Re: summary Re: encrypted swap

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: daw@mozart.cs.berkeley.edu (David Wagner)
To: linux-kernel@vger.kernel.org
Subject: Re: summary Re: encrypted swap
Date: 9 Aug 2001 00:19:51 GMT	[thread overview]
Message-ID: <9kskv7$5us$1@abraham.cs.berkeley.edu> (raw)
In-Reply-To: <Pine.LNX.4.33.0108071957170.3450-100000@dlang.diginsite.com> <3B70E4C8.2020400@blue-labs.org>

David Ford  wrote:
>You can't guarantee much if the machine is physically compromised.

You're missing the point.  The point is not about crypto keys currently
in memory.  The point is about crypto keys that were in memory five reboots
ago.  If you use unencrypted swap, those keys might have been swapped out
and might still be laying around in swap somewhere even after five reboots.
Therefore, with unencrypted swap, compromise of a machine can compromise
crypto keys (and other sensitive data) going back a long way.

In contrast, if you use encrypted swap, compromise of your machine can
only compromise crypto keys (and other sensitive data) going back to your
last reboot.  That's a big difference: encrypted swap cuts down the impact
of a penetration or other compromise of your machine.  *This* is one of
the really compelling security motivations for encrypted swap.

next prev parent reply	other threads:[~2001-08-09  0:23 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <fa.g4fleqv.1mle133@ifi.uio.no>
2001-08-07 21:34 ` summary Re: encrypted swap Ted Unangst
2001-08-07 21:39   ` David Spreen
2001-08-08  0:43   ` David Wagner
2001-08-08  3:30     ` Ben Ford
2001-08-08  2:59       ` David Lang
2001-08-08  7:05         ` David Ford
2001-08-08 22:34           ` Marty Poulin
2001-08-09  4:56             ` David Ford
2001-08-09  5:02               ` David Wagner
2001-08-09 15:29                 ` Andreas Dilger
2001-08-09 20:31               ` EOT " Rik van Riel
2001-08-09  0:19           ` David Wagner [this message]
2001-08-08  4:58       ` David Wagner
     [not found] <fa.fk6d0vv.vgmm1i@ifi.uio.no>
2001-08-08  5:37 ` Ted Unangst

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='9kskv7$5us$1@abraham.cs.berkeley.edu' \
    --to=daw@mozart.cs.berkeley.edu \
    --cc=linux-kernel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox