Re: Encrypted Swap

Ryan Mack (rmack@mackman.net)
Mon, 6 Aug 2001 23:45:33 -0700 (PDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Richard Gooch: "Re: [PATCH] one of $BIGNUM devfs races"
Previous message: David Ford: "RP_FILTER runs too late"
In reply to: John Polyakov: "Re: Encrypted Swap"
Next in thread: Rob Landley: "Re: Encrypted Swap"

> Hmmm, let us suppose, that i copy your crypted partition per bit to my
> disk.
> After it I will disassemble your decrypt programm and will find a key....
>
> In any case, if anyone have crypted data, he MUST decrypt them.
> And for it he MUST have some key.
> If this is a software key, it MUST NOT be encrypted( it's obviously,
> becouse in other case, what will decrypt this key?) and anyone, who have
> PHYSICAL access to the machine, can get this key.
> Am I wrong?

I think the point you are missing is that encrypted swap only needs to be
accessible for one power cycle. Thus the computer can generate a key at
swapon using a cryptographically strong random number source. The key is
kept in RAM. When the computer powercycles again, the old key is lost
from RAM, and a new key is generated. The old key, and thus the old
encrypted contents of swap, are permenently lost.

-Ryan

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Richard Gooch: "Re: [PATCH] one of $BIGNUM devfs races"
Previous message: David Ford: "RP_FILTER runs too late"
In reply to: John Polyakov: "Re: Encrypted Swap"
Next in thread: Rob Landley: "Re: Encrypted Swap"