Nomen Nescio wrote:
I used the Ubuntu wiki's instructions to set up encrypted swap on my
computer, then I noticed whenever I booted it up, it would sit for a
while until I hit return a few times.
I think I figured out that the problem is /dev/random is "close to
empty" when the computer's just booted, so I changed the line in
/etc/crypttab to use /dev/urandom instead. That fixed it, so now it
keeps going through the boot-up stuff right away.
The problem isn't that the computer doesn't have much entropy when it
first boots (it stores the "pool" at last shutdown), the problem is that
it is being drained as you initialize your swap.
How insecure is it?
Using /dev/urandom? Quite secure.
Entropy estimation is a very tricky problem, and exactly when
/dev/random halts is kind of arbitrary.
When your computer first boots it probably has a full entropy pool. That
is equivalent 4096 coin tosses: very hard to guess. The clues to those
4096-bits of entropy left in your swap are not
easy to analyze. Want to be extra secure? Hit return a few times during
boot even if you do use /dev/urandom.
How motivated is your foe? Unless someone very well funded--and very
motivated--is after your secrets, you are safe. And even if the
NSA/FBI/CIA *really* are interested in your bits, they still might not
be any better off if you use /dev/urandom instead of /dev/random.
/dev/urandom produces very high quality random bits.
-kb, the Kent who is a professional who has been payed to engineer high
quality random numbers.
---------------------------------------------------------------------
dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/
To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx
For additional commands, e-mail: dm-crypt-help@xxxxxxxx
