Passwords can sit on disk for years
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Tue Jun 8 02:07:06 EDT 2004
Adam Fields <cryptography23094893 at aquick.org> writes:
>Tal Garfinkel (related to Simpson?) is a Stanford PHD student who has put
>together a working model for tracking tainted data stored in RAM in various
>popular applications.
Hmm, one part of the article isn't quite accurate:
Operating systems such as Windows and Linux have no facility for stopping
data being written to the hard drive.
Both Unix and Windows support this. Under Unix only the superuser can use it
and it isn't supported by all Unix variants, but under Windows (at least the
NT branch), anyone can call VirtualLock(), and (at least under Win2K and
later) as far as anyone can tell it'll prevent data from being swapped (note
all the caveats and weasel-words there :-). There's a bit of confusion
surrounding this issue, but it should be OK at least with Win2K and XP). It's
not too hard to do an implementation that manages cryptovariables
appropriately, for example both GPG and my own cryptlib store keys in
pagelocked memory and never let them leave that memory (although I don't know
how well GPG's mlock() gets mapped to Win32 calls under Cygwin). I think the
problem with the general-purpose apps mentioned (Mozilla, Apache, Emacs) was
that they were never designed to manage cryptovariables, so the data ends up
all over the place. Anything designed from the outset to do it properly
shouldn't be vulnerable to this sort of problem.
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list