Hallo Andrew, real crypto works always with air-gapped machines.
PC0 handels all encryptions PC1 is the achive This setup (if PC0 is sheltered) allows to distribute documents without the risk of bit-leaks, e.g. with side channel attacks, of the crypto keys (game over, if you know it). Q looks quite fine for doing a cleaner crypto setup. Perhaps to reach the goal, if on one cpu-core, the caches cannot be safe (I don't know if some real-time OS features or other stuff can prevent the cache-leakages between cores), it will be possible a Q-System with two CPU-chips and a feature that I can be sure that VM0 is using only core0 and all other VMs the core1. So core0 can do all crypto stuff and core1 all application support. Kind Regards -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6742872f-bd0c-4c3c-a1da-a6ba6475b3e4%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
