 ` Ian Stirling
2001-08-07 10:33 ` Andrea Arcangeli
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20010807234440.A2032@bug.ucw.cz \
--to=pavel@suse.cz \
--cc=david.maynor@oit.gatech.edu \
--cc=linux-kernel@vger.kernel.org \
--cc=pdan@spiral.extreme.ro \
--cc=torrey.hoffman@myrio.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.