-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dan Hollis wrote: > On Wed, 8 Sep 2004, Jari Ruusu wrote: > >>- Added key scrubbing support for AES loop cipher. This feature is not >> enabled by default because it doubles storage space requirement for loop >> encryption keys. To enable, add KEYSCRUB=y parameter to loop module make >> command. (2.4 and 2.6 kernels only). > > > What is key scrubbing? http://loop-aes.sourceforge.net/loop-AES.README states: Loop encryption key scrubbing moves and inverts key bits in kernel RAM so that the thin oxide which forms the storage capacitor dielectric of DRAM cells is not permitted to develop detectable property. For more info, see Peter Gutmann's paper: http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html i found an article which could perhaps explain why something like this would be needed at all: http://www.mail-archive.com/openssl-users@xxxxxxxxxxx/msg32045.html Christian. - -- BOFH excuse #11: magnetic interference from money/credit cards -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBP5Ap+A7rjkF8z0wRAh8xAKDCezd8ydR08ZD6iBGJs3Bc4iS3rQCgoanQ Nglby14ygvBBNQJIQ+8B3DA= =pf0m -----END PGP SIGNATURE----- - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
