Re: encrypted swap [was: The disappearing sys_call_table export.]

Ahmed Masud (masud@googgun.com)
Wed, 14 May 2003 12:13:03 -0400 (EDT)


On Wed, 14 May 2003, [iso-8859-1] Jörn Engel wrote:
> sense to me.
>
> 1. Instead of cryptographic filesystems, you could just encrypt the
> block device.
> 2. The only reason not to do so it security. An attacker could use
> known-plaintext attacks, since some parts of the metadata can be
> reconstructed or guessed easily.
> 3. Instead of encrypted swap, you could just encrypt the block device.
> 4. The only reason reason not to do so is what?
>

The idea is to have encryption keys for the pages to be unique on a
per-uid per-process basis. So one user on the system cannot access (even
if they are root) parts of another's private data. To achieve this,
different parts of swap device need to be encrypted with different keys.

Ahmed.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/