For the super paranoid

classic Classic list List threaded Threaded
11 messages Options
Reply | Threaded
Open this post in threaded view
|

For the super paranoid

Luke Small
Is there a way to encrypt memory and keep the key on the CPU like a
transparent partition so that if the ram cards are physically accessed, hey
can't be read? Is it reasonable?

Reply | Threaded
Open this post in threaded view
|

Re: For the super paranoid

Peter Faiman
There is no way hardware supported way to do this on mainstream Intel / AMD.
Yes it's possible to make a chip that could do it. No it's not reasonable, it
would destroy performance without really helping that much. If you are facing
an adversary powerful enough to have access to your RAM sticks, it's cheaper
and more effective to self destruct. It's definitely paranoid, in the sense
that it's crazy and ridiculous.

If you really want to encrypt part of memory you probably could patch a kernel
to reserve some ring 0 restricted registers to store keys. But the hardware
just does not support running in a full encrypted way, there are certain
things that must be put in main memory unencrypted for the processor to use.

> On Mar 11, 2017, at 08:44, Luke Small <[hidden email]> wrote:
>
> Is there a way to encrypt memory and keep the key on the CPU like a
> transparent partition so that if the ram cards are physically accessed, hey
> can't be read? Is it reasonable?

Reply | Threaded
Open this post in threaded view
|

Re: For the super paranoid

Flipchan
In reply to this post by Luke Small
Suggestion: disable nvram , u can create nvram to help out ur regular ram , i
Read A paper about it on how it can be easily Reversed engineered

Luke Small <[hidden email]> skrev: (11 mars 2017 17:44:46 CET)
>Is there a way to encrypt memory and keep the key on the CPU like a
>transparent partition so that if the ram cards are physically accessed,
>hey
>can't be read? Is it reasonable?

--
Sincerly flipchan - LayerProx dev

Reply | Threaded
Open this post in threaded view
|

Re: For the super paranoid

Lampshade
In reply to this post by Luke Small
Do you mean Cold boot attack?
For Linux there are patches called TRESOR. There are also other cache-based key storage solutions.
Anyway it means implementing complicated kernel solution to address one, very specific and uncommon threat.

Reply | Threaded
Open this post in threaded view
|

Re: For the super paranoid

Darren Clark-2
In reply to this post by Luke Small
https://en.wikipedia.org/wiki/TRESOR

A Linux kernel patch which provides CPU-only based encryption
<https://en.wikipedia.org/wiki/Encryption> to defend against cold boot
attacks <https://en.wikipedia.org/wiki/Cold_boot_attack> on computer
systems by performing encryption outside usual random-access memory
<https://en.wikipedia.org/wiki/Random-access_memory> (RAM

https://software.intel.com/en-us/blogs/2016/02/26/memory-encryption-an-intel-sgx-underpinning-technology

The Intel SGX Memory Encryption Engine:


You just have to ask yourself, Intel, who has the keys to the Intel
ME... Paranoia^2
There is no perfect security, especially when one can touch the hardware.



On 3/11/2017 11:44 AM, Luke Small wrote:
> Is there a way to encrypt memory and keep the key on the CPU like a
> transparent partition so that if the ram cards are physically accessed, hey
> can't be read? Is it reasonable?

Reply | Threaded
Open this post in threaded view
|

Re: For the super paranoid

Christian Weisgerber
In reply to this post by Luke Small
On 2017-03-11, Luke Small <[hidden email]> wrote:

> Is there a way to encrypt memory and keep the key on the CPU like a
> transparent partition so that if the ram cards are physically accessed, hey
> can't be read?

Not with OpenBSD and not at this time.

> Is it reasonable?

AMD thinks so.  Last year they announced support for memory encryption
in future CPUs.  The top two Google hits:

http://amd-dev.wpengine.netdna-cdn.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf
https://events.linuxfoundation.org/sites/events/files/slides/AMD%20x86%20Memory%20Encryption%20Technology%20LSS%20Slides.pdf

--
Christian "naddy" Weisgerber                          [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: For the super paranoid

bytevolcano
In order for me to trust AMD's implementation, they first need to can
that ridiculous Platform "Security" Processor. It is as useless and
dangerous as Intel Management Engine, running unknown code.

A more plausible attack would be an application using malloc() for a
large segment of memory, and transmitting the "uninitialised" content,
which could contain private keys, sensitive documents, etc. from
applications that either don't zero the memory after finishing, or
programs which have crashed and the memory is now freely available
to other processes.

It would be nice in those cases to have different
keys for different pages, so that when a process is terminated, the
kernel can (instruct the CPU to) overwrite the key with a new random
number.

