[dm-crypt] Dmcrypt and hibernate key disclosure

Richard rz at linux-m68k.org
Tue Jan 11 17:35:13 CET 2011


On Tue, Jan 11, 2011 at 11:31:37AM +0100, Milan Broz wrote:

> Sorry I do not follow this thread but Fedora uses by default 
> (= "encrypt the whole system" checkbox in installer) unencrypted
> boot partition (where initramdisk resides) and LUKS encrypted PV on
> the second partition, on top of it is root and swap LVs.
> (So the whole system is encrypted except boot initramfs.)
> 
> The same is quite common in other distros too.
> 
> During boot, initramfs must ask for passphrase to PV, the same for hibernate
> (suspend to disk - ram image is stored to swap partition LV).

to sum up, I am quite pleased with Fedora in this respect. Makes full system
encryption including safe hibernation as trivial as checking a checkbox during
installation.

> What is not safe is suspend to RAM. Maybe someone should start to use
> luksSuspend to at least clear encryption key from memory but it is not
> as easy implement as it seems:)

surely luksSuspend would make it safer but still complete RAM would be left
unprotected which can be a lot of information. Did anyone look inot encrypting
RAM before suspend?

As it is now it is also not trivialy broken - getting the filesystems would 
involve breaking screen saver locking, breaking in through network or other 
interfaces or freezing the computer to retrieve and examine ramchips. 
Otoh chances are not bad that the average adversary upon seeing a locked session 
will just do a stupid reboot and loose every chance to hack into it.

> Btw do not afraid of LVM in this scheme - mapping is just linear, so
> the only mapping operation in kernel is adding offset and switching device
> so there should be no measurable performance problem (there is no cache
> or so).

seems dm or something else is slow enough that id does not matter at all.

Richard

---
Name and OpenPGP keys available from pgp key servers



More information about the dm-crypt mailing list