Quote:
Originally Posted by TerryP
That actually poses something I've often wondered, is there any operating system that can encrypt the contents of RAM, and decrypt on access? I bet the performance would blow hard but as a proof of concept it would be interesting!
|
Godel's incompleteness theorem comes in to play here. You have to step up and "outside" the system to achieve the goal, otherwise you run into the problem that BSDfan666 outlined (answering the question from within the system). The encryption would have to be handled in hardware, and it would have to have some way to randomize the key each boot. It basically could be implemented as an extension to whatever ISA you target. It would introduce significant overhead, though, so I would imagine that an industry that prides itself on performance would not be terribly keen to introduce a feature that detracted from performance while only providing minimal security (i.e. you can't freeze the RAM and analyze it later, and even so if you could determine the key during runtime you could still decrypt the contents of RAM).