On 6/25/07, Ian Murdock <[EMAIL PROTECTED]> wrote:
Another huge win for laptops would be disk encryption (for the lost
or stolen laptop scenario).

Agreed.

One question is the user interface.. Presumably
the system bits don't need to be encrypted, just the user bits,

I think there may be couple problems with that approach because the he
separation between system bits and user bits can be pretty difficult
to sort out.

- Is /etc system bits or user bits?  I'll go with the assumption that
it is user bits.  If the shadow file is compromised then a dictionary
attack could be used to get passwords that are likely used on other
seemingly non-compromised systems.

- Does anything important ever make it to /var/tmp?

- Where are VPN configuration files stored?  Last time I paid
attention (previous employer many years ago), there was a shared
secret that was used during the initial exchanges to secure the
channel before authentication took place.  My understanding was that
if this key was compromised it could allow MITM attacks.

My assumption is that the data is only encrypted on disk.  When it is
in the ARC it would be unencrypted.  As such, system data would need
to be decrypted during boot.  This would be a CPU hit, but I would
guess that boot time is dominated by disk speeds (use compression
too!) and using up extra CPU during boot would not be much of a
burden.  Commonly used files (e.g. libc, that man page you keep
reading) would be in the ARC uncompressed and unencrypted, giving
traditional access speeds and no computational overhead.

so perhaps the encryption key is just the user's
password, and the key is supplied to ZFS when the user logs in?

Interesting approach for an individual home directory.  It should be
relatively easy to add this into the PAM stack as similar tricks have
been done in the Linux world for creating/mounting home directories at
login.

Mike

--
Mike Gerdts
http://mgerdts.blogspot.com/
_______________________________________________
indiana-discuss mailing list
[email protected]
http://opensolaris.org/mailman/listinfo/indiana-discuss

Reply via email to