>> Retrieving clear text keys from memory dumps isn't new, so my >> interest is to know if a strategy is in place to make an end to >> this. How about a patch for GPG not to store its keys in RAM Chips >> any more? > > As far as I know this isn't even planned for the far future. It's an > issue of system architecture. A hypervisor per app would solve the > problem but the overhead would be insane. Just brainstorming here, but I heard some ideas about locking the CPU cache and storing the keys in cache so it never really touches the RAM. I don't know if this is possible with the current operating systems, and it would of course be unportable to the extreme. It might make it slightly more difficult to extract the information I suppose. The physical deep-freeze method would still work. - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
