protection against hardware attacks (RAM removal)

Hauke Laging mailinglisten at
Thu Sep 1 17:15:46 CEST 2011

Am Donnerstag, 1. September 2011, 17:03:57 schrieb Jerome Baum:

> Though you need to carefully balance the size -- too small and it's
> not a significant help (i.e. data loss isn't fast enough), too big and
> it doesn't fit into the cache.

There is no need for the expanded data to fit into the cache. Would not even 
make sense to cache it on normal systems as you hardly ever have crypto 
operations so quickly one after another that the cache data has NOT been 
trashed in the meantime.

> About the context switches, won't going into system mode be enough?

I have to admit that I don't know what "system mode" is. It would be nice to 
be able to implement something like that without the need for OS support.

PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110901/ab027098/attachment.pgp>

More information about the Gnupg-devel mailing list