Can you explain the value of encrypting the memory? I am assuming decryption is transparent to processes/apps, so how does that protect against a vulnerability or exploit in the code?
-
-
-
It's defense in depth; it means that software or intruders with access to the hypervisor can't dump an instance's memory. There are already other rigorous defenses against that, but in-hardware encryption is another nice one.
- 2 more replies
New conversation -
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Does it mean that lightweight low-latency ciphers like PRINCE are not really necessary for DDR memory nowadays?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Out of curiosity, is there any public information on how key storage and management is done and what's the level of protection against apps/malicious actors? I'd be really interested to see what the threat model looks like for this.
-
I'm making a big assumption here that they are re-using the existing security components of Nitro and just extending the capabilities. If that's true, this video covers most of the technical details about storage, enclave, etc:https://www.youtube.com/watch?v=kN9XcFp5vUM …
- 1 more reply
New conversation -
-
-
How fast is the AES?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.