On Fri, Jan 06, 2023 at 01:10:44PM -0800, Linus Torvalds wrote: Good morning, I hope the week is going well for everyone. > On Fri, Jan 6, 2023 at 12:54 PM Andy Lutomirski <luto@xxxxxxxxxx> wrote: > > > > I'm going to suggest a very very different approach: fix secret > > storage in memory for real. That is, don't lock "super secret > > sensitive stuff" into memory, and don't wipe it either. *Encrypt* it. > > I don't think you're wrong, but people will complain about key > management, and worry about that part instead. > > Honestly, this is what SGX and CPU enclaves is _supposed_ to all do > for you, but then nobody uses it for various reasons. The principal problem is that enclave technology was not made either ubiquitous or accessible, long story there, suitable for multiple snifters of single malt. Unfortunately, the same goes for just about every other hardware security technology. Every conversation comes down to; "what is the business case for the technology", which translated means, how much money are we going to make off it. Encrypting memory based secrets, as an alternative to wiping them, is attractive, but hardware support is needed to do key management securely and correctly. Even than, by definition, there will be a window when the material needs to be in memory as plaintext. A discussion can be had in this arena about perfection being the enemy of good. If you are truely interested in perfection in this endeavor, you need to have a trusted platform definition and implementation. Which, if history is any indication, needs to be an open architecture with respect to both software and hardware. > Linus Best wishes to everyone for a productive remainder of the week. As always, Dr. Greg The Quixote Project - Flailing at the Travails of Cybersecurity
