On 2003-07-14, Michael Shields uttered to Bill Frantz:
Encrypted swap is a crypto sweet spot, because it has perhaps the easiest key management of any crypto system. It seems that the BSD systems have it while Linux still thinks it is difficult.
It is not yet in the mainline Linux kernel, but implementations are available (e.g. the widely used "cryptoloop").
At this stage I think a small question is in order. Is there any Big Red Button software out there to complement this level of paranoia? What I mean is, after you've got everything in your system under industrial strength crypto, you have exactly one weak spot, that being a whole lot of people charging through your door when your system is already running hot and accessible. At that point the only thing that can save you is a one-touch mechanism to effect a swift (i.e. at most two or three seconds), dirty, no-matter-what shutdown, with guaranteed loss of key material. Is there open source software out there to effect that sort of thing? -- Sampo Syreeni, aka decoy - mailto:decoy@iki.fi, tel:+358-50-5756111 student/math+cs/helsinki university, http://www.iki.fi/~decoy/front openpgp: 050985C2/025E D175 ABE5 027C 9494 EEB0 E090 8BA9 0509 85C2