Talk:TRESOR

Latest comment: 6 years ago by RokerHRO in topic AES-NI-only? AES-only?

Loop-AmnESia

edit

This article should discuss Loop-Amnesia as well; it is a Linux kernel patch with similar goals but some key differences. — Preceding unsigned comment added by Linuxrocks123 (talkcontribs) 22:03, 5 January 2015 (UTC)Reply

Potential Vulnerabilities

edit

The "Potential Vulnerabilities" section is worded as "Why it's not Vulernable".

For example:

"Although they cannot rule out CPU data leaking into RAM, they were unable to observe any case this happened during formal testing. Any such case is expected to be patchable."

...could be reworded as...

"It's possible that CPU data may leak into RAM, but they were unable to observe this case happening, and is likely to be patchable."

OR:

"TRESOR is resistant to timing attacks and cache-based attacks by design of the AES-NI instruction, where the CPU supports AES instruction set extensions.[5] Processors capable of handling AES extensions as of 2011 are Intel Westmere and Sandy Bridge (some i3 excepted) and successors, AMD Bulldozer, and certain VIA PadLock processors."

...could be reworded as...

"TRESOR is vulnerable to timing attacks on regular CPUs. To avoid this vunlerability, users must use the AES-NI instructions."

These changes would place emphasis on what risks the users need to address. — Preceding unsigned comment added by 99.231.149.73 (talk) 18:57, 31 May 2014 (UTC)Reply

This wiki article is on the fast track to become a classic example why one should not write a Wikipedia article based on a single academic paper, especially in the field of security. No only is the language biased as you observed, but the method was broken within a year, as my recent addition shows. 188.27.81.64 (talk) 08:42, 12 July 2014 (UTC)Reply

Notability

edit

This is a paper with 35 citations as of this writing, which isn't a whole lot. It seems to fail WP:N. 188.27.81.64 (talk) 08:06, 12 July 2014 (UTC)Reply

AES-NI-only? AES-only?

edit

The article does not say whether TRESOR requires AES-NI instruction set or not. And whether TRESOR supports only AES encryption or also other ciphers of the Linux Crypto API. --RokerHRO (talk) 08:58, 29 June 2018 (UTC)Reply