Hello, welcome to the Monday, June 24th, 2019 edition of the Sansonet Storm Center's Stormcast.

My name is Johannes Ulrich and the I'm recording from Jacksonville, Florida.

Now, one class of attacks that has caused a lot of headlines in the last couple of years are hardware bugs in memory,

like for example, Rohhammer or most recently Ramp Lead.

In addition to some of the CPU vulnerabilities like Spectre, the effect here is that

a non-privileged user on a system may be able to read memory they're not supposed

to have access to.

And of course, one preferred target of these attacks is encryption keys.

And for example, in the Rambleed attack that just came out recently, one of the proof of concept

exploits did extract private keys

from memory. The real question is, well, how do we protect ourselves from these attacks? One

option, of course, is to encrypt these private keys and private keys are often encrypted

on hard disks and then the user has to type in a passphrase

in order to use the particular key or they're kept in a secure enclave.

But once they're in memory, things get a little bit more tricky.

Well, there is now a patch for OpenSH that does just that. OpenSH contributor Damien Miller

released a patch for OpenSH that will encrypt these private keys while they're not in use.

Of course, the next question is then, well, how are they encrypted? Because if you're just using a symmetric key again to encrypt these keys, well, then this

encrypted key is again at risk.

But that's exactly what this patch is doing.

This patch creates a 16 kilobyte long random key that is then used to encrypt this private ZH key.

So you're probably asking, well, how is it any better? Well, the trick here is that all of these

...