[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Questions about loop-aes and the implementation of encryptedfilesystems

To: Jari Ruusu <jariruusu@xxxxxxxxxxxxxxxxxxxxx>
Subject: Re: Questions about loop-aes and the implementation of encryptedfilesystems
From: Lars Bungum <lars@xxxxxxxxx>
Date: Fri, 27 Feb 2004 20:44:30 +0100
Cc: linux-crypto@xxxxxxxxxxxx
In-reply-to: <403E3CF6.BAD1168E@users.sourceforge.net>
List-archive: <http://mail.nl.linux.org/linux-crypto/>
List-help: <mailto:ecartis@nl.linux.org?Subject=help>
List-id: <linux-crypto.nl.linux.org>
List-owner: <mailto:riel@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-software: Ecartis version 1.0.0
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
References: <1077805858.5713.172.camel@truth.in.copyleft.no> <403E3CF6.BAD1168E@users.sourceforge.net>
Sender: linux-crypto-bounce@xxxxxxxxxxxx

On Thu, 2004-02-26 at 19:37, Jari Ruusu wrote:
> > Journalling file systems.  Will it be safe to run journalling file
> > systems, or does one risk loss of data if the power is switched off,
> > etc, on an encrypted file system?  Is there a recommended filesystem at
> > all, or is the question itself irrelevant for such encryption?  Can
> > write cache be used?
> Device backed (partition backed) loops are ok with journaling file systems
> at least when used with loop-AES. Mainline (current -bk version)
> loop+cryptoloop combo is no longer journaling file system safe.

I'm glad to hear it's safe as such file systems is a desire here.  But I
would like to know also why this is the case.  I suppose what I really
fail to understand is why this isn't safe in the cryptoloop system. 
Maybe there is somewhere I can read up on this?

> > Changing of passwords.  If one has a system of gpg keys and with
> At least current version of loop-AES' mount does not support that. You have
> to write your own scripts to do that. Depending how gpg encrypted key file
> was set up, changing password is either re-encrypting key-file contents with
> new password or changing gpg secret key password.

Yes, I was prepared to do some scripting here, but my problem is that I
don't really see how I should best do this.  If the requirement is that
passwords expire after one year, how do I know if the password is a year
old?  Since the hardware clock can't be trusted, I'm looking into
hardware solution with own authorization or trusted clocks.  A counter
on the USB dongle could also just be reset, booting the encrypted system
with the old password.  Is there a good way to do this with gpg?

> Here compatible means that unencrypted loop devices do not livelock during
> suspend to disk. If there are encrypted loops active when suspending to
> disk, encryption keys will get written to disk when kernel RAM is saved to
> suspend partition, therefore completely voiding security of those keys.

Thanks for the clarification!

-- 
Cheers,
Lars Bungum                         <lars@xxxxxxxxx> <OpenPGP:E2C5C0A2>

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/

Follow-Ups:
- Re: Questions about loop-aes and the implementation of encryptedfilesystems
  - From: Jari Ruusu

References:
- Questions about loop-aes and the implementation of encrypted filesystems
  - From: Lars Bungum
- Re: Questions about loop-aes and the implementation of encryptedfilesystems
  - From: Jari Ruusu

Prev by Date: Re: Questions about loop-aes and the implementation of encryptedfilesystems
Next by Date: Mail delivery failure
Previous by thread: Re: Questions about loop-aes and the implementation of encryptedfilesystems
Next by thread: Re: Questions about loop-aes and the implementation of encryptedfilesystems
Index(es):
- Date
- Thread