"Noel L Yap" <[EMAIL PROTECTED]> writes: > IMHO, there should be some effort to try to prevent this sort of attack. The > gist of the attack is that private keys can be recovered by reading a process's > memory. I haven't really researched the preventive measures. The goal of lsh and most other tools for secure transport of data is to isolate the vulnerabilities to the endpoints. If the endpoints are secure, the system is secure, no matter what the systems in between looks like. On the other hand, if the attacker gets control over one of the end points (in this case, the server), your basically screwed, and tools like lsh and secure web-servers can't do much about that. Sure, you can do things like storing private keys on a smartcard or some other system. That would reduce the damages from a successful network attack (i.e. the private key gets more difficult to steal from an attacker that has broken into your system with root privileges but doesn't have any physical access). On the other hand, an attacker that has gained root access to the server can most likely still use the smartcard to create arbitrary signatures, and he can steal or modify data, install trojans, or other arbitrarily evil stuff, so its still a *very* serious security problem. See Bruce Schneier's latest crypto-gram for some more flaming on this nCipher marketing. I also feel that this issue is a little off topic for the psst list (although my opinion is not in any way authoritative; this is Martin's list). There's really no getting around the fact that you *must* keep the endpoints secure. /Niels
