encrypted root filesystem

Robert Connolly cendres at videotron.ca
Tue Feb 24 10:51:17 PST 2004


On February 24, 2004 12:00 pm, Ian Molton wrote:
> On Tue, 24 Feb 2004 11:27:12 -0500
> Bennett Todd <bet at rahul.net> wrote:
> > > I guess we'll need to be cleverer than brute force ;-)
> >
> > By all means, do so. If you pull it off for AES, you will
> > immediately leap to the fore of the worlds cryptanalysts. No smiley.
>
> Heh. not today I think :)

I think there are a number of ways to _try_ to defeat loopback encryption. If 
the swap space is dumped on a kernel panic then its not too hard to plug 
something into a running linux to make the kernel panic, but this doesn't 
apply to everyone. Laptops (or desktops) in suspend mode might swap out the 
encryption key to plain text on the swap partition, I don't think this works 
if the swap is encrypted, but I'm not sure. Or the root login can read memory 
and find the key. There are some kernel patches to prevent this, but its 
unfriendly territory when you're trying to protect the kernel from root. And 
of course when the key was first made, if it was ever written in plain text 
to a file or swap it can be recovered, including new keys made under the 
first.
I have used aes256 for short periods over the whole disc, was able to play dvd 
and whatnot without a significant difference. It was slower but it didn't 
bother me much. Seek time is a bit slower but after its in shared memory its 
the same.
Some ppl will have no use for this at all, just like anything else.




More information about the hlfs-dev mailing list