[dm-crypt] Dmcrypt and hibernate key disclosure
arno at wagner.name
Fri Jan 7 03:49:11 CET 2011
On Fri, Jan 07, 2011 at 09:40:09AM +0800, Aaron Lewis wrote:
> If i hibernate with an device opened , before i resume , an image was
> written on swap partition , will there be a problem with my secret key's
> disclosure ?
> Just an off-line attack , if swap is not encrypted.
> And is there any suggestion for this special operation ? Because my
> root partition is also encrypted , so i can't simply close that device
> before hibernation took place.
Did a Google search and ended up at something I said here some
time ago that did not really help ;-)
First, I do not know for sure how hibernation works. I never
used it. What I could find out, is that hobernation does
shut down the computer and boots it up into an image of
the pre-hibernation state instead of going through the
normal boot sequence.
As fas as I can tell, all suspend methods do store all
used memory pages to swap, and that definitely includes
the kernel pages with the disk encryption keys.
Now, with uncencrypted swap, that clearly exposes the keys.
There seems to be an option to encrypt swap with a temporary
key that gets wiped after resume. This way the encryption keys
would be exposed during hibernation, but not after wakeup.
It seems that with the swsup hibernation method that may
be default behaviour. Some explanation here:
The other option would be to modify the resume process to
ask you for the passphrase to the swap partition. I don't
know whether that is possible. It seems to me that there
is actually no software hook or script thet gets executed
during resume, but that it is a full kernel-internal
operation. I also see no reference to a possibility to pass
swap encryption keys to the kernel. In this case, there is
no way around the exposure during hibernate.
I see a possible alternate way to do this. Use a virtualized
environment for your system and suspend that to a device
encrypted by the base system. Then you can hibernate the
virtualized system, do a normal shutdown and reboot of the
base system, configure the encrypted filesystem and unsuspend
the virtual machine from it. I do that with a virtual
machine for working on confidential data. More effort, but
suspend to disk (=hibernation) and security do not really mix.
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno at wagner.name
GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans
If it's in the news, don't worry about it. The very definition of
"news" is "something that hardly ever happens." -- Bruce Schneier
More information about the dm-crypt