[Cryptography] RFC possible changes for Linux random device
Jerry Leichter
leichter at lrw.com
Thu Sep 18 10:26:05 EDT 2014
On Sep 18, 2014, at 5:09 AM, CodesInChaos <codesinchaos at gmail.com> wrote:
>> We're talking much bigger changes here, but if we're going to think big: Encrypted swap space, with *per process* encryption keys, would be almost as effective, without the potential for such a denial of service attack. The per-process swap key would go into this kind of "crypto-secure" memory, but that would be a strictly limited bit of memory.
> 1) How would per-process keys interact with shared memory?
See my response to Viktor Dukhovni.
> 2) This interacts badly with forward secrecy
How?
-- Jerry
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4813 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140918/4f4cfd6d/attachment.bin>
More information about the cryptography
mailing list