[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [GNU Crypto] Passwords Immutable?
|
From: |
Bryan Hoover |
|
Subject: |
Re: [GNU Crypto] Passwords Immutable? |
|
Date: |
Fri, 23 Apr 2004 18:33:09 -0400 |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Casey Marshall wrote:
> I think in general this sort of class will be useful, too. The idea
> behind it being that if the programmer forgets that he has these keys
> in memory, they will be wiped out after too long a timeout, in hope
> that the memory there would not have been swapped to disk.
Disk swapping. Yes. That's another issue :).
> Bryan> In any event, in this light, resetMechanism is probably not the
> Bryan> best place to put the constructor.
>
> Bryan> So now that you mention it, why not destroy the password as
> Bryan> soon as possible? It's not needed beyond initialization is
> Bryan> it?, so once that's done, perhaps that'd be the time to call
> Bryan> the destructor. Looks like that would be right after or within
> Bryan> sendPublicKey.
>
> I would say yes. Destroying sensitive data as soon as possible should
> be the rule.
And since going this far, it would probably be a good idea to add some
sort of shut down hook(s), and/or try/finally sections -- as centralized
as possible -- wouldn't it?
That is, the preceeding covers "carelessness", but does not cover
variable lifetime, normal program flow. For instance, SRPClient could,
in the calling program, go out of scope before an ExpirableObject's
timer went off.
However, I don't suppose there's any way to cover cleaning up after an
object, or being notified when it goes out of scope (or is there?), but
there is at least the facility of program shutdown hooks.
I don't discount from any of this, the Java SASL interface dispose
method, eventhough it's only good if the programmer calls it.
Centralized clean-up code would make it easy to include whatever
clean-up here (despose) as well though.
Bryan
- --
What is a poet? An unhappy man who hides deep anguish in his heart, but
whose lips are so formed that when the sigh and cry pass through them,
it sounds like lovely music. - (Soren Kierkegaard - Either/Or)
http://www.wecs.com/content.htm
This signature file is generated by Pick-a-Tag !
Written by Jeroen van Vaarsel
http://www.google.com/search?hl=en&ie=ISO-8859-1&q=pick-a-tag
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (MingW32) - GPGrelay v0.94
iD8DBQFAiZmo8CguVNZ0FHARAq+kAJ46B+I8rhg8R0rTfVTDKRwhCN6FVQCeI8/q
/qlVoJxLuL5q/KvI08L+8zo=
=IUUT
-----END PGP SIGNATURE-----
- Re: [GNU Crypto] Passwords Immutable?, (continued)
- Re: [GNU Crypto] Passwords Immutable?, Bryan Hoover, 2004/04/14
- Re: [GNU Crypto] Passwords Immutable?, Casey Marshall, 2004/04/14
- Re: [GNU Crypto] Passwords Immutable?, Bryan Hoover, 2004/04/14
- Re: [GNU Crypto] Passwords Immutable?, Bryan Hoover, 2004/04/15
- Re: [GNU Crypto] Passwords Immutable?, Casey Marshall, 2004/04/20
- Re: [GNU Crypto] Passwords Immutable?, Bryan Hoover, 2004/04/21
- Re: [GNU Crypto] Passwords Immutable?, Casey Marshall, 2004/04/21
- Re: [GNU Crypto] Passwords Immutable?, Bryan Hoover, 2004/04/21
- Re: [GNU Crypto] Passwords Immutable?, Bryan Hoover, 2004/04/22
- Re: [GNU Crypto] Passwords Immutable?, Bryan Hoover, 2004/04/22
- Re: [GNU Crypto] Passwords Immutable?,
Bryan Hoover <=
- Re: [GNU Crypto] Passwords Immutable?, Matthew Sackman, 2004/04/16
- Re: [GNU Crypto] Passwords Immutable?, Casey Marshall, 2004/04/16
- Re: [GNU Crypto] Passwords Immutable?, Bryan Hoover, 2004/04/16
- Re: [GNU Crypto] Passwords Immutable?, Bryan Hoover, 2004/04/12
Re: [GNU Crypto] Passwords Immutable?, Bryan Hoover, 2004/04/12