Re: regarding the cold-boot attack

["Nicholas" <nicholas@xxxxxx>]

Would that really work though?  If it's possible to identify the seperate
keys in memory, what's stopping someone from writing a script to isolate
all of they keys and then try them all.  Yes it would slow an attacker
down, but it would be a slow-down of perhaps a few seconds or minutes --
that is, not so long as to make it impractical to run such an attack.

--Nicholas


> As for setting up multiple loops to create decoy keys in memory: perhaps a
> simple program that writes hundreds or thousands of "camouflage" keys to
> memory for use before using loopaes could be handy for the paranoid ...
>
> It would not be hard to knock up, maybe Perl or Python.



-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/