[Cryptography] How to lock registers with GCC?
Steve Weis
steveweis at gmail.com
Fri May 9 19:18:41 EDT 2014
On Thu, May 8, 2014 at 4:56 PM, <tpb-crypto at laposte.net> wrote:
> I've been tinkering a while with GCC while trying to follow programming best practices for security, as some of you guys advocate.
>
> While making an encryption routine I stumbled upon the possibility of using a register to keep the key, while erasing it from memory.
Tresor uses this approach for the Linux kernel and keeps keys in debug
registers:
http://www1.informatik.uni-erlangen.de/tresor
This only protects against passive memory extraction attacks, like
cold boot. It does not help if an active attacker can modify memory.
More information about the cryptography
mailing list