On 07.01.2009 23:46, Nicholas wrote: > Would that really work though? If it's possible to identify the seperate > keys in memory, what's stopping someone from writing a script to isolate > all of they keys and then try them all. Yes it would slow an attacker > down, but it would be a slow-down of perhaps a few seconds or minutes -- > that is, not so long as to make it impractical to run such an attack. I don't think that would work. You'd have to fake patterns in memory so that the pages with the fake key look exactly like real pages with key material. BUT such pages wouldn't be properly recorded in the VM-system for kernel-pages (i assume you can distinguish the memory use by the kernel itself), so if you know how to analyse the VM-data you know which pages can't contain key-material. The hundreds of loops approch doesn't have this same problem. The only question for loop-aes is, when used in V3-Mode with 65 keys, does it allow to "shuffle" the keys fully or at least partially. I mean IF you can't pair with 65 keys belong to each other, you don't need that many keys to make an attack this way as impratical as an attack against the keys itself. But i don't think this is the case, with no memory decay at all, you should be able to find data wich loop devcies existed and which keys belong to them, just like loop-aes has to know that information itself. So with an attack-tool specifically designed for loop-aes, the gain (even with hundreds of loops) shouldn't be more than single digit seconds. > > As for setting up multiple loops to create decoy keys in memory: perhaps a > > simple program that writes hundreds or thousands of "camouflage" keys to > > memory for use before using loopaes could be handy for the paranoid ... > > > > It would not be hard to knock up, maybe Perl or Python. > > > > - > Linux-crypto: cryptography in and on the Linux system > Archive: http://mail.nl.linux.org/linux-crypto/ -- Bis denn -- Real Programmers consider "what you see is what you get" to be just as bad a concept in Text Editors as it is in women. No, the Real Programmer wants a "you asked for it, you got it" text editor -- complicated, cryptic, powerful, unforgiving, dangerous. - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
