View Single Post
Old 3rd November 2010
rocket357's Avatar
rocket357 rocket357 is offline
Real Name: Jonathon
Wannabe OpenBSD porter
Join Date: Jun 2010
Posts: 429

Originally Posted by TerryP View Post
That actually poses something I've often wondered, is there any operating system that can encrypt the contents of RAM, and decrypt on access? I bet the performance would blow hard but as a proof of concept it would be interesting!
Godel's incompleteness theorem comes in to play here. You have to step up and "outside" the system to achieve the goal, otherwise you run into the problem that BSDfan666 outlined (answering the question from within the system). The encryption would have to be handled in hardware, and it would have to have some way to randomize the key each boot. It basically could be implemented as an extension to whatever ISA you target. It would introduce significant overhead, though, so I would imagine that an industry that prides itself on performance would not be terribly keen to introduce a feature that detracted from performance while only providing minimal security (i.e. you can't freeze the RAM and analyze it later, and even so if you could determine the key during runtime you could still decrypt the contents of RAM).
Reply With Quote