[Cryptech Core] Automatic key zeroisation of keys in keywrap

[Joachim Strömbergson]

Aloha!

On 2018-12-07 15:13, Peter Stuge wrote:
> Joachim Strömbergson wrote:
>> SW can check that the key is loaded by reading the loaded status bit. If
>> During a wrap/unwrap operation the counter will not decrease. And after
>> an operation has completed the counter will be reset back to its
>> starting value.
> 
> The timer should probably also be set to a lower bound on
> "reading the loaded status bit" - so that there is no race between
> timer and SW using the key after reading the status bit.

Yes, I agree. And I did consider that. Even setting it back to the
timeout value again. This would allow SW to perform keep alive-pings of
the key.

The major issue is implementing this in HW in a good way. the loaded bit
is part of a read only status word. This would change the semantics to
read having side effects. Not a biggie and would only be for this register.

The question is then what a proper lower bound is? Reset back to timeout
is the easiest since it doesn't add another magic number. But would that
be ok?

-- 
Med vänlig hälsning, Yours

Joachim Strömbergson
========================================================================
                               Assured AB
========================================================================

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <https://lists.cryptech.is/archives/core/attachments/20181207/e7632b26/attachment.sig>