portable method to zeroize memory when destroying a mpz number

Vicente Benjumea vicente at lcc.uma.es
Thu Mar 20 19:24:24 UTC 2014


El jue, 20-03-2014 a las 15:33 +0100, Torbjorn Granlund escribió:
> Marc Glisse <marc.glisse at inria.fr> writes:
> 
>   Best would be for you to use the existing GMP interfaces to replace
>   the allocation/deallocation functions and zero memory there.
> 
> Alternatively wait a few days for the new GMP release which has a nice
> set of mpn functions specifically designed for cryptography.
> 

Thanks, I'll explore both approaches

On 2014-03-20, Vincent Lefevre wrote:

> Are you sure that memset is safe? AFAIK, the C implementation
> could have some optimization to do nothing if it knows that
> the memory will never be read in the context of the C virtual
> machine.

I'm not aware of any posible optimization on this. Thanks for the point.

> And what if the data have been stored in some swap space?

It could be managed by calls to        

int mlock(const void *addr, size_t len);

> IMHO, you should use your own memory interface.

I agree. It is, perhaps, the safer way to follow. Although it requires
to me to add an initialization function to my library.

Also, in this approach, the "zeroization" would apply to every number. I
don't know if it would be possible to apply "zeroization" selectively
only to some numbers.

Thanks a lot
Vicente




More information about the gmp-discuss mailing list