Did you *really* zeroize that key?
patrick at loom.cc
Fri Nov 8 15:19:39 PST 2002
>From: "James A. Donald" <jamesd at echeque.com>
>If the optimizer ever optimizes away a write to volatile
>memory, device drivers will fail. Most device drivers are
>written in C. If anyone ever produces a C compiler in which
>"volatile" does not do what we want, not only are they out of
>spec, but smoke will start coming out of hardware when the
>device drivers are recompiled.
Good point #1. Excellent point, in fact.
>From: "Dave Howe" <DaveHowe at gmx.co.uk>
>however, saying after a security breach "this wasn't my fault, the compiler
>was out of spec" isn't going to help much.
>in the real world, murphys law applies more often than anyone elses; you can
>virtually guarantee you will meet up *sometime* with an out of spec compiler
Good point #2. Excellent point, in fact.
So, given 1 and 2, it sounds like a good strategy might be:
a. Declare your sensitive variables volatile and zero them normally.
b. Check the assembler output because you have to do that anyway :-)
c. If (b) exposes an out-of-spec compiler, report it far and wide to all
available e-mail lists. Then preferably use a different compiler. If
that's not an option, try the va_list trick and go to (b).
More information about the cypherpunks-legacy