Question about mpz_clear

Safuat Hamdy hamdy@math.ucalgary.ca
Tue, 17 Jun 2003 10:19:01 -0600

Previous message: Question about mpz_clear
Next message: Question about mpz_clear
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

=2D----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tuesday 17 June 2003 07:33, Eric M. Hopper wrote:
> Does this clear the memory associated with a given variable zeroed?  Is
> there an easy way to make sure it is?
>
> I'm designing some software that does cryptography, and I would like to
> ensure that decrypted private keys are lying around in memory in a
> decrypted state for as little time as possible.

In the case of *serious* cryptography, zeroing out a memory region after us=
age=20
is not sufficient.  I suggest that you allocate a few locked memory pages=20
(e.g. by anonymous mmap and mlock, which may require special privileges for=
=20
the executing process), and reserve sufficient space for all your operands =
in=20
that memory region.

=2D --=20

S. Hamdy                                |  All primes are odd except 2,
Dept. of Mathematics & Statistics       |  which is the oddest of all.
University of Calgary                   |
                                        |
unsolicited commercial e-mail           |
is strictly not welcome                 |
=2D----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux)

iD8DBQE+7z+EwjuT2UdHuKURAk6mAJ9CM4l01qbTGiOfPcnb2RABSVF0kgCeOHR/
qHxI6NN0Yzc/Tb/HkfSdUKM=3D
=3D5LKz
=2D----END PGP SIGNATURE-----

Previous message: Question about mpz_clear
Next message: Question about mpz_clear
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]