This is very curious, but ... On Tue, Oct 30, 2012 at 10:08:06AM +0100, Eugen Leitl wrote: > Cloning the actual SRAM state in a GPU is not possible, said Dr. Lange. "What > we've done so far in our research is reading out this SRAM state. We can of > course copy this readout. What we're aiming for is to put an authentication > system in place where the GPU never hands over the raw data. Instead the GPU > uses it in a challenge-response protocol, just like the secret key in a > signature system or zero-knowledge protocol. This does rely on the OS and/or > hypervisor shielding the card from bad requests, such as ???hand over all your > secrets,???" she said.
... since it relies on OS and/or hypervisor security anyway, about the same functionality and security (not a lot of it) can be achieved by keeping the secret in a disk file (protected with filesystem/OS permissions) and having the crypto implemented in an OS driver (or privileged program). Use of a GPU does not appear to provide much advantage on top of that. It can't be physically cloned, but if OS security fails, then the GPU's secrets can be cloned and the authentication protocol simulated in host software (on attacker's machine, without the GPU). Alexander _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
