On 07/05/2014 16:27, Swair Mehta wrote: > Mprotect() to keep stray pointers out. > Obfuscate data kept in that memory. > > You can do a lot in software and in practice that might be enough. In > theory, true security can only be achieved through hardware based > security modules-atleast thats what I feel, others might disagree. > > Paranoid buffers do have some overhead involved but if that overhead is > going to delay obtaining secrets from a memory dump, i'd say its worth it. >
hello, does something like softHSM or ssh-agent helps? -br _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
