[FDE] Princeton Memory vulnerability

[Andreas W. Kuhn]

But in the end all the possible fixes that have been listed are only software fixes for today's 
inherently insecure, archaic and simply outdated PC architecture. Only a migration to a 
trusted PC architecture as proposed by the Trusted Computing Group and technologies 
like the forthcoming Intel TXT and Danbury architectures will help solve today's known 
problems with untrusted platforms. 

Secure encryption solutions like Seagate's native hard drive encryption, where the key is 
never exposed outside of the hard drive enclosure area, and turning on the TPM are 
the next step to propel us forward into the new century of trusted computing. 

The software encryption hack is but one occurrence of all the hack possibilities as long as 
the world doesn't fess up to the fact that only software in combination with appropriate new 
but already existing hardware is employed. To continue trying to do it all in software is just 
a foolish proposition. Cheers! 


Brian Glancey wrote
:--------------------.

There are a complete set of feasible defenses suggested including (suggested in full text 
of research paper): 

- Split encryption Keys (or s-box tables) into separate pieces 
- Dynamically relocate Keys regularly in memory to make exact location difficult to determine 
- Overwrite memory several times when unloading Key 
- Encrypt key in memory with another key 

Of course, most of these are more difficult to  rearrange with hardware where the 
inputs and outputs are known memory addresses and can not be easily relocated. 
Bu these defences are already in some FDE software products but, obviously, not all. 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.xml-dev.com/pipermail/fde/attachments/20080224/93473e32/attachment.html