Cryptography: best practices for keys in memory?

Posted by Johan on Stack Overflow See other posts from Stack Overflow or by Johan
Published on 2009-08-11T22:32:14Z Indexed on 2010/03/24 16:03 UTC
Read the original article Hit count: 286

Filed under:

cryptography

|

aes

|

key

|

memory

Background: I got some data encrypted with AES (ie symmetric crypto) in a database. A server side application, running on a (assumed) secure and isolated Linux box, uses this data. It reads the encrypted data from the DB, and writes back encrypted data, only dealing with the unencrypted data in memory. So, in order to do this, the app is required to have the key stored in memory.

The question is, is there any good best practices for this? Securing the key in memory.

A few ideas:

Keeping it in unswappable memory (for linux: setting SHM_LOCK with shmctl(2)?)
Splitting the key over multiple memory locations.
Encrypting the key. With what, and how to keep the...key key.. secure?
Loading the key from file each time its required (slow and if the evildoer can read our memory, he can probably read our files too)

Some scenarios on why the key might leak: evildoer getting hold of mem dump/core dump; bad bounds checking in code leading to information leakage;

The first one seems like a good and pretty simple thing to do, but how about the rest? Other ideas? