> That's a good idea. Linux already has a beautiful API for encrypted block
> devices (to be used for filesystems ultimately) that is available at
> http://www.kerneli.org/ .
>>From what I understand, those can't be used to make a secure swap
> partition because they occaisionally need to allocate more memory.
What for ???
> A swap-out would cause a very nasty catch-22.
> I know very little about "strong" cryptographic algorithms, so I'm not
> sure if any exist that would have reasonably stable memory usage.
Ok. Most "strong" symmetric (we need symmetric crypto for swap!) cryptgraphic
algorithms have the same memory usage: some structure (not very big) is
allocated on initialization but NO allocations are needed in crypto process
itself. IMO much bigger problem is speed. Blowfish will give you 4MiB/sec
with 100% processor usage on Pentium200MMX and blowfish is pretty fast (but of
course not fastest available) algorithm. If you need real security it can be
tolerable though...
> Also... grabbing a key from the entropy available at "first swap" isn't
> necessarily a good idea. What if there isn't enough entropy?
Block and wait.
> Go unsecure? Worse, block until entropy replenishes... (as is normal for
> /dev/random) yuck.
Why it's so problematic ?
> Many distributions have a random seed they store when they shut down, and
> restore when they start up. This keeps a sufficient level of entropy, but
> then you are depending on userland to do something before swapping is
> necessary. This isn't necessarily bad, after all userland needs to
> /sbin/swapon before anything happens anyway. The Mounting of the swap
> seems to be logical place to pull a key out of entropy.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/