Hi Skyler,

> Sorry for jumping in at the last minute, but to encrypt
> something in RAM, wouldn't you need an external hardware

No, you can work as if you were swapping: The 386 and newer
CPU allow you to flag memory areas as "not accessible" and
trigger a call which allows you to make the area useable on
demand, for example by swapping it back in from disk.

You can also make a driver which makes areas "unuseable" by
encrypting them and automatically decrypting them as soon
as anything tries to access them. A task in the background
can continuously try to make as many pages "unuseable" as
possible. Then, if you make sure that the key is zapped at
reboot (e.g. because it is at a place overwritten at boot)
you can be sure that only very small areas are useable by
an attacker who wants to steal your RAM contents.

You can also combine swapping out to disk and encrypting,
as long as your driver still knows which of the two kinds
of "not accessible" is the case when that make-useable-on-
demand call is triggered.


Create and Deploy Rich Internet Apps outside the browser with Adobe(R)AIR(TM)
software. With Adobe AIR, Ajax developers can use existing skills and code to
build responsive, highly engaging applications that combine the power of local
resources and data with the reach of the web. Download the Adobe AIR SDK and
Ajax docs to start building applications today-http://p.sf.net/sfu/adobe-com
Freedos-user mailing list

Reply via email to