Re: summary Re: encrypted swap

David Wagner (daw@mozart.cs.berkeley.edu)
8 Aug 2001 04:58:42 GMT


Ben Ford wrote:
>David Wagner wrote:
>>You missed some scenarios. Suppose I run a server that uses crypto.
>>If swap is unencrypted, all the session keys for the past year might
>>be laying around on swap. If swap is encrypted, only the session keys
>>since the last boot are accessible, at most. Therefore, using encrypted
>>swap clearly reduces the impact of a compromise of your machine (whether
>>through theft or through penetration). This is a good property.
>
>Wiping swap on boot will achieve the same effect.

No, it won't. Or rather: Yes, it would, if you could erase data
reliably, but it's not clear that you can. Once again, please see
Peter Gutmann's paper on the difficulty of erasing data reliably.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/