Re: Non-US

To: Niels Möller <nisse@lysator.liu.se>
Cc: Robert Bihlmeyer <robbe@orcus.priv.at>, debian-hurd@lists.debian.org
Subject: Re: Non-US
From: Marcus Brinkmann <Marcus.Brinkmann@ruhr-uni-bochum.de>
Date: Fri, 20 Apr 2001 00:01:58 +0200
Message-id: <20010420000158.F343@ulysses.dhis.net>
In-reply-to: <nnitk0fu66.fsf@sture.lysator.liu.se>; from nisse@lysator.liu.se on Thu, Apr 19, 2001 at 11:37:05PM +0200
References: <20010406231405.A31316@nisa.net> <87n19cehd8.fsf@hoss.orcus.priv.at> <nnitk0fu66.fsf@sture.lysator.liu.se>

On Thu, Apr 19, 2001 at 11:37:05PM +0200, Niels Möller wrote:
> A better approach is to simply encrypt pages that are swapped out
> (either all swap, or configurable per user or per process).
> 
> I think Markus Friedl implemented that for OpenBSD, and wrote a paper
> about it. I have no idea how hard it would be on the HURD. I guess the
> code would live somewhere in the (default) pager.

Yes, I exchanged some ideas on this with Werner, and it seems that we could
make the Hurd very secure by implementing page encryption in the default
pager. I think it can also be used to encrypt stores automatically.

The main problem to think about is how to get at the secret key (user
input!), also after hibernation of laptops, etc.

Thanks,
Marcus

-- 
`Rhubarb is no Egyptian god.' Debian http://www.debian.org brinkmd@debian.org
Marcus Brinkmann              GNU    http://www.gnu.org    marcus@gnu.org
Marcus.Brinkmann@ruhr-uni-bochum.de
http://www.marcus-brinkmann.de

Reply to:

Follow-Ups:
- Re: Non-US
  - From: nisse@lysator.liu.se (Niels Möller)

References:
- Non-US
  - From: Jeff Bailey <jbailey@nisa.net>
- Re: Non-US
  - From: Robert Bihlmeyer <robbe@orcus.priv.at>
- Re: Non-US
  - From: nisse@lysator.liu.se (Niels Möller)

Prev by Date: Re: Non-US
Next by Date: Re: Non-US
Previous by thread: Re: Non-US
Next by thread: Re: Non-US
Index(es):
- Date
- Thread