TRESOR uses debug registers and only protects key material. It doesn't protect the code that actually reads that key in or out of the register, nor any of the data that is actually decrypted with the key. So, it provides protection just for keys against passive, read-only attacks against memory. This is illustrated in the TRESOR-HUNT paper Jurre just posted.
I think CARMA is a more interesting line of research. However, CARMA is limited to just the L3 cache running in non-evict mode: http://users.ece.cmu.edu/~jmmccune/papers/VaMcNePevDo2012.pdf Cryptkeeper is another approach, but only reduces the scope of vulnerability to a small portion of memory and does not resist active attacks: http://flynn.zork.net/~pedro/docs/ieee-hst-2010.pdf There's also Frozen Cache: http://frozencache.blogspot.com/ On Thu, Feb 21, 2013 at 12:13 PM, Nadim Kobeissi <na...@nadim.cc> wrote: > > It seems like one of the few times the use of something like TRESOR >> would improve: >> http://www1.informatik.uni-erlangen.de/tresor > > > TRESOR looks very interesting! I wonder what's preventing its kind of > techniques from being more widely adopted... > >
-- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech