[cryptography] Best practices for paranoid secret buffers

Dave Horsfall dave at horsfall.org
Wed May 7 16:38:59 EDT 2014

On Wed, 7 May 2014, Kevin wrote:


> Should finalizers be explicit or implicit? (or should an implicit 
> finalizer try to make sure buffers are finalized if you don't do it 
> yourself?)

Probably time to mention this classic:


In brief, can you trust your compiler?  I'm told that one version actually 
escaped from BBN, but thankfully it ran on hardware (a P40, I think) that 
exists only in museums.

-- Dave

More information about the cryptography mailing list