A reasonable compromise would be if the save process used a randomly generated key, and that key was available during the resume. Presumably the TPM or a similar mechanism could be used.
Reading secrets from the disk will generally leave behind no evidence. All the bad guy needs is a screwdriver. Reading them from memory is very likely to leave evidence in the form of scrambled/lost memory. In any event I'd claim the cost to the bad guys is $10 to grab data from disk (leaving no evidence it has been done) versus $1000 to grab from ram but being evident. Not the same order of magnitude as usual crypto gives ("$millions") but a noticeable difference.
Power management, mobile and firmware developer on Linux. Security developer at Aurora. Ex-biologist. mjg59 on Twitter. Content here should not be interpreted as the opinion of my employer. Also on Mastodon.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Re: Threat to dm-crypt
Date: 2013-07-03 08:14 pm (UTC)Reading secrets from the disk will generally leave behind no evidence. All the bad guy needs is a screwdriver. Reading them from memory is very likely to leave evidence in the form of scrambled/lost memory. In any event I'd claim the cost to the bad guys is $10 to grab data from disk (leaving no evidence it has been done) versus $1000 to grab from ram but being evident. Not the same order of magnitude as usual crypto gives ("$millions") but a noticeable difference.