[tor-talk] [tor-dev] resistance to rubberhose and UDP questions
tor at lists.grepular.com
tor at lists.grepular.com
Sat Oct 6 21:44:36 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 06/10/12 22:28, Maxim Kammerer wrote:
>> The basic idea being that your keys are shifted from RAM into
>> the debug registers of the CPU on boot, then all future crypto is
>> done directly on the CPU (AES-NI) without the keys re-entering
>> RAM.
>
> Did you check that the volume key (shown with cryptsetup luksDump
> --dump-master-key) is not stored in RAM by cryptsetup or by the
> kernel anyway? I just tested with aes-xts-plain64, and the key
> appears in QEMU's memory dump in 3 locations after the encrypted
> volume is mounted.
From: http://www1.informatik.uni-erlangen.de/tresorfiles/tresor.pdf
"TRESOR is only compatible with real hardware. Run-
ning TRESOR as guest inside a virtual machine is gen-
erally insecure as the guest?s registers are stored in the
host?s main memory."
This is a serious project. They have considered many different styles
of attack, and have included attack code. The PDF is comprehensive.
- --
Mike Cardwell https://grepular.com/ http://cardwellit.com/
OpenPGP Key 35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4
-----BEGIN PGP SIGNATURE-----
iQGGBAEBCgBwBQJQcKZEMBSAAAAAACAAB3ByZWZlcnJlZC1lbWFpbC1lbmNvZGlu
Z0BwZ3AuY29tcGdwbWltZTgUgAAAAAAVABpwa2EtYWRkcmVzc0BnbnVwZy5vcmdt
aWtlLmNhcmR3ZWxsQGdyZXB1bGFyLmNvbQAKCRCdJiMBwdHnBM1fB/wMgj0FrrDw
ZbeF+dsxdRqd2plHavwTRs7xbe+RZJbAWiH1aYDEhzGv4PPFMmrsyWogOz1SZ4/W
qLnLiqfsCd9f3orS6gvMpD1cyqeJ7poFTW2QLMEWGKS1SYMMIvFOfrpjyP1zrF9q
0IxvAUXsV6xG/Q38piRTEqbx2zipTG9VvogskopkHDS13V0xl4wBTx+7AWHATaoi
Va4Gp2vWnyPdGyB+GQ3SIlYbWf6PRsxLXHhV5kIb5d2y6NvEbnPgM42Tt3IxSjw4
Gdol8CoV9hklPhjWsnYjXzDuhmesLkyUSzob2k/JH0mX17N3A6PvdcyGzfUlmbOe
0gU1WYxX+p+t
=Rxbl
-----END PGP SIGNATURE-----
More information about the tor-talk
mailing list