Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×
BSD Operating Systems

OpenBSD can encrypt swapspace 41

Posted by Nik from the nothing-to-hide dept.
Continuing it's reputation for security, the OpenBSD kernel can now encrypt the contents of swap space, so that sensitive data can no longer be swapped to disk 'in clear', where it could survive reboots. The Blowfish cypher is used, as it is strong, fast, with a big key space. Obviously, there's a small speed penalty for this option. Note: The BSD section has been a little empty recently, due to illness. Thanks to all who enquired after me, I appreciate it :-)
This discussion has been archived. No new comments can be posted.

OpenBSD can encrypt swapspace More

OpenBSD can encrypt swapspace

Comments Filter:
  • In this paper [wpi.edu] you can read about implementation in FPGA.

  • Duh ! I suppose OpenBSD disabled the equivalent for /dev/mem & /proc/kcore for security reasons as well then ? Otherwise your argument doesn't really make sense, does it ?
  • Then anyone who can get root access, even if only temporarily, can gain access to the swap file. And if you think gaining root access is impossible, it's time to wake up.

    True. But if root gets broken you're in trouble anyway.

    Or maybe more than one person uses this computer. What is your lab mate with a boot floppy doing while you're at lunch?

    Yep, realized that in the middle of class last night...

  • "But if root gets broken you're in trouble anyway."

    But root can get broken temporarily WITHOUT knowing the root password. Retrieving this off of the swap partition gives the cracker access anytime.
  • Go found out a little bit more about security before you cast dispersions upon OpenBSD for being too paranoid in encrypting swap. I'll give you a hint: partitions are persistant.
  • The best place to send it would be bkimmel1@mac.com
  • It looks like on DDN's forums, someone linked to both of them.. I think. I'm still downloading, to see. Oddly, my ethernet speeds seem to be tapping out at 6kb/s.. (a server I'm d/ling from now, at 6kbps, was in the 40s yesterday)

    http://daily.daemonnews.org/view_story.php3?stor y_id=515
  • actually, commies don't really value freedom. They value communial ownership of the means of production (at least in the marx-derived version).

  • Now we just need someone Outside the US to design and make a PCI encryptor/decryptor board that supports blowfish. If I had the ability to program programible logic devices I'd think about doing this just for myself, but then I'm also in the US so if I did it, I couldn't easily post the design or export it. With current programible logic encryption rates over 1M bytes a second should be possible.

    Features that would be good. Write only key space. Space for a number of key sets. The OS can moderate who can use which key sets. It would use PCI bursting to transfer data to and from it. It would also need to handle common block chaining modes.

    I figure it could be done on one large FPGA or similar. It may require a bank of fast SRAM for buffer space, but I think it could be done without. The actual card size could be miniscule. No larger than the length of the PCI connector and about 40mm high. One could even support a number of different encryption/decryption methods. I'd like to see DES, Triple-DES, Blowfish, Two Fish, RSA and maybe a few others.

  • Perhaps someone could hack the new programmable DSP chips/boards that Texas Instruments is planning on making.

  • It is quite obvious that you have little experience designing or implementing programable logic devices. 1Mb/sec is a *very* low target speed to shoot for if you're going to go to the bother of making a hardware encryption acceleration device. Blowfish is not especially well suited for hardware implementation; you need a 4K ROM to store the digits of pi and (this is the big one) 4K of RAM to store the key-dependent S-box. There are other ciphers that would be better uses of key space. Nonetheless, any decent implementation of a modern block cipher should be able to acheive at least 10 Mb/sec without pipelining or unreasonable use of chip space. With pipelining and appropiate interleaved encryption modes, (16x duplication of logic) I would think that 100 Mb/sec would not be an unreasonable goal, if not even significantly faster.

    Implementing RSA in hardware requires more finesse in that timing the carry-save delays and allocating space for multipliers becomes slightly trickier. The key operation is multi-precision modular exponentiation which can be done with general purpose hardware quite well. It doesn't make much sense to put in into a board devoted to symmetric algorithms.
  • You could use an Altera [altera.com] with onchip memory and a PCI controller as a single chip solution, or go with a
    PLX IOP480 [plxtech.com] which has an embedded PowerPC processor and an external memory bus. You could easily change your crypto program using one of these.
    I'm using a PLX9054 on a board with a PPC G3, they have really nice software support and DMA capability. I'll bet the G4 could really crunch some data with it's vector unit. 3x faster in Distributed Net numbers over G3 from what I've read.
  • Do you have a url to the techno version?
  • Speaking of Blowfish and block ciphers, Bruce Schneier has some very interesting comments on the convergence of stream and block ciphers in his newest monthly Crypto-Gram [counterpane.com].

    -------

  • Exactly! That is why some people want an encrypted swap file.

  • After a system crash, confidential information (pgp passwords) can be found in the swap file. System crashes are easily made: you pull the plug.

  • I don't know about anybody else but I wish OpenBSD
    would do a performance audit to go along with their much touted security audit. I just switched
    to NetBSD x86 and noticed a substantial speed improvement. I also like the lack of hype and commitment to clean code. The userland tool chain
    is very polished. Now I just have to figure out
    how to burn CD-Rs from my atapi CD-RW. Last I heard cdrecord didn't like anything but scsi.
    -Toaster

  • I hate to spell it out, but the idea is this: Alice is useing a computer. The computer could be a laptop, a workstation, or a server. Eve wants to know what Alice is doing. Eve causes a system crash by pulling the plug or battery on the computer. Eve gains console access to the computer through theft or ligitemate access. Eve scans the contents of the swap file to see what Alice was doing.

    By using an encrypted swap file Alice makes it harder (maybe impossible) for Eve to perform this kind of attack. This type of attack is particularly effective against laptops as they are easy to steal. If I had a laptop that contained sensitive information I would want to use bath an encrypted filesystem and an encrypted swap file. Yes I would take a performance hit. However if the laptop is stolen I am out a few thousand dollars but my sensitive information is safe.

  • OpenBSD is not Linux. It's not made for desktop users and fairweather developers. It is made with security in mind. And now, it is that much more secure. Many people who use OBSD, and use it for it's secure nature, will benifit from this advance.
  • I don't want to see anyone who has only read the short, polemical work of a generally complex philosopher tell me what he said. Saying that Marx's work is a vision of how to accomplish anarchy demeans the insightful analyses of history and economics, in addition to being merely incorrect. His work is descriptive, perhaps predictive, but it is not prescriptive. The sweeping spectre of communism is not something he's encouraging so much as assuming will happen, in the context of his dialectical materialism. Your view of his work makes him little more than the intellectual heir of radical crackpots, rather than the logical development and maturation of the work of Hegel. Please learn more about Marx before telling me to learn more about Marx. Thanks.
  • But that's a moot point if the swap device/swap file are accessibly only by root.
  • Then anyone who can get root access, even if only temporarily, can gain access to the swap file. And if you think gaining root access is impossible, it's time to wake up.

    Or maybe more than one person uses this computer. What is your lab mate with a boot floppy doing while you're at lunch?
  • I get it. You really don't know what you're talking about and I've caught you. I thought as much. Thanks for playing.
  • nope... just the file. Give me an email address or the like. Its very.. uhh.. cultish.

    whoohoo.. /. logged me in! And I was getting annoyed that it was to dumb to read its cookie...

Slashdot Top Deals

UNIX is hot. It's more than hot. It's steaming. It's quicksilver lightning with a laserbeam kicker. -- Michael Jay Tucker

Close