From owner-freebsd-current Tue Aug 22 9: 8:26 2000 Delivered-To: freebsd-current@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id 5296F37B422 for ; Tue, 22 Aug 2000 09:08:22 -0700 (PDT) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.9.3/8.9.3) with SMTP id MAA05683; Tue, 22 Aug 2000 12:08:04 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Tue, 22 Aug 2000 12:08:04 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Walter Belgers Cc: freebsd-current@freebsd.org Subject: Re: Q: encrypted swap In-Reply-To: <20000822103856.A18347@teletubbie.het.net.je> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tue, 22 Aug 2000, Walter Belgers wrote: > Last week I was at USENIX where Niels Provos talked about his > implementation of encrypted swap in OpenBSD. What is does is encrypting > all memory that gets swapped out, keeping the encryption keys in memory. > A test showed that all kinds of interesting things wind up in the swap > partition; Niels himself found several passwords and his PGP passphrase > on his own laptop.. > > So, I think having the option to use encrypted swap on FreeBSD would be > nice. Is anybody already working on this? If not, how do I get somebody > to work on it? ;-) Walter, There has been discussion and substantial interest in an encrypted swap interface on the freebsd-security mailing list in the last month or so. It was concluded that it was best to wait until Poul-Henning Kemp finished improved infrastructure, allowing the stacking of devices and layers above devices. This would allow an abstracted "encrypted device" interface, supporting everything from encrypted swap (using a randomized key) to generic protected file systems (one key per partition protecting the file system). This would give substantial protection for those of us with mobile computing devices (generally notebooks) that have a tendancy to walk off in airports, for example :-). As an interim solution, I believe we support swap over NFS, so could swap to a local CFS partition. We could also look at solutions that cause swap partitions to be blanked at shutdown, although that's an inferior solution to true encrypted swap, as one tends to trust strong crypto a little more than the ability to delete the contents of magnetic disk platters :-). So the short of it: infrastructure work is under way that should make encrypted swap an easy addition in the near future. Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message