It's a Presidential Mandate, Feds use it. How come you are not using FDE?

Bill Stewart bill.stewart at pobox.com
Fri Jan 19 04:06:14 EST 2007


As far as "Full Disk Encryption"'s usefulness as a term goes,
I'd distinguish between several different kinds of applications
for encrypting the contents of a disk
1 - The disk drive or maybe disk controller card (RAID, SCSI, etc.)
	encrypts all the bits written to the drive
	and decrypts all the bits read from the drive,
	usually with some keying input from the OS.
2 - The operating system's driver software
	encrypts/decrypts all bits written to/from the drive
3 - The operating system's file system driver software
	encrypts/decrypts all bits written to/from a file system
	(which might or might not occupy a drive partition.)
4 - Utility software encrypts/decrypts bits written to/from directories.
5 - Application software encrypts/decrypts contents of files.

Obviously if you're trying to protect against KGB-skilled attacks
on stolen/confiscated hardware, you'd like to have the swap partition
encrypted as well as any user data partitions, though you may not care
whether your read-only utility software was protected
(e.g. your Knoppix disk or vanilla shared /usr/ or whatever.)
Whether you implement that in the disk controller or OS is really
a matter of convenience and user support economics -
if you're a small conspiracy you may want to roll your own,
but if you're a corporate IT shop, you've probably got economic issues
that affect whether you customize the OS (more) or the disks or both
and it's the operational processes that will trip you up.

On the other hand, if you're trying to protect against
lower-skilled attackers, e.g. laptop thieves who are reselling
disks to the Nigerians and other hardware on eBay,
you want to protect your file systems,
but probably don't need to protect your swap.
It's certainly nice to do that, of course, and might be a Good Thing
for Linux and ***BSD to include in their standard swap drivers,
but hopefully your file system drivers would keep their keys
in non-swappable memory, and most other things get overwritten
often enough that attackers not using electron microscopes
probably won't bother with them much.  In most OS's,
swap isn't persistent across system reboots,
so you can actually generate a new key on the fly every time
and not bother the user about entering it, unlike regular filesystems
or full-disk-encryption systems.

Of course, if the KGB *is* after you, they may black-bag your PC
before they confiscate it - if there's a key-logger chip
added to your keyboard or a camera mounted in your ceiling light,
it may not matter how cool your FDE is.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list