* Jacob Appelbaum <jacob@xxxxxxxxxxxxx> wrote: > Our paper is clear. Link? As already stated numerious times, if theres root access (eg full access to a machine's memory, including a virtual machine) it's a piece of cake to get one's hands on the key. Key scrubbing in loop-AES only slightly complicates the issue, but as it has been publicly proven to work to snatch ssh keypairs from memory, it's just emphasising an attack vector that exists by design. And all the other publicly known linux crypto implementations suffer from it. IIRC, key scrubbing has been implemented in loop-AES because some Gutmann paper mentioned possible key recovery from imprinted RAM patterns. Please, before stating your claims be sure to clearly point out your attack vector. -- left blank, right bald
Attachment:
pgpNMOYSsJbNP.pgp
Description: PGP signature
