On Thu, Sep 20, 2001 at 03:42:37PM +0300, Jari Ruusu wrote: > My script reads a md5sum of first 40 KB of previously encrypted swap and > uses that as additional entropy for _new_ swap encryption key. 20 overwrites > are there to fade out existing traces of that data so that entropy for _new_ > key can not be recovered. Later on in the script, that same 40 KB is > overwritten once more using encrypted "zero" data, and possibly at runtime > with encrypted "swap" data. > Good point. I missed that. Presumably then, the encryption algorithm can be relied on not to give away any information if the entire contents are initially the same? > > Perhaps there should be a stop script in which the > > "overwrite ten times" occurs instead/also. > No need for that. Swap data is encrypted using unknown key. Only depends on your paranoia level. But I'd probably pass on it myself and agree with you. > No need to do that. Only data that gets written to swap needs to be > encrypted. It does not matter if an attacker knows which sectors were > written as long as one is using a strong algorithm. It's all a matter of how much you give away. Practically you are right; but a little bit of info here, a little bit there, and who knows? > losetup/mount programs lock their RAM so that they cannot be swapped. > Shells, uuencode and other programs do not. Which says that the output of the set of pipes might show up in swap memory if swap is enabled at the time this happens. Again, it's not a likely thing because this will have to happen before mountall.sh start time, and there would be no swap... Hmmm. but does previously used memory get zeroed before another task gets it? If so even the previously pinned traces could end up in swap. -- ------------------------------------------------------ Use Linux: A computer Dale Amon, CEO/MD is a terrible thing Village Networking Ltd to waste. Belfast, Northern Ireland ------------------------------------------------------ Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
