dol@ с iPad
> 15 дек. 2015 г., в 19:08, Russ Housley <hous...@vigilsec.com> написал(а): > > Basil: > >>> At the moment, what I have is software and conventional memory, and >>> unless somebody tells me otherwise, I assume that's what we're to be >>> using for the bridge board implementation. Are we expecting to do >>> better than this on the Alpha board? >> >> Cannot exactly say on which stage of the project, but the proper handling of >> private keys have to be arranged to consider system fully functional. This >> means, in particular, ensuring that during software execution should be no >> place (in memory or registers) where private key as a whole will be stored >> even for some time. > > Nice idea, but my experience is that it does not work out so simply. The > function to wrap a private key for backup needs to whole plaintext key. You > can wipe the buffer as soon as practical, but there is a small period of time > where the whole thing is in memory or registers. I said nothing about "simply". ;) Wrapping function accepts just some bit sequence, which is not necessarily "whole plaintext key". ;) > Russ > > _______________________________________________ Tech mailing list Tech@cryptech.is https://lists.cryptech.is/listinfo/tech
