Re: [PATCH encrypted swsusp 1/3] core functionality

[Herbert Xu]

On Thu, Apr 14, 2005 at 01:24:31AM +0200, Pavel Machek wrote:
>
> > The ssh keys are *encrypted* in the swap when dmcrypt is used.
> > When the swap runs over dmcrypt all writes including those from
> > swsusp are encrypted.
> 
> Andreas is right. They are encrypted in swap, but they should not be
> there at all. And they are encrypted by key that is still available
> after resume. Bad.

The dmcrypt swap can only be unlocked by the user with a passphrase,
which is analogous to how you unlock your ssh private key stored
on the disk using a passphrase.

So I don't see the problem.

> First version simply overwrote suspend image in swap with zeros. This
> is more clever way to do same thing.

This version looks to me like a custom implementation of dmcrypt that
lives inside swsusp which ends up being either less secure than simply
using dmcrypt due to the lack of a passphrase, or it's going to involve
more hacks to get a passphrase from the user at resume time.

Cheers,
-- 
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/