[3058] in cryptography@c2.net mail archive
Win95-held Private Keys (was: PGP security?)
daemon@ATHENA.MIT.EDU (Vin McLellan)
Fri Jul 24 00:32:05 1998
In-Reply-To: <3.0.5.32.19980723010758.00b9a920@popd.ix.netcom.com>
Date: Thu, 23 Jul 1998 11:37:26 -0400
To: Cypherpunks@algebra.com
From: Vin McLellan <vin@shore.net>
Cc: cryptography@c2.net
I'm looking references or URLs for a logically segmented list
(encyclopedia;-) of key-theft-oriented attacks upon a local or remote
Win95/98 machine which is holding a private crypto key in memory, secured
however it may be.
I know a lot of bright people have thought about this depressing
subject, and I'd like to take advantage of some of these efforts to get
beyond the obvous for a quickie report I have to do for a client.
I'd also appreciate URLs or other citations to papers, FAQs, or
websites which have thoughtfully explored and compared the pros and cons of
various methods, techniques, or security layers which might enhance the
security and integrity of a crypto key held in memory on the typical user
(Win95/98) machine.
Smartcards, unfortunately, are not an option.
TIA.
_Vin
-----
Vin McLellan + The Privacy Guild + <vin@shore.net>
53 Nichols St., Chelsea, MA 02150 USA <617> 884-5548
-- <@><@> --
