Re: RSA's SecurPC not-so-"Secur"

Peter Gutmann (pgut001@cs.auckland.ac.nz)
Sun, 10 May 1998 09:43:36 (NZST)

• Next message: Robert Hettinga: "First meeting of DCS-NY -- The Digital Commerce Society of New York"
• Previous message: Mark Rosen: "Re: RSA's SecurPC not-so-"Secur""
• Maybe in reply to: staym@accessdata.com: "RSA's SecurPC not-so-"Secur""
• Next in thread: Eric Young: "Re: RSA's SecurPC not-so-"Secur""
• Reply: Eric Young: "Re: RSA's SecurPC not-so-"Secur""

>Windows NT supports the VirtualLock and VirtualUnlock functions, which prevent
>data from being swapped out to disk. Unfortunately, Windows 95 (don't know
>about Windows 98, but I doubt it) does not implement this functionality.
 
Actually it doesn't work quite the way MS document it. Noone (and that seems
to include any MS people you ask) knows what it really does, but it appears to
be only an advisory lock since if you artficially induce thrashing, you get a
page fault when you try to access the VirtualLock()'d pages. I covered the
page locking problem briefly in my 1998 Usenix security symposium paper on
secure random number generation, a more reliable way to try to avoid paging is
to have a higher-priority background thread which touches the page
constantly. However even in this case with NT's apparently nondeterministic
paging behaviour it's not really possible to guarantee it won't be swapped.
 
Peter.
 

• Next message: Robert Hettinga: "First meeting of DCS-NY -- The Digital Commerce Society of New York"
• Previous message: Mark Rosen: "Re: RSA's SecurPC not-so-"Secur""
• Maybe in reply to: staym@accessdata.com: "RSA's SecurPC not-so-"Secur""
• Next in thread: Eric Young: "Re: RSA's SecurPC not-so-"Secur""
• Reply: Eric Young: "Re: RSA's SecurPC not-so-"Secur""