Arch Linux

apollo22

Member

Registered: 2018-04-13

Posts: 34

Swap encryption re-initialisation vs swap shredding

Q1: I have a swap partition that I want to encrypt but I would still like to resume from hibernation. I read there that for increased security, one should reinitialise the encryption frequently (for exemple at each reboot) to make sure no data remains too long. However, I can't find mentions of wipping (replace data) the swap instead of reinitialise the encryption anywhere. Can you find anything about this / what do you think about this ?

Q2: I think it would also be safer to frequently wipe the unused swap space but can it be done with mounted swap ?

dslink

Member

From: USA

Registered: 2012-02-23

Posts: 48

Re: Swap encryption re-initialisation vs swap shredding

You can use a swap file inside the encrypted fs

/dev/zero

Member

From: Melbourne, Australia

Registered: 2011-10-20

Posts: 1,247

Re: Swap encryption re-initialisation vs swap shredding

You could wipe the data, but it would take time. There is always a tradeoff with security.

When you lose the key to encrypted data, the data that was there should effectively become no different to random noise. This is good enough for most people.

Repeat after me the following mantra:

Whenever making decisions about what security to implement, always define the threats you need to protect against first.

If you are up against an adversary with the ability to brute-force an encrypted swap partition after the key is lost, that is kind of an important consideration you should mention. Depending on the crypto used, I am skeptical that even NSA could do this. Furthermore, if your adversary is the NSA then you have bigger problems than whether to wipe the swap.

If you are not up against such an adversary then don't make life needlessly hard for yourself. Just do what everyone else does.

ngoonee

Forum Fellow

From: Between Thailand and Singapore

Registered: 2009-03-17

Posts: 7,355

Re: Swap encryption re-initialisation vs swap shredding

If you are not up against such an adversary then don't make life needlessly hard for yourself. Just do what everyone else does.

Doesn't everyone believe they're protecting against the NSA though?

---

Allan-Volunteer on the (topic being discussed) mailn lists. You never get the people who matters attention on the forums.
jasonwryan-Installing Arch is a measure of your literacy. Maintaining Arch is a measure of your diligence. Contributing to Arch is a measure of your competence.
Griemak-Bleeding edge, not bleeding flat. Edge denotes falls will occur from time to time. Bring your own parachute.

mxfm

Member

Registered: 2015-10-23

Posts: 163

Re: Swap encryption re-initialisation vs swap shredding

Q1: I have a swap partition that I want to encrypt but I would still like to resume from hibernation. I read there that for increased security, one should reinitialise the encryption frequently (for exemple at each reboot) to make sure no data remains too long. However, I can't find mentions of wipping (replace data) the swap instead of reinitialise the encryption anywhere. Can you find anything about this / what do you think about this ?

Q2: I think it would also be safer to frequently wipe the unused swap space but can it be done with mounted swap ?

1. The claim in wiki article that you can increase security by wiping-out swap at each reboot is technically correct, but it is overkill. Yes, it is true that you cannot use hibernation with wiping at each reboot swap. An example where it is overkill: swap is LVM partion (like / and /home), so there is no point is encrypting it twice.

2. In case of wiping out swap (instead of re-encrypting) you also lose hibernation and gain no additional security. I don't see how this idea archives stated purpose.

3. I don't know whether you can clean mounted swap (at worse, you can zero unmounted swap), but as in p.1 - it is better to use encrypted lvm. Whether there is sensitive data at unused swap space depends on RAM and computer usage. For example, I have 8GB RAM and (used to) 4 GB swap which was never used. Through time I deleted swap.

4. One possible way you can archive the (silly) goal with having both hibernation and swap re-encryption is having two swap partitions - one for hibernation, which is not re-encrypted and the second for online system. This would require some vodoo in fstab and systemd.

/dev/zero

Member

From: Melbourne, Australia

Registered: 2011-10-20

Posts: 1,247

Re: Swap encryption re-initialisation vs swap shredding

Doesn't everyone believe they're protecting against the NSA though?

Haha, sure

I could have been clearer, what I meant was that the NSA has other techniques up its sleeves. So long as they can engineer repeated covert access to the hardware, then there is no need to waste their cpu cycles on brute-forcing crypto which probably can't even be broken.

So, if OP is up against NSA, they have more on their plate. So, okay, perhaps they do need to wipe their swap after all, although I doubt it. But even if it would help, that is not going to be sufficient unless they have complete provenance over every hardware component for its entire lifetime.

Last edited by /dev/zero (2019-01-04 06:21:25)

mxfm

Member

Registered: 2015-10-23

Posts: 163

Re: Swap encryption re-initialisation vs swap shredding

Doesn't everyone believe they're protecting against the NSA though?

Haha, sure

I could have been clearer, what I meant was that the NSA has other techniques up its sleeves. So long as they can engineer repeated covert access to the hardware, then there is no need to waste their cpu cycles on brute-forcing crypto which probably can't even be broken.

So, if OP is up against NSA, they have more on their plate. So, okay, perhaps they do need to wipe their swap after all, although I doubt it. But even if it would help, that is not going to be sufficient unless they have complete provenance over every hardware component for its entire lifetime.

I call this 'security demagogy'. This trivial idea boils down that encryption is often a bad idea because security agencies have other ways to get to your data. This is logical fallacy because it assumes that every man with encrypted data fights security agencies. Discussion of security threats has merits, but it is a red flag when every discussion/comment boils down to "don't encrypt, NSA will always have you".

EDIT: Ok, I wrongly interpreted this as an argument against encryption per se.

Last edited by mxfm (2019-01-04 08:30:09)

/dev/zero

Member

From: Melbourne, Australia

Registered: 2011-10-20

Posts: 1,247

Re: Swap encryption re-initialisation vs swap shredding

I call this 'security demagogy'. This trivial idea boils down that encryption is often a bad idea because security agencies have other ways to get to your data. This is logical fallacy because it assumes that every man with encrypted data fights security agencies. Discussion of security threats has merits, but it is a red flag when every discussion/comment boils down to "don't encrypt, NSA will always have you".

I'm not sure whether you are arguing against me or not. I get the feeling you misinterpreted me, but maybe I'm misinterpreting you

I didn't say encryption is bad.

I said define what threats you need to protect against before deciding what security is appropriate.

When I said "do what everyone else does", I meant use encrypted swap without worrying about wiping it. I didn't mean not to encrypt swap at all.

There are legitimate uses for encryption which don't involve "fighting the man". Encryption is good to protect against casual theft, and if a hard drive crashes you can dispose of it it without worrying about how to wipe it.

If you are "fighting the man", you better make sure you have a good support chain including access to hardware designed, manufactured and distributed by people you trust. If you are fighting the man and don't have complete provenance over the hardware for its entire lifetime then you're in over your head.

Last edited by /dev/zero (2019-01-04 07:11:37)