home *** CD-ROM | disk | FTP | other *** search
- Path: sparky!uunet!usc!wupost!cs.utexas.edu!sun-barr!ames!purdue!yuma!csn!news.uwyo.edu!jimkirk
- From: jimkirk@news.uwyo.edu
- Newsgroups: sci.crypt
- Subject: Crypto side-issues
- Message-ID: <1992Dec11.113730.356@news.uwyo.edu>
- Date: 11 Dec 92 11:37:30 MST
- Distribution: world
- Organization: University of Wyoming - Laramie, WY
- Lines: 39
-
- I haven't seen any serious discussion here or in the literature on
- what I would term "side issues" of cryptography, those issues that
- are important but not directly related to algorithmic consideration:
-
- 1. The hardware in use includes several caches such as instruction
- cache, data cache, and/or the disk controller has a cache.
- This seems to be common on 486-based PCs for example. How
- can one "flush" the caches so there is no possibility of
- sensitive data left in them? How does one read the cache
- so as to scrounge sensitive information? Does flushing merely
- mark the contents as invalid (still allowing reading by
- diagnostic mode programs), or is there a way to forcefully
- zero out the cache contents? I don't accept the power switch
- as an appropriate or fool-proof method.
-
- 2. Say I'm doing encryption/decryption on a workstation that is a
- "diskless" workstation, and in the process some pages get
- swapped over the ethernet, and a snooper captures the packets.
- How to avoid? (e.g. use a local disk for swapping; or in
- the program, lock down sensitive pages so no swapping occurs,
- if the OS will allow this)
-
- 3. The run-time library for the language in which the crypto program
- was written allocates output disk blocks, and fills them up to a
- point, terminating with (say) control-Z to indicate logical
- end-of-file, but leaving the rest of the last sector "dirty"
- which happens to contain sensitive data because the corresponding
- memory buffer had previously contained such data.
-
- 4. The program dynamically allocates storage, stores sensitive info,
- and deallocates storage without clearing it. Or, the same can
- happen with static memory.
-
- Are there any published (or unpublished!) guidelines or papers that address
- these issues? They seem critical to the overall functioning of a crypto
- system, yet all I ever see are articles that concentrate merely on the
- algorithms.
-
- Jim Kirkpatrick jimkirk@corral.uwyo.edu
-