From owner-freebsd-security  Mon Jul 24 14: 0: 7 2000
Delivered-To: freebsd-security@freebsd.org
Received: from silby.com (cb34181-a.mdsn1.wi.home.com [24.14.173.39])
	by hub.freebsd.org (Postfix) with SMTP id 960B437BCEA
	for <freebsd-security@FreeBSD.ORG>; Mon, 24 Jul 2000 14:00:00 -0700 (PDT)
	(envelope-from silby@silby.com)
Received: (qmail 5748 invoked by uid 1000); 24 Jul 2000 20:59:59 -0000
Received: from localhost (sendmail-bs@127.0.0.1)
  by localhost with SMTP; 24 Jul 2000 20:59:59 -0000
Date: Mon, 24 Jul 2000 15:59:59 -0500 (CDT)
From: Mike Silbersack <silby@silby.com>
To: Adrian Chadd <adrian@FreeBSD.ORG>
Cc: Terje Elde <terje@elde.net>, Robert Watson <rwatson@FreeBSD.ORG>,
	Sheldon Hearn <sheldonh@uunet.co.za>,
	=?iso-8859-1?Q?Joachim_Str=F6mbergson?= <watchman@ludd.luth.se>,
	Greg Lewis <glewis@trc.adelaide.edu.au>, freebsd-security@FreeBSD.ORG
Subject: Re: Status of FreeBSD security work? Audit, regression and crypto
 swap?
In-Reply-To: <20000724210042.O62551@ywing.creative.net.au>
Message-ID: <Pine.BSF.4.21.0007241556510.5736-100000@achilles.silby.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


On Mon, 24 Jul 2000, Adrian Chadd wrote:

> Whats wrong with a bdev io layer like vinum/ccd which does crypto?
> Then you could swap and filesystem to your block devices to your hearts
> content with whatever filesystem you wanted?

Encrypting at that low of a level wouldn't be very useful in the long
run.  For an encrypted filesystem to be truly useful, each user's files
are encrypted with their own key.  A partition-wide encryption doesn't
protect anything if you get root hacked on your box.

And a crypto swap should use as many keys as possible (see the openbsd
implementation paper.)

Mike "Silby" Silbersack



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message