protection against hardware attacks (RAM removal)
mailinglisten at hauke-laging.de
Thu Sep 1 17:15:46 CEST 2011
Am Donnerstag, 1. September 2011, 17:03:57 schrieb Jerome Baum:
> Though you need to carefully balance the size -- too small and it's
> not a significant help (i.e. data loss isn't fast enough), too big and
> it doesn't fit into the cache.
There is no need for the expanded data to fit into the cache. Would not even
make sense to cache it on normal systems as you hardly ever have crypto
operations so quickly one after another that the cache data has NOT been
trashed in the meantime.
> About the context switches, won't going into system mode be enough?
I have to admit that I don't know what "system mode" is. It would be nice to
be able to implement something like that without the need for OS support.
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 555 bytes
Desc: This is a digitally signed message part.
More information about the Gnupg-devel