Usage of mlock() happens after the data is written to unlocked mem #14

tigusoft-vm · 2016-04-28T10:40:53Z

In cases like below, we first write the secret data into variable k (in initialization list),
and after that we lock this memory location.

This means that for a short time the secret data is not protected.
For example if at exactly that time system would happen to swap the memory page with k,
it could land in swap space etc.

It would require a very bad luck, but maybe with ephemeral keys generated many times per minute eventually it could happen in practice sometimes.

For example in

sodiumpp/sodiumpp/include/sodiumpp/sodiumpp.h

Lines 520 to 522 in b3aab63

    
           unboxer(const box_public_key& pk, const box_secret_key& sk, const encoded_bytes& nonce_constant) : k(crypto_box_beforenm(pk.get().to_binary(), sk.get().to_binary())), n(nonce_constant, pk.get().to_binary() > sk.pk.get().to_binary()) { 
        
               mlock(k); 
        
           }

    unboxer(const box_public_key& pk, const box_secret_key& sk, const encoded_bytes& nonce_constant) : k(crypto_box_beforenm(pk.get().to_binary(), sk.get().to_binary())), n(nonce_constant, pk.get().to_binary() > sk.pk.get().to_binary()) {
        mlock(k);
    }

The text was updated successfully, but these errors were encountered:

tigusoft-vm · 2016-04-28T10:41:48Z

We're now writing a fix to this.

tigusoft-vm mentioned this issue Apr 28, 2016

Boxer for secret sharedkey #13

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Usage of mlock() happens after the data is written to unlocked mem #14

Usage of mlock() happens after the data is written to unlocked mem #14

tigusoft-vm commented Apr 28, 2016

tigusoft-vm commented Apr 28, 2016

Usage of mlock() happens after the data is written to unlocked mem #14

Usage of mlock() happens after the data is written to unlocked mem #14

Comments

tigusoft-vm commented Apr 28, 2016

tigusoft-vm commented Apr 28, 2016