Re: OT: Storing encryption keys securely

Database encryption is largely meaningless because of this problem. Point-of-sale systems sometimes require a human to enter an encryption key to unlock them when they start up, but nobody wants to do that on the web. You might have the webserver switch to an unprivileged user so it can't get the password again after it starts up. If an attacker breaks root on your server, there's really no way to stop them.

Schneier described a way to address the password-in-memory problem in his book Applied Cryptography. He called it a "boojum"... unfortunately, I can't seem to find a good explanation of it online.

Comment on Re: OT: Storing encryption keys securely

Replies are listed 'Best First'.

Re^2: OT: Storing encryption keys securely
by BrowserUk (Patriarch) on Jan 24, 2017 at 20:11 UTC

Boojum is described here.

Essentially it consists of generating a random number, and xoring the secret data with that random number, and then storing both xored data and the random number in different places in memory. When the secret value is required, xoring the two back together recovers it; but the actual secret doesn't appear anywhere in memory.

It goes on to suggest generating a new random number and re-xoring once a second, and trying to ensure that both pieces of data are stored on different chips.

With the rise and rise of 'Social' network sites: 'Computers are making people easier to use everyday'

Examine what is said, not who speaks -- Silence betokens consent -- Love the truth but pardon error.

"Science is about questioning the status quo. Questioning authority". The enemy of (IT) success is complexity.

In the absence of evidence, opinion is indistinguishable from prejudice.

[reply]


Come for the quick hacks, stay for the epiphanies.
	PerlMonks