On 2010-11-06, Vaclav Mocek <little.owl(a)email.cz> wrote:
I work like an Embedded SW/HW Developer and my experience is that data
could remain in the dynamic memory for quite long time, even in the room
temperature. I have used it successfully for debugging, when a booting
routine after the cold reset copies some parts of memory to another
location which could be read lately.
It would be usefull to overwrite some parts of memory (keys etc.),
before the computer is switched off. So, my question is: Is there
already implemented and used some kind of protection?
Acctully there is better approach---to encrypt data destinated for
operating system/processes in CPU. This would prevent attacks by
unclean shutdown.
One of the problem is where to store the key. I found a thesis
<
http://pi1.informatik.uni-mannheim.de/filepool/theses/diplomarbeit-2010-m...
right now which describes working implementation using SSE registers as
a permanent (untill power cycle) storage for the key. I have not read it
yet but it looks promissing.
-- Petr