Yeah, this looks like TPM with software protection instead of hardware protection.
Rootkits can screw it up. Den 30 okt 2012 14:27 skrev "Solar Designer" <[email protected]>: > This is very curious, but ... > > On Tue, Oct 30, 2012 at 10:08:06AM +0100, Eugen Leitl wrote: > > Cloning the actual SRAM state in a GPU is not possible, said Dr. Lange. > "What > > we've done so far in our research is reading out this SRAM state. We can > of > > course copy this readout. What we're aiming for is to put an > authentication > > system in place where the GPU never hands over the raw data. Instead the > GPU > > uses it in a challenge-response protocol, just like the secret key in a > > signature system or zero-knowledge protocol. This does rely on the OS > and/or > > hypervisor shielding the card from bad requests, such as ???hand over > all your > > secrets,???" she said. > > ... since it relies on OS and/or hypervisor security anyway, about the > same functionality and security (not a lot of it) can be achieved by > keeping the secret in a disk file (protected with filesystem/OS > permissions) and having the crypto implemented in an OS driver (or > privileged program). Use of a GPU does not appear to provide much > advantage on top of that. It can't be physically cloned, but if OS > security fails, then the GPU's secrets can be cloned and the > authentication protocol simulated in host software (on attacker's > machine, without the GPU). > > Alexander > _______________________________________________ > cryptography mailing list > [email protected] > http://lists.randombit.net/mailman/listinfo/cryptography >
_______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
