[Pkg-cryptsetup-devel] Bug#371135: About Bug#371135: suggestion

Jonas Meurer jonas at freesources.org
Tue Jun 20 16:49:34 UTC 2006 

On 17/06/2006 Michael Gebetsroither wrote:
> >  With changing keys there is absolutely no way to identify what is
> >valid swap space area. I see two possible approaches that _might_ be
> >_theoretically_ doable:
> 
> creativity ;)
> i think there are a few more choices.
> 
> >  1. If crypttab defines an encrypted swap, use vol_id check for both
> >     the created mapping AND the actual device.
> >
> >  2. Use Jari Ruusu's watermark attack and explicitly disallow ESSIV
> >     encryption mode for swap.
> 
> 3. deprecate the usage of plain cryptodevices for swap and use luks instead.
>    we have to explicitly format on every reboot, but we would be able  
> to check.
>    This does not help against user failuers, where another luks partition is
>    given as swap partition.

first, we should not require swap partitions to be LUKS encrypted. plain
dm-crypt also has advantages.
second, i don't think that we should automatically LUKS-format a partition
at any time.

> 4. map the swap with an offset and write a magic cookie in the first 
> sector(s)
>    maybe also left sector(s) at the end of the device, because the  
> first sector
>    get's easily destroyed by a live-cd or hibernation.

then the encrypted swap partitions may always be identied, and i don't
like that idea too.

> 5. if we force luks for swap we could use the UUID to check if it's really 
> our
>    device. beside this we should add a command to cryptsetup to actually set
>    the UUID or to reinitialise the master key (i'm more comfortable with
>    reinitialise the master key, suggestions?)

that may be an interesting feature, but ...

> plain cryptsetup should imho be deprecated for swap.

i object here. again, forcing the admin to use LUKS for swap is not what
we want.

> >  So the two practical approaches that I see, are: allow users to hang
> >themselves, or do not allow automatically used encrypted swap at all.
> 
> linux _HAS_ to do as the user said.

exactly, and i don't see why we should take the responsibility that
belongs to the admin. i like the idea of testing for common situations
where data IS INDEED DESTROYED, but not to build further barriers for
the admin.

> >  Sure, you could add yet another test for partition size and require
> >that for encrypted swap the size of the swap is given. This doesn't
> >sound too practical, and still does not provide absolute protection
> >against human errors - I could have 4G swap and 4G encrypted /usr/local.
> >In which case the issues of case 1 are present again. You can't use
> >partition type either, as swap could be a file.
> 
> That would be another possibility. put the size (in blocks) in the 
> configfile.

again another barrier that doesn't make the whole system more secure
against data loss.

by the way, great to see you on the debian cryptsetup list, Michael.

...
 jonas

More information about the Pkg-cryptsetup-devel mailing list