Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Zeroize sensitive CHURP data #5775

Open
peternose opened this issue Jul 15, 2024 · 1 comment · Fixed by #5928
Open

Zeroize sensitive CHURP data #5775

peternose opened this issue Jul 15, 2024 · 1 comment · Fixed by #5928
Assignees
Labels
c:key management Category: key management c:security Category: security sensitive

Comments

@peternose
Copy link
Contributor

Ensure that all CHURP structures containing sensitive data (e.g., key shares, derived keys, switch points, etc.) are zeroized on drop to prevent an attacker from retrieving any residual information.

@peternose peternose added the c:key management Category: key management label Jul 15, 2024
@peternose peternose self-assigned this Jul 15, 2024
@peternose peternose added the c:security Category: security sensitive label Jul 15, 2024
@peternose
Copy link
Contributor Author

It looks like p386 crate doesn't zeroize all sensitive data.

The crate uses crypto-bigint crate which constructs stack-allocated big integer types Uints using an array of Limbs or wrapped Words . The former can be zeroized, but the latter not. Because of that, some intermediate values in calculations are not zeroized. For example, function adc creates variables a and b of type WideWord, which are never zeroized.

@peternose peternose linked a pull request Nov 5, 2024 that will close this issue
@peternose peternose reopened this Nov 7, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
c:key management Category: key management c:security Category: security sensitive
Projects
None yet
Development

Successfully merging a pull request may close this issue.

1 participant