[vox-tech] Which cipher to use?

Bill Broadley vox-tech@lists.lugod.org
Mon, 3 Jun 2002 20:25:20 -0700 

On Sun, Jun 02, 2002 at 09:47:36PM -0700, Ryan wrote:
> I've set myself up encrypted swap, and am wondering which cipher will be 
> fastest.

Hrm, I'd test them yourself, I've seen numerous benchmarks, particularly
in sci.crypt.  It depends quite a bit on your implementation and hardware.

I'd guess blowfish would be fastest since it was designed to be fast
with 32 bit cpu's, avoiding things like the DES proclivity for bit ops.

> My choices are AES, serpent, twofish, or blowfish. I tried out xor too, but 
> It looked like it was SEVERLY vunerable to a plaintext attack (creating a new 
> swapfile to caculate the xor key).

Xor is 100% secure if your key is as long as your data, otherwise known
as the otp = one time pad.  If it's less, it is indeed rather easy to break.

> Why bother encrypting my swap? Losta passwords go in there in plaintext, 
> easily recoverable with a boot disk.

Hrm, I'd argue that this isn't true.  Many applications specifically pin
pages so they aren't swappable (I.e. ssh).  Not to mention a healthy linux
box shouldn't be swapping bins out to disk while they are being
actively used.  Have you ever found a password there?  

A much faster method might be to zero out your swap on shutdown.

> And if anyone wants it, I wrote a simple shell script to configure an 
> encrypted loopback file with a random password, create a swap filesystem on 
> it, and mount it as swap.

Cool, hack, might want to check out, hrm, tin foil linux.  It's a boot disk
for the very paranoid.  It allows typing in a secure passphrase even if
the keyboard is tapped.  It adjusts contrast to make sniffing the monitor
remotely maximally hard, it doesn't use any binaries from the local disk
(to protect against trojans), and may take other precautions as well,
i.e. random processes, random activity, random bus transfers etc.

I've pondered the truely paranoid approach of encrypting ALL files, using
a private key stores in an ibutton, if something ever happens and you want
to secure your files forever just destroy the ibutton.

I've yet to even get my ibutton working to store my ssh passphrase.

I saw tin foil or similar single floppy distribution 
mentioned at Codecon 2002.

-- 
Bill Broadley
Mathematics/Institute of Theoretical Dynamics
UC Davis