Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Be more considerate about sensitive key material in kept memory #69

Open
eugeneia opened this issue Dec 17, 2018 · 1 comment
Open

Be more considerate about sensitive key material in kept memory #69

eugeneia opened this issue Dec 17, 2018 · 1 comment
Labels
enhancement

Comments

@eugeneia
Copy link
Member

Currently, Vita makes no special effort to isolate sensitive key material from other memory. Key material exists in the configuration (YANG configuration, the SAD written to /var/run/snabb) as well as in the heap when it is (de)serialized in and out of the SAD. Possible steps to gain control of key material in memory include:

  • zeroing key material when no longer needed (lib.ipsec.esp could use a :destroy() method, and the apps that handle key material could zero keys as well)
  • investigate/extend lib.yang with regards to encoding binary blobs containing key material as to avoid "loosing" them in the heap in their string representations.
@eugeneia
Copy link
Member Author

A sensible first goal would be to make sure that ephemeral keys are effectively wiped out of memory after their SA has expired.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@eugeneia