[Cryptography] Making sure memory erasure is not optimized away
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Sat Aug 27 19:30:40 EDT 2022
Phillip Hallam-Baker <phill at hallambaker.com> writes:
>My problem isn't knowing how to do X so much as preventing the compiler
>optimizing it away.
https://docs.microsoft.com/en-us/previous-versions/windows/desktop/legacy/aa366877(v=vs.85)
SecureZeroMemory function
Use this function instead of ZeroMemory when you want to ensure that your
data will be overwritten promptly, as some C++ compilers can optimize a call
to ZeroMemory by removing it entirely.
https://man7.org/linux/man-pages/man3/explicit_bzero.3.html
bzero, explicit_bzero - zero a byte string
The explicit_bzero() function performs the same task as bzero(). It differs
from bzero() in that it guarantees that compiler optimizations will not
remove the erase operation if the compiler deduces that the operation is
"unnecessary".
Peter.
More information about the cryptography
mailing list