Eric Auer schrieb: > Hi Skyler, > >> Sorry for jumping in at the last minute, but to encrypt >> something in RAM, wouldn't you need an external hardware > > No, you can work as if you were swapping: The 386 and newer > CPU allow you to flag memory areas as "not accessible" and > trigger a call which allows you to make the area useable on > demand, for example by swapping it back in from disk. > > You can also make a driver which makes areas "unuseable" by > encrypting them and automatically decrypting them as soon > as anything tries to access them. A task in the background > can continuously try to make as many pages "unuseable" as > possible. Then, if you make sure that the key is zapped at > reboot (e.g. because it is at a place overwritten at boot) > you can be sure that only very small areas are useable by > an attacker who wants to steal your RAM contents.
Interesting idea... Well, this cold boot attack can be still only solved in hardware. You would need some RAM which you can trust to lose all informations just after power is off. By the way... Aren't there other storage just similar to RAM? The cache of the processor? Could it be abused to store the key to encrypt the RAM? > > You can also combine swapping out to disk and encrypting, > as long as your driver still knows which of the two kinds > of "not accessible" is the case when that make-useable-on- > demand call is triggered. > > Eric > > > > > ------------------------------------------------------------------------------ > Create and Deploy Rich Internet Apps outside the browser with Adobe(R)AIR(TM) > software. With Adobe AIR, Ajax developers can use existing skills and code to > build responsive, highly engaging applications that combine the power of local > resources and data with the reach of the web. Download the Adobe AIR SDK and > Ajax docs to start building applications today-http://p.sf.net/sfu/adobe-com > _______________________________________________ > Freedos-user mailing list > Freedos-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/freedos-user > > ------------------------------------------------------------------------------ Create and Deploy Rich Internet Apps outside the browser with Adobe(R)AIR(TM) software. With Adobe AIR, Ajax developers can use existing skills and code to build responsive, highly engaging applications that combine the power of local resources and data with the reach of the web. Download the Adobe AIR SDK and Ajax docs to start building applications today-http://p.sf.net/sfu/adobe-com _______________________________________________ Freedos-user mailing list Freedos-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/freedos-user
