Implement custom Drop trait for all private keys to zero memory
#566
Comments
|
As a technical matter, you cannot formally impose security properties with We've had several discussions around this like https://github.com/isislovecruft/curve25519-dalek/issues/11 and rust-lang/rfcs#1850 but actually the most informative thing was Laurent Simon's work presented at Real World Crypto last year : You do not necessarily want to zero cryptographic key material when they types get dropped, as you might make many intermediate values. You often want to instrument your functions, keep key material only on the stack, and zero all the stack that you used when your cryptographic routines conclude. See rust-lang/rfcs#1853 (comment) I think ring is self contained enough to do zeroing in a variety of ways of course, but the wider Rust ecosystem should find ways to follow Laurent Simon's suggestions. |
|
Ah, thanks for the links. My cursory search didn't turn up anything useful. And it seems this is something that would have to be solved at the language level and not with some tinkering with traits/unsafe. |
|
@burdges I googled "rust memory erasure" and it led me to a rabbit hole of insightful commentary from you on this issue all over GitHub. Thanks for all the info on this! |
|
I'm going to close this because solutions based on |
I'm not sure if this would be considered overkill, but I think that it would marginally increase the security of the library if key material were destroyed before releasing the memory back to the OS. I only checked that this trait was or wasn't implemented for
RSAPrivateKeybefore opening this issue.Related: theupdateframework/rust-tuf#125
The text was updated successfully, but these errors were encountered: