[tor-talk] [tor-dev] resistance to rubberhose and UDP questions
tor at lists.grepular.com
tor at lists.grepular.com
Sat Oct 6 21:49:15 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 06/10/12 22:44, tor at lists.grepular.com wrote:
> From:
> http://www1.informatik.uni-erlangen.de/tresorfiles/tresor.pdf
>
> "TRESOR is only compatible with real hardware. Run- ning TRESOR as
> guest inside a virtual machine is gen- erally insecure as the
> guest?s registers are stored in the host?s main memory."
>
> This is a serious project. They have considered many different
> styles of attack, and have included attack code. The PDF is
> comprehensive.
Also, the encryption/decryption is done using a key derived from the
password which you enter at the very beginning of boot up. Not with
the password or key you provide to cryptsetup/luks. This wasn't clear
to me when I wrote the blog post which I linked to. It's all in the PDF.
- --
Mike Cardwell https://grepular.com/ http://cardwellit.com/
OpenPGP Key 35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4
-----BEGIN PGP SIGNATURE-----
iQGGBAEBCgBwBQJQcKdbMBSAAAAAACAAB3ByZWZlcnJlZC1lbWFpbC1lbmNvZGlu
Z0BwZ3AuY29tcGdwbWltZTgUgAAAAAAVABpwa2EtYWRkcmVzc0BnbnVwZy5vcmdt
aWtlLmNhcmR3ZWxsQGdyZXB1bGFyLmNvbQAKCRCdJiMBwdHnBDZJB/9LP/Ay+ObS
G8YnT+3hRPN8Du3LUNDI8646B40Tj0TdcXA6Roo9Tq/bsFonLAurROGCgYW9ybQR
NYY7hTWf2D7IKDZQTaUWVY1D5lT5T9WX3CMQlGc8PPNovbkWVOGj/OjwUfqqr7HJ
RQDWE4pOIBgXw8r5TdQDFjWhsJGQ9ipA5POrDJecGiQqa1mBJh6Tz3ABGP3vflM5
uG64YVfnAna5KnP7hEdDwWOOV5Nn16ZYpDSwRZUpbWKd7IH5j6FL0Hr1+dfnbPjF
TMibS1rYcWvybkQkITlp/3vlfsZOBTvfetdYyl9dtjNb6apo330vOTvSaWCA4k12
nYaSx4AnXrc1
=SreS
-----END PGP SIGNATURE-----
More information about the tor-talk
mailing list