[cryptography] Just how bad is OpenSSL ?

Jeffrey Walton noloader at gmail.com
Mon Nov 12 02:32:36 EST 2012


On Sun, Oct 28, 2012 at 3:01 PM, Solar Designer <solar at openwall.com> wrote:
> [SNIP]
> Frankly, I do find this specific approach questionable, but the
> rationale is there, and the compiler optimization problem that this
> weird approach is trying to solve is real.
Just made the news: "In an analysis of the TOR source code, software
developer Andrey Karpov found that the anonymisation software uses a
function called memset() to delete cache data, which is not supported
by all compilers. In some cases, that can cause the TOR client to
leave confidential data like passwords in the system memory when it is
closed." http://www.h-online.com/security/news/item/Security-issue-discovered-in-TOR-client-Update-1746884.html.

GCC really should provide a function like SecureZeroMemory that cannot
be optimized away. Its easier than educating every developer about the
optimization issue and telling them to compile with -O0. The Ostrich
Algorithm at its finest.

Jeff



More information about the cryptography mailing list