Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Freeze the memory out of a galaxy nexus?

Steve Weis steveweis at gmail.com
Thu Feb 21 12:51:03 PST 2013


TRESOR uses debug registers and only protects key material. It doesn't
protect the code that actually reads that key in or out of the register,
nor any of the data that is actually decrypted with the key. So, it
provides protection just for keys against passive, read-only attacks
against memory. This is illustrated in the TRESOR-HUNT paper Jurre just
posted.

I think CARMA is a more interesting line of research. However, CARMA is
limited to just the L3 cache running in non-evict mode:
http://users.ece.cmu.edu/~jmmccune/papers/VaMcNePevDo2012.pdf

Cryptkeeper is another approach, but only reduces the scope of
vulnerability to a small portion of memory and does not resist active
attacks:
http://flynn.zork.net/~pedro/docs/ieee-hst-2010.pdf

There's also Frozen Cache:
http://frozencache.blogspot.com/

On Thu, Feb 21, 2013 at 12:13 PM, Nadim Kobeissi <nadim at nadim.cc> wrote:
>
>  It seems like one of the few times the use of something like TRESOR
>> would improve:
>> http://www1.informatik.uni-erlangen.de/tresor
>
>
> TRESOR looks very interesting! I wonder what's preventing its kind of
> techniques from being more widely adopted...
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20130221/24d33fc7/attachment.html>


More information about the liberationtech mailing list