Rik van Riel wrote: > On Thu, 29 May 2008 14:05:48 +0200 > Matthias Schniedermeyer <ms@xxxxxxx> wrote: > >> But you forgot the whole point about the attack: >> The attacker don't "soft-boot" the computer, he presses the reset-key >> where the currently running OS (and therefore loop-AES) doesn't get the >> change to kill the key-material! > > I suspect that it would be possible to put the encryption keys in > physical memory which the BIOS overwrites on reboot. > > What we would need is some architecture dependent code in the kernel > to set aside such memory and only allocate it to drivers that need > to store a crypto key. > We have suggested this very thing as a very simplistic countermeasure. Sadly, it's not easy to implement in a way that is honored. Also, it doesn't help with key schedules (... which we automatically detect and use to reconstruct keys even with bit decay). All of this is useful but simple to work around for an attacker. We can easily remove the memory chips and read them with a device that doesn't have constraints of a typical BIOS. We discuss a lot of these issues and more in both our video and paper. Best, Jacob Appelbaum - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
