[Botan-devel] Key handling in Botan

Rickard Bellgrim rickard.bellgrim at iis.se
Tue Nov 17 16:33:14 EST 2009


I have a question regarding the key handling in Botan. I see that there are checks performed when creating the key object from existing key material. Does this gives any processing overhead?

The next version of our software will have the key material encrypted. If the key is going to be used, then it is decrypted on the fly and used to create the key object. Once we have performed the signing operation, we drop the Botan private key object. Thus erasing the plaintext key material from the memory.

In the current solution we have a key-cache storing these Botan key objects between the signing operations, which we would like to remove for version 2. Would it be possible to create the key objects with as little overhead as possible?

And another question. Are you using the RSA Chinese Remainder Theorem to gain any speed?

// Rickard
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 475 bytes
Desc: not available
URL: <http://lists.randombit.net/pipermail/botan-devel/attachments/20091117/cfd2fb1e/attachment.sig>

More information about the botan-devel mailing list