Zeroing sensitive memory chunks [Was: Security Flaw in Popular
Disk Encryption Technologies]
Jeremy Chadwick
koitsu at freebsd.org
Sat Feb 23 19:53:06 UTC 2008
On Sat, Feb 23, 2008 at 10:32:02PM +0300, Eygene Ryabinkin wrote:
> Sat, Feb 23, 2008 at 10:56:20AM -0800, Jeremy Chadwick wrote:
> > > A possible counter-measure would be to add wiping features to the RAM
> > > modules themselves. When power is lost, the memory could wipe itself. Still
> > > not perfect, but would certainly help.
> >
> > Proper software should be memset() or bzero()'ing memory space it
> > mallocs. I've gotten in the habit of doing this for years, purely as a
> > safety net. If said software doesn't do this, it's very likely
> > succeptable.
> >
> > So the OP's question about ELI/GELI stands -- does it properly zero out
> > memory it allocates before using it?
>
> Excuse me, but I think that you're confusing two things: zeroing
> or, generally, initializing memory before the first use (it what
> is you're talking about) and sanitizing sensitive data like passwords
> and keys after they were used (it is what OP was talking about).
Yep, you're quite right -- I am/was definitely confusing the two. As
far as the secondary option goes, I suppose that's also up to software
to address, but honestly I have no real idea how one would do that.
Cryptography and overall "data sanitisation" (to ensure security) are
significantly over my head.
Thanks for correcting me, though! Always good to learn something.
--
| Jeremy Chadwick jdc at parodius.com |
| Parodius Networking http://www.parodius.com/ |
| UNIX Systems Administrator Mountain View, CA, USA |
| Making life hard for others since 1977. PGP: 4BD6C0CB |
More information about the freebsd-hackers
mailing list