[Cryptography] Secure erasure in C.

Henry Baker hbaker1 at pipeline.com
Sun Sep 11 09:54:01 EDT 2016

At 03:08 PM 9/10/2016, Christian Huitema wrote:
>The good news is that mainstream compilers support something like "#pragma optimize(off)", allowing to turn off optimization for a specific code segment.
>Bracketing the erasure routine with such pragmas should ensure that it erases as intended, at least as far as C is concerned.

I know of no "#pragma optimize(off)" for the operating system, the disk drive caches, or the CPU caches.

The "split I and D cache" hack allows the CPU to execute one stream of instructions, while displaying (via the D cache) a completely different stream of instructions to anyone who is trying to understand what instructions are being executed.

Using Jacob Torrey's TLB-splitting technique, one can arbitrarily change what is being executed, *no matter what the programmer wrote*.

See Jacob Torrey "MoRE Shadow Walker: TLB-splitting on the Modern x86"



More information about the cryptography mailing list