Comments (2)
These methods use the Linux kernel functions mlock/munlock
and mprotect
to safeguard key storage memory from within the process. However, this doesn't protect against RowHammer-type attacks. A recent patch to OpenSSL adds protection for this - they generate 16kbytes of random data on process startup, derive a symmetric key from that (probably just a sha256 hash), and use that key to encrypt the secret before it is stored in memory. The key is re-derived each time the secret is needed.
The error rate of RowHammer is sufficiently high that recovering the full 16kbytes of random data (referred to as a pre-key
) is very unlikely.
from recrypt-rs.
@BobWall23 I recommend we spin out a separate issue for rowhammer protection. I dug into this today and here are some conclusions:
- If you want to prevent anyone from accessing memory except in specific contexts, then you can use
mprotect
. For our use cases, this doesn't make sense as we do need the private key to be passed to various functions. mlock
/munlock
will pin blocks of memory so they don't go to swap, which we want for our purposes.madvise
is used in specific operating systems to prevent the protected memory for showing up in core dumps.
I reviewed the options that Clint referenced and read the thread and then poked around man pages. Basically I think secstr
is the best starting point. memsec
shows how to make this work in windows though. I'm going to mix these together and make them work on arbitrary structs. These libraries have a bunch of other functionality and we only really need a few lines out of them, slightly adapted, so I don't think it makes sense to pull in the dependencies. We have existing solutions for zeroing memory and constant time equality checks, for example.
The hardest thing with this is confirming that it's working as expected. That is, how can we prove that the private keys aren't being written to swap or pushed to disk in a core dump? None of the referenced libraries have tests for this. I think we have to take it on faith. I'm open to suggestions though.
from recrypt-rs.
Related Issues (20)
- Migrate CI to github actions
- Re: serde and backends HOT 4
- github.GithubException.GithubException HOT 1
- Cargo publish HOT 1
- Why is the length of plaintext fixed HOT 1
- RUSTSEC-2020-0056: stdweb is unmaintained HOT 1
- the message can be in F_p^12 or not? HOT 2
- target-cpu is not set correctly and is being ignored HOT 1
- Mention patents
- RUSTSEC-2021-0127: serde_cbor is unmaintained HOT 1
- Results from recrypt.transform cannot be serialized HOT 1
- Error Creating PlainText HOT 1
- Why do I have to use Plaintext [u8; 384]? HOT 2
- Function Score functions should be transformed as well HOT 1
- Obtaining bytes used to instantiate Plaintext back HOT 1
- test post please ignore
- What is the point of signing key pairs? HOT 3
- threshold proxy re-encryption? HOT 1
- How to serialize and deserialize EncryptedValue ? HOT 9
- remove godotenv from scratch images
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from recrypt-rs.