Hi; I was trying to find out some information on the security of dm-crypt against DRAM data retention attacks, and couldn't find any. This leads one to wonder if there is any, and if not, is there something in the works. Now, my interest was piqued obviously by the currently publisized information on DRAM retaining readily readable information longer than traditionally expected, but it's actually Gutmann's older oxidization based attack that is more interesting as one can actively defend against it. It was nice to notice that the dm-crypt wiki links to the article, so it's clearly known by the developers, but I haven't found a documentation or mailing list reference that actually said anything about any countermeasures such as the one suggested by Gutmann himself. I did find a mail from January last year that noted loop-aes having such a feature (option KEYSCRUB=y) and dm-crypt not. Has there been any progress in this regard? If not, are there plans, and is there some spesific holdup? As for the currently advertised DRAM data retention, of course there's nothing much one can do about that (except to only keep drives mounted as necessary). I would like to verify though that unmapping a dm-crypt encrypted volume does overwrite the key memory area as is sensible, yes? Thanks for any information on the subject. -- Mikko Rauhala - mjr@xxxxxx - <URL:http://www.iki.fi/mjr/> Transhumanist - WTA member - <URL:http://www.transhumanism.org/> Singularitarian - SIAI supporter - <URL:http://www.singinst.org/> --------------------------------------------------------------------- dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
