Subject: Re: encrypted swap?
To: Jason R Thorpe <>
From: Todd Vierling <>
List: tech-security
Date: 06/04/2001 19:12:02
On Mon, 4 Jun 2001, Jason R Thorpe wrote:

:  > This sounds great for applications such as raw Oracle databases,
:  > Coda RVM, etc.  But for those applications, the data must be persistent,
:  > and you don't really want that for swap.
: Well, for swap, you'd obviously want to use a random key, at very least.

Which isn't really relevant to whether the implementation is at the block
device level or swap level, of course.  Both could do this.

: A fresh implementation of a cipher block device should take all of an
: evening or two to write.  Maybe I'll write one this week.

You certainly have my personal enthusiasm.  Please feel free!  :)

-- Todd Vierling <>  *  Wasabi NetBSD:  Run with it.
-- NetBSD 1.5 now available on CD-ROM  --