From: Milan Broz <mbroz@redhat.com>
To: Richard <rz@linux-m68k.org>
Cc: dm-crypt@saout.de
Subject: Re: [dm-crypt] Dmcrypt and hibernate key disclosure
Date: Tue, 11 Jan 2011 18:08:14 +0100 [thread overview]
Message-ID: <4D2C8E7E.1030201@redhat.com> (raw)
In-Reply-To: <20110111163513.GA16839@rz>
On 01/11/2011 05:35 PM, Richard wrote:
> On Tue, Jan 11, 2011 at 11:31:37AM +0100, Milan Broz wrote:
>> What is not safe is suspend to RAM. Maybe someone should start to use
>> luksSuspend to at least clear encryption key from memory but it is not
>> as easy implement as it seems:)
>
> surely luksSuspend would make it safer but still complete RAM would be left
> unprotected which can be a lot of information. Did anyone look inot encrypting
> RAM before suspend?
That's not probably easily done and I think it is not worth to try - simple
use hibernation here.
(Of course if there is support in hw it is easy.)
> As it is now it is also not trivialy broken - getting the filesystems would
> involve breaking screen saver locking, breaking in through network or other
> interfaces or freezing the computer to retrieve and examine ramchips.
Just reset and boot memory dumper, chances that you get the encryption key are
very high (memory dumper uses just few pages and BIOSes do not wipes memory
during reboot). It is quite easy.
(of course you can disable USB/PXE/CDROM boot etc but in principle it is still problem.)
> seems dm or something else is slow enough that id does not matter at all.
LVM (linear mapping) will not slow down it, with comparison to encryption
time for remapping is completely insignificant.
If you have some strange numbers, report a bug and add your configuration description,
but I know how the kernel works - there is really nothing complex on this path.
Usually problem is with some misaligned devices - but this can happen even with partitions.
Milan
prev parent reply other threads:[~2011-01-11 17:08 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-01-07 1:40 [dm-crypt] Dmcrypt and hibernate key disclosure Aaron Lewis
2011-01-07 2:49 ` Arno Wagner
2011-01-07 4:08 ` Bryan Kadzban
2011-01-07 4:39 ` Arno Wagner
2011-01-08 4:45 ` Bryan Kadzban
2011-01-08 11:53 ` Heiko Rosemann
2011-01-08 14:55 ` iggy
2011-01-07 10:42 ` Heiko Rosemann
2011-01-11 0:08 ` Richard
2011-01-11 9:11 ` Arno Wagner
2011-01-11 10:31 ` Milan Broz
2011-01-11 16:35 ` Richard
2011-01-11 17:08 ` Milan Broz [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4D2C8E7E.1030201@redhat.com \
--to=mbroz@redhat.com \
--cc=dm-crypt@saout.de \
--cc=rz@linux-m68k.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox