Re: Dmcrypt and hibernate key disclosure

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Jan 11, 2011 at 01:08:16AM +0100, Richard wrote:
> On Fri, Jan 07, 2011 at 09:40:09AM +0800, Aaron Lewis wrote:
> > Hi,
> > 	If i hibernate with an device opened , before i resume , an image was
> > written on swap partition , will there be a problem with my secret key's
> > disclosure ?
> > 
> > 	Just an off-line attack , if swap is not encrypted.
> 
> swap must be encrypted. Works nicely on Fedora, one boot partition and a
> big encrypted dm0 device with several LVM partitions on top of it.
> 

Well, if you are not asked for the swap encryption key on
wakeup, basically everything is open. That would be a rather 
obvious implementation error though.

If you get asked, then it depends on the implementation, but
they do have the right idea.

Arno
-- 
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@xxxxxxxxxxx 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
----
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier 
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt


[Index of Archives]     [Device Mapper Devel]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux