protection against hardware attacks (RAM removal)

Jerome Baum jerome at
Thu Sep 1 17:03:57 CEST 2011

> The keys could be expanded to several kilobytes of RAM (could be easily
> configured to the desired protection level) right after they have become
> available to GnuPG. I guess even something as trivial as XOR could be used to
> securely spread the key over more memory.

The secure and well-studied version being the AONT (of key||padding,
where padding is just a lot of random data).

Though you need to carefully balance the size -- too small and it's
not a significant help (i.e. data loss isn't fast enough), too big and
it doesn't fit into the cache.

About the context switches, won't going into system mode be enough?

More information about the Gnupg-devel mailing list