On Thu, 29 May 2008 14:05:48 +0200 Matthias Schniedermeyer <ms@xxxxxxx> wrote: > But you forgot the whole point about the attack: > The attacker don't "soft-boot" the computer, he presses the reset-key > where the currently running OS (and therefore loop-AES) doesn't get the > change to kill the key-material! I suspect that it would be possible to put the encryption keys in physical memory which the BIOS overwrites on reboot. What we would need is some architecture dependent code in the kernel to set aside such memory and only allocate it to drivers that need to store a crypto key. -- All rights reversed. - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
