[Cryptography] It's all K&R's fault

Bill Frantz frantz at pwpconsult.com
Tue Apr 22 16:23:46 EDT 2014


I really don't understand any of the Unix systems (including 
Linux). Can someone translate these items?

On 4/22/14 at 11:17 AM, gnu at toad.com (John Gilmore) wrote:

>>And encrypted swap is really the sweet spot for encryption 
>>because all the key management problems just go away...
>
>You would think so, and so would I, but as usual in security software,
>we would be wrong.  There are key management problems in making the
>swap partition usable by the BIOS, by subsequently booted copies of
>this OS or different OSes, etc:
>
>"Encrypted swap no longer mounted at bootup"
>https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/953875

      I found that my swap device should be /dev/sda3 instead of /dev/sdb3.
      So, just changing /etc/crypttab contents to

      cryptswap1 /dev/sda3 /dev/urandom swap,cipher=aes-cbc-essiv:sha256

      solved my problem.

I thought when Linux at least partitioned the disk, it wrote 
swap as a particular partition type in the partition table. It 
should have no problem finding that partition even if the 
contents are unreadable garbage. It has no business trying to 
read old swap -- that's what swap encryption is trying to prevent.


>"Reinstalling over a previous installation with encrypted swap 
>displays a "Continue without swap" warning dialog"
>https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1066342

This one appears when the user tried to reinstall after having 
an encrypted home directory. Why does that affect swap encryption?


>"encrypted swap reused from previous install when wiping and reinstalling"
>https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1097890

This bug writeup is Greek to me. :-)


>"Do not offer hibernate with encrypted swap"
>https://bugs.launchpad.net/ubuntu/+source/devicekit-power/+bug/423608

Not knowing the technical meaning of "suspend" and "hibernate", 
I can make two guesses:

   (1) Place the CPU in a very low power state and keep main
   memory alive either by slow refresh -- DRAM or just stopping
   the clock -- SRAM.

   (2) Write the contents of main memory to disk and prepare
   things so a restart will read it back and run the system again.

In case (1), there should be no problem. Case (2) produces 
interesting design decisions.

Do we write the swap encryption key on the disk? Do we encrypt 
it with a passphrase? Do we wipe the disk copy on restart which 
may be difficult with some devices?

It appears that the developers were thinking along these lines:

     The trick is to wrap swap, and all other partitions into a VG
     which is put on an encrypted PV wholesale. So during boot,
     the initramfs asks for a password for decrypting this PV,
     which also works for resuming from hibernation.

but I have no idea what they are saying.


>"gnome-power-manager hibernates even when using encrypted swap"
>https://bugs.launchpad.net/ubuntu/+source/gnome-power-manager/+bug/722145

     On my system, gnome-power-manager hibernates when idle by
     default when on battery. Since my system uses encrypted swap,
     this causes the machine to switch off without saving state.
     Ideally, gnome-power-manager would know that swap was
     encrypted and suspend to RAM instead of trying to hibernate.

Again my comments about key management above apply.


>Sigh...

Indeed John, you are correct. When you try to snapshot the 
system to disk, you bring back key management problems. The 
problems with re-install in the beginning of the list seem to be 
a normal case of the complexity of Unix shooting itself in the foot.

I will note that if KeyKOS tried to encrypt its disk, it would 
definitely have key management problems. KeyKOS does not have 
swap in the sense of a virtual memory spill area. The whole disk 
is virtual memory spill area, and kept for the life of the 
system so it is also permanent memory.

Cheers - Bill

---------------------------------------------------------------------------
Bill Frantz        |"After all, if the conventional wisdom was 
working, the
408-356-8506       | rate of systems being compromised would be 
going down,
www.pwpconsult.com | wouldn't it?" -- Marcus Ranum



More information about the cryptography mailing list