Re: [swsusp] encrypt suspend data for easy wiping

[Grzegorz Kulewski]

On Thu, 7 Jul 2005, Pavel Machek wrote:

> Hi!

Hi!

> > > > > To prevent data gathering from swap after resume you can encrypt the
> > > > > suspend image with a temporary key that is deleted on resume. Note
> > > > > that the temporary key is stored unencrypted on disk while the system
> > > > > is suspended... still it means that saved data are wiped from disk
> > > > > during resume by simply overwritting the key.
> > > >
> > > > hm, how useful is that?  swap can still contain sensitive userspace
> > > > stuff.
> > >
> > > At least userspace has chance to mark *really* sensitive stuff as
> > > unswappable. Unfortunately that does not work against swsusp :-(.
> > >
> > > [BTW... I was thinking about just generating random key on swapon, and
> > > using it, so that data in swap is garbage after reboot; no userspace
> > > changes needed. What do you think?]
> >
> > I (and many others) are doing it already in userspace. Don't you know
> > about dm-crypt? I think the idea is described in its docs or wiki...
>
> I could not find anything in device-mapper/*; do you have pointer to
> docs or wiki?

Just type dm-crypt in google and the first match is 
http://www.saout.de/misc/dm-crypt/ (the second is its wiki). Then grep 
that page for 'swap' and you are done. :-)


Grzegorz Kulewski
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/