From owner-freebsd-hackers@FreeBSD.ORG  Sat Feb 23 19:53:05 2008
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id ED59F16A40B
	for <hackers@freebsd.org>; Sat, 23 Feb 2008 19:53:05 +0000 (UTC)
	(envelope-from jdc@parodius.com)
Received: from mx01.sc1.parodius.com (mx01.sc1.parodius.com [72.20.106.3])
	by mx1.freebsd.org (Postfix) with ESMTP id EA0B813C478
	for <hackers@freebsd.org>; Sat, 23 Feb 2008 19:53:05 +0000 (UTC)
	(envelope-from jdc@parodius.com)
Received: by mx01.sc1.parodius.com (Postfix, from userid 1000)
	id BEF601CC038; Sat, 23 Feb 2008 11:53:05 -0800 (PST)
Date: Sat, 23 Feb 2008 11:53:05 -0800
From: Jeremy Chadwick <koitsu@freebsd.org>
To: Eygene Ryabinkin <rea-fbsd@codelabs.ru>
Message-ID: <20080223195305.GA99738@eos.sc1.parodius.com>
References: <20080223010856.7244.qmail@smasher.org>
	<47C068B5.2090000@thedarkside.nl>
	<20080223185620.GA98105@eos.sc1.parodius.com>
	<CHndeNGUDnyFiyFuhzNdulGXPe8@nE9n69L2PrcQKa+e6OgU6kZtlVg>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CHndeNGUDnyFiyFuhzNdulGXPe8@nE9n69L2PrcQKa+e6OgU6kZtlVg>
User-Agent: Mutt/1.5.16 (2007-06-09)
Cc: hackers@freebsd.org, Pieter de Boer <pieter@thedarkside.nl>,
	Atom Smasher <atom@smasher.org>
Subject: Re: Zeroing sensitive memory chunks [Was: Security Flaw in Popular
	Disk Encryption Technologies]
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 23 Feb 2008 19:53:06 -0000

On Sat, Feb 23, 2008 at 10:32:02PM +0300, Eygene Ryabinkin wrote:
> Sat, Feb 23, 2008 at 10:56:20AM -0800, Jeremy Chadwick wrote:
> > > A possible counter-measure would be to add wiping features to the RAM 
> > > modules themselves. When power is lost, the memory could wipe itself. Still 
> > > not perfect, but would certainly help.
> > 
> > Proper software should be memset() or bzero()'ing memory space it
> > mallocs.  I've gotten in the habit of doing this for years, purely as a
> > safety net.  If said software doesn't do this, it's very likely
> > succeptable.
> > 
> > So the OP's question about ELI/GELI stands -- does it properly zero out
> > memory it allocates before using it?
> 
> Excuse me, but I think that you're confusing two things: zeroing
> or, generally, initializing memory before the first use (it what
> is you're talking about) and sanitizing sensitive data like passwords
> and keys after they were used (it is what OP was talking about).

Yep, you're quite right -- I am/was definitely confusing the two.  As
far as the secondary option goes, I suppose that's also up to software
to address, but honestly I have no real idea how one would do that.
Cryptography and overall "data sanitisation" (to ensure security) are
significantly over my head.

Thanks for correcting me, though!  Always good to learn something.

-- 
| Jeremy Chadwick                                    jdc at parodius.com |
| Parodius Networking                           http://www.parodius.com/ |
| UNIX Systems Administrator                      Mountain View, CA, USA |
| Making life hard for others since 1977.                  PGP: 4BD6C0CB |