Encrypted block devices and suspend to ram

From: Christian Bahls - gmx.de
Date: Thu Dec 20 2012 - 08:05:30 EST

Dear all,

please excuse if it looks like blind ignorance on my part
should this topic already have been brought and up
and being missed by my shallow web search.

I would have a feature request for encrypted block devices
(using LUKS especially)

I would be really grateful if the kernel had an option to scrub
all key related material before suspending to ram
and reinitialize the encrypted block device on wake up.

This would thwart all sorts of social and physical attacks on the device.

Has something like this ever been attempted?

Kind regards
Christian Bahls
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/