From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from tansi.org (ns.km10532-04.keymachine.de [87.118.102.195]) by mail.saout.de (Postfix) with ESMTP for ; Fri, 7 Jan 2011 03:49:11 +0100 (CET) Received: from gatewagner.dyndns.org (84-74-164-239.dclient.hispeed.ch [84.74.164.239]) by tansi.org (Postfix) with ESMTPA id 2269F121835A for ; Fri, 7 Jan 2011 03:49:12 +0100 (CET) Date: Fri, 7 Jan 2011 03:49:11 +0100 From: Arno Wagner Message-ID: <20110107024910.GA2456@tansi.org> References: <4D266EF9.6090904@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4D266EF9.6090904@gmail.com> Subject: Re: [dm-crypt] Dmcrypt and hibernate key disclosure List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de On Fri, Jan 07, 2011 at 09:40:09AM +0800, Aaron Lewis wrote: > Hi, > If i hibernate with an device opened , before i resume , an image was > written on swap partition , will there be a problem with my secret key's > disclosure ? > > Just an off-line attack , if swap is not encrypted. > > And is there any suggestion for this special operation ? Because my > root partition is also encrypted , so i can't simply close that device > before hibernation took place. > > Thanks. Did a Google search and ended up at something I said here some time ago that did not really help ;-) First, I do not know for sure how hibernation works. I never used it. What I could find out, is that hobernation does shut down the computer and boots it up into an image of the pre-hibernation state instead of going through the normal boot sequence. As fas as I can tell, all suspend methods do store all used memory pages to swap, and that definitely includes the kernel pages with the disk encryption keys. Now, with uncencrypted swap, that clearly exposes the keys. There seems to be an option to encrypt swap with a temporary key that gets wiped after resume. This way the encryption keys would be exposed during hibernation, but not after wakeup. It seems that with the swsup hibernation method that may be default behaviour. Some explanation here: http://www.freesoftwaremagazine.com/articles/hibernate_linux The other option would be to modify the resume process to ask you for the passphrase to the swap partition. I don't know whether that is possible. It seems to me that there is actually no software hook or script thet gets executed during resume, but that it is a full kernel-internal operation. I also see no reference to a possibility to pass swap encryption keys to the kernel. In this case, there is no way around the exposure during hibernate. I see a possible alternate way to do this. Use a virtualized environment for your system and suspend that to a device encrypted by the base system. Then you can hibernate the virtualized system, do a normal shutdown and reboot of the base system, configure the encrypted filesystem and unsuspend the virtual machine from it. I do that with a virtual machine for working on confidential data. More effort, but suspend to disk (=hibernation) and security do not really mix. Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@wagner.name GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F ---- Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans If it's in the news, don't worry about it. The very definition of "news" is "something that hardly ever happens." -- Bruce Schneier