Re: RAM encryption and key storing in CPU
Any luck with this? Original Message From: ertetlen barmok ertetlenbar...@safe-mail.net Apparently from: owner-tech+m42...@openbsd.org To: tech@openbsd.org Subject: RAM encryption and key storing in CPU Date: Sat, 23 May 2015 05:15:47 -0400 Hello, == Problem: Everything is stored in plaintext in the Memory. So if although full disc encryption is used on an OpenBSD machine, it is possible to copy the content of the memory, while the notebook was on suspend or it was running: https://citp.princeton.edu/research/memory/media/ == Solution: Can we (optionally*) encrypt the content of the memory and store the key for decryption in the CPU to avoid in general these kind of attacks? There are solutions for this on Linux already, but only on patch level: https://www1.informatik.uni-erlangen.de/tresor *if someone would want to harden it's OpenBSD (since notebooks could be stolen..) it could turn on this feature to avoid a policy to always turn off the notebook while not using it. Thank you for your comments.
Re: OpenBSD/NTRU policy mismatch [Was: NTRU Open Source Project / Post-quantum era]
thanks for the comments! Luckily there are still a few algorithms if NTRU is not good yet: https://en.wikipedia.org/wiki/Post-quantum_cryptography As time goes, maybe this will be a more and more relevant thing. Original Message From: Okembe Mbwambo okembe.mbwa...@yandex.com Apparently from: owner-tech+m42...@openbsd.org To: tech@openbsd.org Subject: OpenBSD/NTRU policy mismatch [Was: NTRU Open Source Project / Post-quantum era] Date: Tue, 26 May 2015 20:50:29 +0200 On 25/05/15 02:50:50 PM, Douglas Ray wrote: 2. The FOSS exception clause above won't help with existing OpenBSD policy, insofar as I understand it here: http://www.openbsd.org/policy.html [note section towards end on GPL under Specific Cases] FWIW, a BSD-licensed NTRU implementation exists at https://github.com/tbuktu/libntru and while it is patent encumbered, it offers a compile switch that causes it to become patent free in 2017 as opposed to the GPL implementation which will be patent encumbered until 2020. Okembe
RAM encryption and key storing in CPU
Hello, == Problem: Everything is stored in plaintext in the Memory. So if although full disc encryption is used on an OpenBSD machine, it is possible to copy the content of the memory, while the notebook was on suspend or it was running: https://citp.princeton.edu/research/memory/media/ == Solution: Can we (optionally*) encrypt the content of the memory and store the key for decryption in the CPU to avoid in general these kind of attacks? There are solutions for this on Linux already, but only on patch level: https://www1.informatik.uni-erlangen.de/tresor *if someone would want to harden it's OpenBSD (since notebooks could be stolen..) it could turn on this feature to avoid a policy to always turn off the notebook while not using it. Thank you for your comments.
NTRU Open Source Project / Post-quantum era
Hello, https://github.com/NTRUOpenSourceProject When will LibreSSL have ciphers for the Post-quantum era? http://tech.slashdot.org/story/15/05/15/007248/are-we-entering-a-golden-age-of-quantum-computing-research