On 20-05-30 21:02:11, Chris Murphy wrote: ...
Full disk encryption doesn't adequately secure the hibernation image either. Authenticated encryption (signing as well as encryption) is needed to verify the image hasn't been tampered.
What can an attacker do other than corrupt the data? It is encrypted. With tamper detection, does a single bit changed deny the use of the hibernated image? In either case, what can an attacker accomplish?
The upstream work, cited in the document, gets into the details, and what additional work is needed for the next revision.
Which reference is that? #5? It seemed short. -- ____________________________________________________________________ TonyN.:' <mailto:tonynelson@xxxxxxxxxxxxxxxxx> ' <http://www.georgeanelson.com/> _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx