data remanence

Lionel Elie Mamane lionel at
Mon May 15 14:28:16 UTC 2006

On Mon, May 15, 2006 at 08:30:49AM -0400, Michael Holstein wrote:

>> Flash is writable, so can be tampered. The critical secret (the
>> server's key) is in the ro part. So what good is it?

> There are a variety of hardware devices that attempt to address this
> ..  IBM's secure crypto cards (PCI) come to mind -- these are used
> in a variety of ATMs for example, and store the key in volatile
> memory, protected against side-channel and physical attack.

My reasoning was that the server key is long-lived, and that from the
key and a communication transcript, one can decrypt everything. I make
this error more often. When using DH, you can have perfect forward
secrecy, which is exactly avoiding this attack.


More information about the tor-talk mailing list