Re: summary Re: encrypted swap

David Wagner (daw@mozart.cs.berkeley.edu)
8 Aug 2001 04:58:42 GMT

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Richard Gooch: "[PATCH] devfs v185 available"
Previous message: Marcelo Tosatti: "Re: [PATCH] total_free_shortage() using zone_free_shortage()"
Maybe in reply to: Ted Unangst: "summary Re: encrypted swap"
Next in thread: David Ford: "Re: summary Re: encrypted swap"

Ben Ford wrote:
>David Wagner wrote:
>>You missed some scenarios. Suppose I run a server that uses crypto.
>>If swap is unencrypted, all the session keys for the past year might
>>be laying around on swap. If swap is encrypted, only the session keys
>>since the last boot are accessible, at most. Therefore, using encrypted
>>swap clearly reduces the impact of a compromise of your machine (whether
>>through theft or through penetration). This is a good property.
>
>Wiping swap on boot will achieve the same effect.

No, it won't. Or rather: Yes, it would, if you could erase data
reliably, but it's not clear that you can. Once again, please see
Peter Gutmann's paper on the difficulty of erasing data reliably.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Richard Gooch: "[PATCH] devfs v185 available"
Previous message: Marcelo Tosatti: "Re: [PATCH] total_free_shortage() using zone_free_shortage()"
Maybe in reply to: Ted Unangst: "summary Re: encrypted swap"
Next in thread: David Ford: "Re: summary Re: encrypted swap"