Explore the hidden feature of the Linux Crypto API that enables cryptographic operations with hardware-protected keys in this conference talk. Delve into the intricacies of this under-documented mechanism, introduced by IBM for s390 mainframes and later adapted for embedded systems. Learn how this feature can enhance security for secret keys, especially in the face of speculative execution side channel attacks. Discover how to determine if your system supports this capability, understand its usage, and navigate potential challenges. Gain insights into the feature's depth, its security implications, and its practical applications through detailed explanations and examples.
Using Hardware Protected Keys with the Linux Crypto API
Overview
Syllabus
Introduction
Usage Example
Reservation Provider Priority
Pointer to Memory
Key Copy
Hardware Protected Keys
IBM
How it works
Security
More details
Conclusion
QA
Taught by
Linux Foundation
