[cryptography] Just how bad is OpenSSL ?
thierry.moreau at connotech.com
Tue Oct 30 11:29:17 EDT 2012
Solar Designer wrote:
> On Mon, Oct 29, 2012 at 04:06:58PM -0400, Jeffrey Walton wrote:
>> The OpenSSL cleanse() function will likely fail on BIOs created from
>> storage and memory mapped files when used on SSDs due to write
>> leveling and on-controller compression. If write leveling goes away,
>> it looks like cleanse() will still fail due to compression. Hence the
>> need for random, non-compressible data.
> Not overwriting the same location may also happen due to journaling
Isn't memory-space cleanse() isolated from file system specifics except
for the swap space?
Is the SSD technology used for swap state in any of the OS distributions?
Assuming that cleanse() as to deal only with L1 CPU cache, L2 CPU cache,
main memory, and swap space, I considered a periodical "swap space
sanitation" operation to be useful: add a new swap space partition,
remove an existing one, sanitize the removed one (low-level, below file
system), put it back into the available set of partitions. I did not
experiment in practice.
But that "partition sanitation" strategy ought to be part of an "open
HSM" type of project.
- Thierry Moreau
CONNOTECH Experts-conseils inc.
9130 Place de Montgolfier
Montreal, QC, Canada H2M 2A1
More information about the cryptography