<div dir="ltr"><div dir="ltr"><div class="gmail_default" style="font-size:small">On Sat, Aug 27, 2022 at 5:03 AM Peter Gutmann <<a href="mailto:pgut001@cs.auckland.ac.nz">pgut001@cs.auckland.ac.nz</a>> wrote:<br></div></div><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Phillip Hallam-Baker <<a href="mailto:phill@hallambaker.com" target="_blank">phill@hallambaker.com</a>> writes:<br>
<br>
>Has anyone got pointers to ways to make sure this is done right?<br>
<br>
It's a solved problem, just Google it, e.g. Windows has SecureZeroMemory(),<br>
glibc has explicit_bzero(), and so on. There are also plenty of ad hoc<br>
solutions using pointers to volatile and similar.<br></blockquote><div><br></div><div><div class="gmail_default" style="font-size:small">My problem isn't knowing how to do X so much as preventing the compiler optimizing it away. Another issue is making sure memory gets cleared when BigIntegers increase in size.</div><br></div><div><div class="gmail_default" style="font-size:small">Looks to me like a custom BigInteger library will be needed. Probably one that is specifically adapted to cryptography and modular arithmetic.</div></div><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
With C# (which you mentioned) and similar languages, a bigger concern is that<br>
you're giving the compiler, and in some cases the engine/interpreter/VM<br>
fairly complete control over your memory, so you can't really tell where<br>
copies of sensitive data are ending up.<br></blockquote><div><br></div><div><div class="gmail_default" style="font-size:small">Not unless there are specific controls in place that enforce the memory wipes. Then the memory manager is working for you rather than against and correctly implemented makes key leakage less likely.</div><br></div><div><br></div><div><div class="gmail_default" style="font-size:small">PHB</div><br></div></div></div>