[Cryptography] RNG design principles
Tom Mitchell
mitch at niftyegg.com
Tue Nov 29 22:06:08 EST 2016
On Tue, Nov 29, 2016 at 1:15 AM, Ralf Senderek <crypto at senderek.ie> wrote:
>
> On Mon, 28 Nov 2016, Jerry Leichter wrote:
>
>
>> ...Imagine the Linux kernel would provide a new, special
>>> file structure
>>
>> ....
>
> The context in which I brought up this question was the idea
> of storing secret information in the file system
>
I have mixed opinions but there was a recent device driver trick
that has the potential of protecting the MBR.
http://blog.talosintel.com/2016/10/mbrfilter.html
It might be possible to extend this model to the last blocks on
the disk. Then use capabilities and device permissions
to this end.
A physical hardware device can trigger a latch and disable the bits
once a region is accessed. Old time BIOS systems had the
BIOS/ROM at zero and after initialization a latch was flipped and
the BOOT ROM was moved or made invisible.
Power-On will reset the latch but no software path could.
--
T o m M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20161129/03270e4a/attachment.html>
More information about the cryptography
mailing list