Editing
SecureSuspendToRam
(section)
Jump to navigation
Jump to search
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
== Introduction == Currently in Gnu/Linux it is not possible to securely suspend a computer (such as a laptop) to RAM. When we say that suspend is not secure, we mean that it is possibly to read out meaningful data in various ways. This readout of memory may happen after the suspend state has been initiated or upon un-suspending. The canonical example of this type of attack is the [http://en.wikipedia.org/wiki/Cold_boot_attack Cold Boot Attack]. It is currently possible to suspend to disk in a secure manner. Generally this is accomplished by writing out the hibernate image into an encrypted partition or by prompting for a passphrase. Without the ability to unlock the disk or unencrypt the file, it is not possible to resume the machine. We believe that it is possible to bring about similar protection with increased functionality with an encrypted suspend to RAM implementation. Generally, we'd like to have the entire kernel (and thus not need to know which parts have say, key bits) possibly excepting the ACPI code, encrypted by the suspend process. Additionally, we'd like it to have similar security properties as the suspend to disk methods currently in use (generally with LUKS).
Summary:
Please note that all contributions to Noisebridge are considered to be released under the Creative Commons Attribution-NonCommercial-ShareAlike (see
Noisebridge:Copyrights
for details). If you do not want your writing to be edited mercilessly and redistributed at will, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource.
Do not submit copyrighted work without permission!
To protect the wiki against automated edit spam, we kindly ask you to solve the following CAPTCHA:
Cancel
Editing help
(opens in new window)
Navigation menu
Personal tools
Not logged in
Talk
Contributions
Log in
Request account
Namespaces
Page
Discussion
English
Views
Read
Edit
View history
More
Search
Dig in!
Noisebridge
- Status: MOVED
- Donate
- ABOUT
- Accessibility
- Vision
- Blog
Manual
MANUAL
Visitors
Participation
Community Standards
Channels
Operations
Events
EVENTS
Guilds
GUILDS
- Meta
- Electronics
- Fabrication
- Games
- Music
- Library
- Neuro
- Philosophy
- Funding
- Art
- Crypto
- Documentation/Wiki
Wiki
Recent Changes
Random Page
Help
Categories
(Edit)
Tools
What links here
Related changes
Special pages
Page information