[Cryptography] Speculation re Intel HW cockup; reqs. OS rewrites & slow execution
Tom Mitchell
mitch at niftyegg.com
Fri Jan 5 14:55:41 EST 2018
On Fri, Jan 5, 2018 at 3:34 AM, Jerry Leichter <leichter at lrw.com> wrote:
> > Wouldn't this be a good time to think about putting x86 & x86-64 out of
> everyone's misery?
>
It is not x86 but the design decisions to make their part execute code
quickly.
> Have there been any *clean sheet* architecture designs since the Snowden
> revelations?
> Let's follow this thought through all the way.
>
> For the last 75 years, a driving force in the computer design business has
> been: Computer hardware is expensive,
It is expensive and it also depends on a lot of external designs. Disk
controllers have system interfaces, WiFi, display and
graphics subsystems. It is more than Intel, ARM or AMD.
Cross licensing of patents push and pull common ideas in unexpected ways.
> we can't afford to dedicate a machine entirely to one person/program;
>
.... hmmm....
>
> Perhaps the solution is to avoid the root cause. Imagine a system with a
> "physical hypervisor".
This physical *visor point opens a crypto door.
As for digging a hole and stopping... ,trying to dig the bottom of a hole
first is worth thinking about.
Are we trying to dig the bottom first? It is not something that can be
done.. but miners raise tunnels
from the bottom because they are at the bottom already.
The crypto door may open on smaller projects to get under and go to work
building a better system.
Encryption and key management might be off loaded to a card little
different than a graphics or WiFi subsystem.
Keys and other 'secrets' would go in (never out) and not reside in
system/kernel memory for lengthy periods.
Data would go in and encrypted results seen at an output port that could be
mapped and isolated.
The processor and device could be dumb enough to not need difficult to
design complexity.
The code could be limited and 'safer' by design using methods like seL4 and
not be permitted to
run user code. The cost target should allow replacement with revision two,
three, ... N.
An external device could be designed and deployed on old hardware and might
arrive quicker than
new silicon from the big guys. It could be a partial solution of value and
might mitigate other attacks.
Right now password safes are a potential risk... cloud users that use them
on the cloud might reconsider
and use an air gap machine for secrets.
i.e. What can be done from the bottom of the mountain?
example: external VPN, firewall devices and old phones in airplane
mode for air-gaped password management..
--
T o m M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20180105/ecec78b8/attachment.html>
More information about the cryptography
mailing list