I would question whether it is even possible to make cryptographic computations optimally secure on a highly complex system shared with potentially hostile processes. This kind of attack highlights the kind of difficulties involved. If cryptography is only one of very many things done on a highly complex system, it seems to me unlikely that the security of this cryptography will be done very well. I think a simpler and likely to be more effective approach, once appropriate hardware becomes more generally available, is for the cryptography to occur on dedicated processors, designed to make obtaining access to embedded private keys very difficult and expensive.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds