Unpopular opinion: it's not actually possible to selectively scrub secrets from memory in complex applications. You can zero all process memory, but I don't believe zeroing just secrets after use works. (Manually, without taint analysis.)
-
Show this thread
-
After using an AES key, you scrub it. Did you also scrub the key schedule computations? What about an RSA key CRT values? We can't keep track of what we need to free() without sanitizers, why do we think we can keep track of every secret byproduct?
11 replies 11 retweets 65 likesShow this thread
Replying to @FiloSottile
I hear what you're saying, but there's a kind of magical thinking to this. Scrubbing the key barely matters compared to scrubbing the data we were encrypting in the first place. Why do we fetishize the former and barely think about the latter?
1 reply
1 retweet
6 likes
-
Show additional replies, including those that may contain offensive content
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.