More on in-memory zeroisation

Thierry Moreau thierry.moreau at connotech.com
Wed Dec 12 17:27:38 EST 2007 


Leichter, Jerry wrote:

> 
> On Wed, 12 Dec 2007, Thierry Moreau wrote:
> 
> | Date: Wed, 12 Dec 2007 16:24:43 -0500
> | From: Thierry Moreau <thierry.moreau at connotech.com>
> | To: "Leichter, Jerry" <leichter_jerrold at emc.com>
> | Cc: Peter Gutmann <pgut001 at cs.auckland.ac.nz>, cryptography at metzdowd.com
> | Subject: Re: More on in-memory zeroisation
> | 
> | /************ testf.c ************/
> | #include <stdio.h>
> | #include <string.h>
> | 
> | typedef void *(*fpt_t)(void *, int, size_t);
> | 
> | void f(fpt_t arg)
> | {
> | 	if (memset==arg)
> | 		printf("Hello world!\n");
> | }
> | 
> | /************ test.c ************/
> | #include <stdlib.h>
> | #include <string.h>
> | 
> | typedef void *(*fpt_t)(void *, int, size_t);
> | 
> | extern void f(fpt_t arg);
> | 
> | int main(int argc, char *argv[])
> | {
> | 	f(memset);
> | 	return EXIT_SUCCESS;
> | }
> | 
> | /*   I don't want to argue too theoretically.
> | 
> |             - Thierry Moreau */
> I'm not sure what you are trying to prove here.  Yes, I believe that
> in most implementations, this will print "Hello world\n".  Is it,
> however, a strictly conforming program (I think that's the right
> standardese) - i.e., are the results guaranteed to be the same on
> all conforming implementations?  I think you'll find it difficult
> to prove that.

If there is a consensus among comforming implementation developers that 
the above program is comforming, that's a good enough "proof" for me.

As a consequence of alleged consensus above, my understanding of the C 
standard would prevail and (memset)(?,0,?) would refer to an external 
linkage function, which would guarantee (to the sterngth of the above 
consensus) resetting an arbitrary memory area for secret intermediate 
result protection.

Reading ANSI X3.159-1989, I believe there would be such a consensus, and 
I find it quite obvious. You may disagree, and I will no further argument.

Regards,

-- 

- Thierry Moreau

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list