Subject: Re: encrypted swap?
To: None <>
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
List: tech-kern
Date: 06/04/2001 18:21:26

Whatever happened to plain text?  I'd happily have given up the
graphics, or had them turned into external references, for the sake of
a plain text version.  (One that's readable online, greppable, can be
cut-and-pasted from, etc.)

But yes, I've read it.  A nice piece of work.  I think the only thing
I'd add to it is that I'd like to see encryption keys be per-process,
in a sense: I'd take the mechanism as described except that the
encryption key for a page is not just the key for its block of swap,
but that combined somehow (XOR?) with a nonce key attached to the
process that owns the page.  (I'm not sure what to do with pages that
belong to multiple processes; perhaps they could travel under the key
of the process that first created them.  Perhaps I really mean "VM
object" rather than "process".)  I'd get warm fuzzies from knowing that
as soon as my process terminates, its swapped-out precious data goes
unreadable immediately.

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B