| 1 |
One aspect of computer data security that has become important to me |
| 2 |
is the obfuscation of data on the computer hard disk. This will slow |
| 3 |
down data retrieval by unauthorized people who manage to gain |
| 4 |
unrestricted physical access to the computer. |
| 5 |
|
| 6 |
Such a scenario is becoming more likely with the rise in popularity of |
| 7 |
laptop computers as primary workstation platforms. (I am writing this |
| 8 |
on a laptop that is the only machine I use.) If someone walks off with |
| 9 |
your laptop computer, then a robust access-control-list (ACL) policy |
| 10 |
is not going to do you any good; one may simply mount the hard disk |
| 11 |
via a less-secure system and have unrestricted access to the data. |
| 12 |
|
| 13 |
I decided to encrypt the entire disk on my computer: not just per-user |
| 14 |
partitions, but the entire root (and swap, too). The reason for this |
| 15 |
is that I could not think of a straightforward way to prevent |
| 16 |
important security tokens from landing in non-user areas, such as /etc |
| 17 |
or /var/lib. |
| 18 |
|
| 19 |
Critics of whole-disk encryption claim that it's a waste of time to |
| 20 |
encrypt common files, such as the ~2GB of files that comprise the |
| 21 |
libraries and binaries of a typical Linux installation. Or worse, that |
| 22 |
such an approach can lead to known-plaintext attacks. Well: I don't |
| 23 |
see a significant performance penalty, and cipher-block-chaining mode |
| 24 |
can make known-plaintext attacks more difficult. |
| 25 |
|
| 26 |
I have been using an encrypted root hard disk for a year. I back up my |
| 27 |
data to other encrypted volumes. No data loss so far. I use the |
| 28 |
kerneli CryptoAPI with 2.4.20. |
| 29 |
|
| 30 |
This thread on Gentoo Forums has seen recent activity, discussing the |
| 31 |
use of loop-AES for hard disk encryption with 2.4.x kernels: |
| 32 |
http://forums.gentoo.org/viewtopic.php?t=31363 |
| 33 |
|
| 34 |
My recent efforts have focused on deployment of encrypted hard disks |
| 35 |
in the 2.5.x kernels. The CryptoAPI is now part of the mainline Linux |
| 36 |
tree, but loop device encryption is not. |
| 37 |
|
| 38 |
An encrypted loopback block device driver has been implemented by |
| 39 |
CryptoAPI developers as a thin layer on top of the new Linux 2.5 block |
| 40 |
device system. I believe this approach may be best for the long term, |
| 41 |
but there is relatively little discussion of this on the |
| 42 |
cryptoapi-devel mailing list. And using this driver requires patches |
| 43 |
to util-linux that have not yet been incorporated into the standard |
| 44 |
util-linux distribution. |
| 45 |
|
| 46 |
In contrast, the loop-AES implementation has been ported to the 2.5.x |
| 47 |
kernels; this is a simple port of the 2.4.x block device to the 2.5 |
| 48 |
kernel. It may not be able to take advantage of the scatterlist |
| 49 |
blockdev optimizations that the cryptoAPI incorporates. But it has a |
| 50 |
responsive developer, and it seems to work better with recent versions |
| 51 |
of util-linux (2.11z). |
| 52 |
|
| 53 |
I have not yet been able to tweak my init RAMdisks that I used for |
| 54 |
2.4.x root encryption so that they will successfully boot a 2.5 |
| 55 |
system. But I think I am close to doing so: another week or two at the |
| 56 |
most. |
| 57 |
|
| 58 |
I believe that block-level encryption is a far better approach for |
| 59 |
on-the-disk data protection than a stacked filesystem such as |
| 60 |
FiST. Creation of a FiST encryption layer would be upside-down, I |
| 61 |
think: a standard filesystem such as e2fs that "hosts" encrypted |
| 62 |
data. With FiST, the atomic units exposed to the encryption layer are |
| 63 |
file-system units: file names, dirents, etc. With block-level |
| 64 |
encryption, you encrypt blocks: opaque chunks of bytes. (FiST might be |
| 65 |
very powerful for implementing policy-based access, though...) |
| 66 |
|
| 67 |
I am very pleased by the Gentoo-Hardened effort. I think that the |
| 68 |
current focus on learning about SELinux is vital: since security is a |
| 69 |
_process_ rather than a _technology_, we need to learn how to |
| 70 |
implement meaningful security policies on our Gentoo boxes. |
| 71 |
|
| 72 |
I think that this Disk Encryption is completely orthogonal to this |
| 73 |
effort: advances in this arena will not interfere with whatever |
| 74 |
security policies are developed by the SELinux initiative. Block-level |
| 75 |
encryption is (almost) completely transparent to a running system, so |
| 76 |
ACLs and SELinux PSMs can run on top of such with *no* modification. |
| 77 |
|
| 78 |
I think that other enabling technologies like token-based access |
| 79 |
control (smart cards, USB dongles) fall somewhere in the middle: the |
| 80 |
technology (device drivers) needs to be developed, but security |
| 81 |
policies should be likewise developed to take advantage of these. |
| 82 |
|
| 83 |
So: |
| 84 |
I am working on block-level encryption. I think it is particluarly |
| 85 |
important for laptop users. I would like to co-ordinate my efforts |
| 86 |
with the Gentoo-Hardened project. |
| 87 |
|
| 88 |
Cheers! |
| 89 |
|
| 90 |
-- boyd |
| 91 |
watersb on Gentoo Forums |
| 92 |
|
| 93 |
|
| 94 |
|
| 95 |
|
| 96 |
-- |
| 97 |
gentoo-hardened@g.o mailing list |
Archives