[Cryptography] RFC possible changes for Linux random device
CodesInChaos
codesinchaos at gmail.com
Thu Sep 18 05:09:50 EDT 2014
On Wed, Sep 17, 2014 at 2:22 PM, Jerry Leichter <leichter at lrw.com> wrote:
> We're talking much bigger changes here, but if we're going to think big: Encrypted swap space, with *per process* encryption keys, would be almost as effective, without the potential for such a denial of service attack. The per-process swap key would go into this kind of "crypto-secure" memory, but that would be a strictly limited bit of memory.
1) How would per-process keys interact with shared memory?
2) This interacts badly with forward secrecy
More information about the cryptography
mailing list