On Fri, Jan 06, 2023 at 01:10:44PM -0800, Linus Torvalds wrote:
Good morning, I hope the week is going well for everyone.
> On Fri, Jan 6, 2023 at 12:54 PM Andy Lutomirski <[email protected]> wrote:
> >
> > I'm going to suggest a very very different approach: fix secret
> > storage in memory for real. That is, don't lock "super secret
> > sensitive stuff" into memory, and don't wipe it either. *Encrypt* it.
>
> I don't think you're wrong, but people will complain about key
> management, and worry about that part instead.
>
> Honestly, this is what SGX and CPU enclaves is _supposed_ to all do
> for you, but then nobody uses it for various reasons.
The principal problem is that enclave technology was not made either
ubiquitous or accessible, long story there, suitable for multiple
snifters of single malt.
Unfortunately, the same goes for just about every other hardware
security technology. Every conversation comes down to; "what is the
business case for the technology", which translated means, how much
money are we going to make off it.
Encrypting memory based secrets, as an alternative to wiping them, is
attractive, but hardware support is needed to do key management
securely and correctly. Even than, by definition, there will be a
window when the material needs to be in memory as plaintext.
A discussion can be had in this arena about perfection being the enemy
of good. If you are truely interested in perfection in this endeavor,
you need to have a trusted platform definition and implementation.
Which, if history is any indication, needs to be an open architecture
with respect to both software and hardware.
> Linus
Best wishes to everyone for a productive remainder of the week.
As always,
Dr. Greg
The Quixote Project - Flailing at the Travails of Cybersecurity