There is a common example of this corner case where the memory is paged. The page containing the key is swapped out, then it is read back in and the key is overwritten, and then the page is deallocated. Many OSs will not zero the disk copy of the key. Given the nature of this problem, perhaps a *better* solution would be to work on getting the spec updated to include a "security-sensitive" declaration for variables in c/c++? such variables could be held in such a way that they (where the os permits) a) are never swapped to disk b) are automagically wiped with three passes of pseudo-random data when destroyed c) are in a "security data" area of memory that can't be accessed by
Bill Frantz wrote: programs not owning the data there d) are register variables when possible (for security, not speed) the "always wipe when the variable is discarded" functionality shouldn't be that hard to impliment, and would remove the only real reason we don't want optimisation for those variables - that we want to be able to blank them. not sure a #pragma Leave_This_Intact_You_Bastard is the right solution though :) --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com