Re: the cold-boot attack - a paper tiger?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 29 May 2008 14:05:48 +0200
Matthias Schniedermeyer <ms@xxxxxxx> wrote:

> But you forgot the whole point about the attack:
> The attacker don't "soft-boot" the computer, he presses the reset-key 
> where the currently running OS (and therefore loop-AES) doesn't get the 
> change to kill the key-material!

I suspect that it would be possible to put the encryption keys in
physical memory which the BIOS overwrites on reboot.

What we would need is some architecture dependent code in the kernel
to set aside such memory and only allocate it to drivers that need
to store a crypto key.

-- 
All rights reversed.

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/


[Index of Archives]     [Kernel]     [Linux Crypto]     [Gnu Crypto]     [Gnu Classpath]     [Netfilter]     [Bugtraq]
  Powered by Linux