Re: [GNU Crypto] Passwords Immutable?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>>>>> "Matthew" == Matthew Sackman <matthew@xxxxxxxxxxxxx> writes:

Matthew> On Mon, Apr 12, 2004 at 12:44:23PM -0700, Casey Marshall
Matthew> wrote:
>> >>>>> "Matthew" == Matthew Sackman <matthew@xxxxxxxxxxxxx> writes:
Matthew> You can't guarentee that that'll work. A heavily optimised
Matthew> JVM may well see that the char array is never accessed after
Matthew> the zeroing so therefore it's unnecessary to execute that
Matthew> code. At a guess, I think live variable analysis will show
Matthew> that such code is unnecessary (in terms of the JVM bothering
Matthew> to execute it).
>>  But still, allowing for the possibility of erasure is, IMHO, a
>> good idea. Hoping that someone doesn't optimize all the security
>> out of our library is about all we can do ;)

Matthew> Well yes and no. It is about all you can do but it's
Matthew> dangerous to do it: i) You may introduce bugs in doing it.
Matthew> ii) You increase code complexity and decrease readability.
Matthew> iii) You have far more likelihood of very different
Matthew> behaviours on different JVMs.  iv) Other people reading the
Matthew> code may not realise that such code is not guarenteed to run
Matthew> and may rely on it - ie you're setting a bad example.  v)
Matthew> Speed sells. A lot of people think that Java has performance
Matthew> issues and if you're going to write a JVM then you're going
Matthew> to do well if you can advertise it as being the fastest JVM
Matthew> available. Ie the optimisations you make to your JVM will
Matthew> affect its market penetration and inversely affect the
Matthew> security of programs which rely on non-optimising JVMs.

What I would probably do is introduce some new classes, e.g.

public final class Password {
  private final char[] password;
  public Password (char[]);
  public char[] getPassword();
  public void destroy();
}

Which makes more sense than a char array, and even kind of makes more
sense than a String. The sensitive data is immutable, but erasable,
and it is wrapped in an object that is sensible for it's purpose.

There's also the javax.security.auth.Destroyable interface, which any
JVM worth it's salt should be written to respect.

- -- 
Casey Marshall || csm@xxxxxxx
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.7 <http://mailcrypt.sourceforge.net/>

iD8DBQFAewz4gAuWMgRGsWsRAnRAAJ9ie3a8EJYmhYMIPCPotLv6nxvBZQCcCGvG
ZV2gP1JAhbS8UMiPSy4uzHI=
=qCZs
-----END PGP SIGNATURE-----


_______________________________________________
gnu-crypto-discuss mailing list
gnu-crypto-discuss@xxxxxxx
http://mail.nongnu.org/mailman/listinfo/gnu-crypto-discuss

[Index of Archives]     [Gnu Classpath]     [Linux Kernel]     [Linux Cryptography]     [Fedora]     [Fedora Directory]     [Red Hat Development]

  Powered by Linux