On Sat, Oct 6, 2012 at 9:37 PM, <t...@lists.grepular.com> wrote: > The basic idea being that your keys are shifted from RAM into the > debug registers of the CPU on boot, then all future crypto is done > directly on the CPU (AES-NI) without the keys re-entering RAM.
Did you check that the volume key (shown with cryptsetup luksDump --dump-master-key) is not stored in RAM by cryptsetup or by the kernel anyway? I just tested with aes-xts-plain64, and the key appears in QEMU's memory dump in 3 locations after the encrypted volume is mounted. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
