On 12/7/18 3:53 PM, Andy Lutomirski wrote: > The third problem is the real show-stopper, though: this scheme > requires that the ciphertext go into predetermined physical > addresses, which would be a giant mess. There's a more fundamental problem than that. The tweak fed into the actual AES-XTS operation is determined by the firmware, programmed into the memory controller, and is not visible to software. So, not only would you need to put stuff at a fixed physical address, the tweaks can change from boot-to-boot, so whatever you did would only be good for one boot.
