| 1 |
-----BEGIN PGP SIGNED MESSAGE----- |
| 2 |
Hash: SHA1 |
| 3 |
|
| 4 |
Duncan wrote: |
| 5 |
> |
| 6 |
> Well, there's could, and there's groking what it's actually doing, in case |
| 7 |
> there's a problem and to ensure it's actually encrypting it. (I |
| 8 |
> /seriously/ hope that mention of uuencode doesn't mean they're using /it/ |
| 9 |
> to "encrypt", for instance. A quick look say they aren't, but that |
| 10 |
> doesn't tell me what's actually going on yet, either.) |
| 11 |
|
| 12 |
Ok, in a nutshell: |
| 13 |
|
| 14 |
1. Generate MD5 hash of first 40k of previous swap volume (essentially |
| 15 |
a source of entropy). In my opinion it isn't needed but probably |
| 16 |
couldn't hurt. |
| 17 |
|
| 18 |
2. Wipe that 40k 20 times - just so nobody can figure out what that |
| 19 |
hash might have been later. |
| 20 |
|
| 21 |
3. Generate a random encryption key (WHOA - why on earth is that script |
| 22 |
using urandom for this - it only pulls 18 bytes - I just changed it to |
| 23 |
/dev/random in mine (more secure in the event the entropy pool gets low |
| 24 |
- - although normally they are the same)). For those not in the know, |
| 25 |
/dev/random blocks if it runs out of entropy, but /dev/urandom just |
| 26 |
gives out a less random value. If you need 50MB of random data you have |
| 27 |
to use urandom if you don't want to freeze the system for 12 hours, but |
| 28 |
for 18 bytes we can afford to wait for quality data. |
| 29 |
|
| 30 |
4. /dev/(u)random dumps binary data - losetup wants something more sane |
| 31 |
as a key, so uuencode is used to convert to text. No source of |
| 32 |
compromise here - the original data was random so the uuencoded data is |
| 33 |
still random (it is now constrained in potential output values, but is |
| 34 |
longer which compensates). |
| 35 |
|
| 36 |
5. Set up the loop device using the output of steps 1 and 4 |
| 37 |
concatenated as an encryption key (losetup will generate a SHA-512 key |
| 38 |
from the text key and use that for actual encryption). |
| 39 |
|
| 40 |
6. Wipe out the variables containing the two key components (probably |
| 41 |
doesn't accomplish much). The keys will be in RAM somewhere for as long |
| 42 |
as the swap is mounted and only root can hunt for the keys either way. |
| 43 |
|
| 44 |
7. Zero the start of the encrypted loop device - mainly just to make |
| 45 |
mkswap happy in case the device ends up looking like some other type of |
| 46 |
partition. |
| 47 |
|
| 48 |
8. Create and use the swap device. |
| 49 |
|
| 50 |
|
| 51 |
> If I'm going to be |
| 52 |
> running encrypted swap, I'm going to need to know all about what I'm using |
| 53 |
> to encrypt it (losetup here, it seems), and how that plays with my |
| 54 |
> four-way striped swap (a four gig partition on each of my four SATA |
| 55 |
> drives, all set pri=1 so the kernel stripes it for performance), among |
| 56 |
> other things. If I can't rest assured it's working well, why bother? |
| 57 |
> |
| 58 |
|
| 59 |
I'd just make SWAPDEVICE and LOOPDEV command-line parameters and then |
| 60 |
call the script 4 times. |
| 61 |
|
| 62 |
> swap again, wipe the partitions, and simply leave swap off. Only if they |
| 63 |
> ever get suspend to disk working semi-reliably... |
| 64 |
|
| 65 |
Not sure encrypted swap will play well with suspend to disk. Somehow |
| 66 |
when the system wakes up it needs to find out what the encryption key |
| 67 |
actually was, otherwise the loop device can't be reactivated. Now, it |
| 68 |
is possible that the kernel will just write the key to disk somewhere, |
| 69 |
but this defeats much of the security of an encrypted swap device (where |
| 70 |
after a reboot the swap space is impossible to read without a brute |
| 71 |
force attack on AES-CBC). If the key isn't written to disk the kernel |
| 72 |
will boot and look around and not see any valid swap partitions on the |
| 73 |
disk at all. |
| 74 |
|
| 75 |
-----BEGIN PGP SIGNATURE----- |
| 76 |
Version: GnuPG v1.4.5 (GNU/Linux) |
| 77 |
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org |
| 78 |
|
| 79 |
iD8DBQFFO2EGG4/rWKZmVWkRAsRsAKCoF3LGq2Qw+jvQI6W+1i5A0i2hXwCgifEl |
| 80 |
oWpJqZG0t7txICyhZhQhu/Q= |
| 81 |
=AdpP |
| 82 |
-----END PGP SIGNATURE----- |
Archives