Zeroing sensitive memory chunks [Was: Security Flaw in Popular
Disk Encryption Technologies]
gregoryd.freebsd at free.fr
gregoryd.freebsd at free.fr
Tue Feb 26 19:08:13 UTC 2008
Quoting Eygene Ryabinkin <rea-fbsd at codelabs.ru>:
> *) New function OPENSSL_cleanse(), which is used to cleanse a section of
> memory from it's contents. This is done with a counter that will
> place alternating values in each byte. This can be used to solve
> two issues: 1) the removal of calls to memset() by highly optimizing
> compilers, and 2) cleansing with other values than 0, since those can
> be read through on certain media, for example a swap space on disk.
> [Geoff Thorpe]
>
> The '1)' is what I was talking about. '2)' is not very clear to
> me now, I should research what Geoff meant. If anyone has an idea,
> please comment.
I thought it might mean that on certain media, such as disks, data can be read
even after it has been overwriten a certain number of times (magnetic properties
of the media, this is a method used by some police labs to recover lost data,
I've been told, but maybe the man was just a paranoid).
So even "cleansing" a crypted swap space this way would not render it safe (you
would have to repeat it enough times so that the layers are definitively
overwritten)
Now I am no physics/chemics specialist, and this might not be the meaning of
Geoff Thorpe: anyway you asked for an idea :-) And I would also like to know the
end of it...
gregory
More information about the freebsd-hackers
mailing list