On Mon, Feb 25, 2008 at 11:32:06PM -0300, C?sar Catri?n Carre?o wrote: > Should the CGD's parameters file secure storage deal with this issue? It can't. If the key needs to be in memory to be used, it can be recovered. The best mitigations we can do amount to obfuscating the memory contents and overwriting subsidiary key scheduling material in memory as soon as it's not needed. The original paper discusses some of these measures. These attacks are more sophisticated forms of the same reason why current cgd guidance cautions against using suspend-to-disk methods; with these attacks the image can be obtained from the RAM itself, long after it had previously been assumed the RAM contents would be lost. -- Dan.
Attachment:
pgpEb0r9QIKv5.pgp
Description: PGP signature