--- Peter_22@xxxxxx wrote:
> .. that protects me against a
> source-less phantom? No, I wonder if Jari would
> waste his time before some code is at hand to launch
> test runs and find key material, at least on a
> running machine.
>
Thanks Peter for summarizing the hardware-related
issues - it's an area I know very little about (among
many others).
I don't think anybody doubts from a software
perspective that they can recover the keys from DRAM.
As someone else said it is not such a difficult
proposition, although photorec or other file recovery
utilities are quite the wrong tools for this since
these look for headers that they recognize, like jpeg.
In which case this is not a phantom threat but a real
one.
As for supporting old hardware with small CPU caches -
I agree that is always a nice thing to do, but being
realistic, defending against attacks is much more
important. Also, serious users of loop-aes, who need
it for decent-sized partitions, are unlikely to be
running it on an ancient processor.
>From what another poster was saying, there is no need
to cache all of the keys in the CPU, only components
of these, to make what is recovered from DRAM useless.
-
Linux-crypto: cryptography in and on the Linux system
Archive: http://mail.nl.linux.org/linux-crypto/
