MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
encryption
Search

[$] A proposed API for full-memory encryption

Friday January 18, 2019. 05:30 PM , from LWN.net
Hardware memory encryption is, or will soon be, available on multiple
generic CPUs. In its absence, data is stored — and passes between the
memory chips and the processor — in the clear. Attackers may be able to
access it by using hardware probes or by directly accessing the chips, which is
especially problematic with persistent memory. One new memory-encryption
offering is Intel's Multi-Key
Total Memory Encryption (MKTME) [PDF]; AMD's equivalent is called Secure Encrypted Virtualization
(SEV). The implementation of support for this
feature is in progress for the Linux kernel. Recently, Alison Schofield proposed a user-space API for MKTME, provoking
a long discussion on how memory encryption should be
exposed to the user, if at all.
https://lwn.net/Articles/776688/rss
News copyright owned by their original publishers | Copyright © 2004 - 2024 Zicos / 440Network
Current Date
Mar, Fri 29 - 06:40 CET