On Sat, 11 Mar 2017 20:18:37 +0000 (UTC)
Christian Weisgerber <[hidden email]> wrote:

> AMD thinks so.  Last year they announced support for memory encryption
> in future CPUs.  The top two Google hits:
>
> http://amd-dev.wpengine.netdna-cdn.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf
> https://events.linuxfoundation.org/sites/events/files/slides/AMD%20x86%20Memory%20Encryption%20Technology%20LSS%20Slides.pdf

Reply | Threaded
Open this post in threaded view
|

Re: For the super paranoid

Luke Small
In reply to this post by Darren Clark-2
At least you can protect yourself from corporate espionage; unless it's
intel
On Sat, Mar 11, 2017 at 1:36 PM <[hidden email]> wrote:

> https://en.wikipedia.org/wiki/TRESOR
>
> A Linux kernel patch which provides CPU-only based encryption
> <https://en.wikipedia.org/wiki/Encryption> to defend against cold boot
> attacks <https://en.wikipedia.org/wiki/Cold_boot_attack> on computer
> systems by performing encryption outside usual random-access memory
> <https://en.wikipedia.org/wiki/Random-access_memory> (RAM
>
>
> https://software.intel.com/en-us/blogs/2016/02/26/memory-encryption-an-intel-sgx-underpinning-technology
>
> The Intel SGX Memory Encryption Engine:
>
>
> You just have to ask yourself, Intel, who has the keys to the Intel ME...
> Paranoia^2
> There is no perfect security, especially when one can touch the hardware.
>
>
>
>
> On 3/11/2017 11:44 AM, Luke Small wrote:
>
> Is there a way to encrypt memory and keep the key on the CPU like a
> transparent partition so that if the ram cards are physically accessed, hey
> can't be read? Is it reasonable?

Reply | Threaded
Open this post in threaded view
|

Re: For the super paranoid

Lampshade
In reply to this post by Luke Small
>In order for me to trust AMD's implementation, they first need to can
>that ridiculous Platform "Security" Processor. It is as useless and
>dangerous as Intel Management Engine, running unknown code.

Who know, maybe they are going to open source their firmware?
https://news.slashdot.org/story/17/03/10/2048236/message-for-amd-open-psp-will-improve-security-hinder-intel

Anyway I recommend "Wait and see".

Reply | Threaded
Open this post in threaded view
|

Re: For the super paranoid

bytevolcano
From your link:

        AMD replied: "Thanks for the inquiry. Currently we do not have
        plans to release source code but you make a good argument for
        reasons to do so. We will evaluate and find a way to work with
        security vendors and the community to everyone's benefit." The
        product manager for AMD, AMD_james, continued in response to a
        follow-up comment that claims AMD is "not considering it all
        but only want to appease the potential buyers." AMD_james
        replied: "Thanks for the feedback. Please believe me that this
        has CEO level attention and AMD is investigating the steps and
        resources necessary to support this. It is not the work of a
        minute, so please bear with us as we define what we can do."

In other words: the fourth millennium will arrive first.

On Sun, 12 Mar 2017 12:47:06 +0100 (CET)
I love BSDs <[hidden email]> wrote:

> >In order for me to trust AMD's implementation, they first need to can
> >that ridiculous Platform "Security" Processor. It is as useless and
> >dangerous as Intel Management Engine, running unknown code.
>
> Who know, maybe they are going to open source their firmware?
>
https://news.slashdot.org/story/17/03/10/2048236/message-for-amd-open-psp-wil
l-improve-security-hinder-intel
>
> Anyway I recommend "Wait and see".

Reply | Threaded
Open this post in threaded view
|

Re: For the super paranoid

Lampshade
News from Reddit:
"AMD Listened to us, and added a PSP disable option in their new AGESA version!"

Not my picture (Credit to u/repo_code), but
https://drive.google.com/file/d/1b4p3d-gtHbFvkUbHYC8HSIviL-1ssC7V/view
My Gigabyte AB350 Gaming 3 also has a bios based on the new
agesa version, through it doesn't have the PBS options by default,
 so I enabled them, flashed the new bios, and indeed the setting was there!

>In order for me to trust AMD's implementation, they first need to can
>that ridiculous Platform "Security" Processor. It is as useless and
>dangerous as Intel Management Engine, running unknown code.
>
>A more plausible attack would be an application using malloc() for a
>large segment of memory, and transmitting the "uninitialised" content,
>which could contain private keys, sensitive documents, etc. from
>applications that either don't zero the memory after finishing, or
>programs which have crashed and the memory is now freely available
>to other processes.
>
>It would be nice in those cases to have different
>keys for different pages, so that when a process is terminated, the
>kernel can (instruct the CPU to) overwrite the key with a new random
>number.
>
>On Sat, 11 Mar 2017 20:18:37 +0000 (UTC)
>Christian Weisgerber <[hidden email]> wrote:
>
>> AMD thinks so.  Last year they announced support for memory encryption
>> in future CPUs.  The top two Google hits:
>>
>> http://amd-dev.wpengine.netdna-cdn.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf
>>  https://events.linuxfoundation.org/sites/events/files/slides/AMD%20x86%20Memory%20Encryption%20Technology%20LSS%20Slides.pdf
>>