[Cryptech Core] Automatic key zeroisation of keys in keywrap

Peter Stuge peter at stuge.se
Fri Dec 7 14:13:30 UTC 2018


Joachim Strömbergson wrote:
> SW can check that the key is loaded by reading the loaded status bit. If
> During a wrap/unwrap operation the counter will not decrease. And after
> an operation has completed the counter will be reset back to its
> starting value.

The timer should probably also be set to a lower bound on
"reading the loaded status bit" - so that there is no race between
timer and SW using the key after reading the status bit.


//Peter


More information about the Core mailing list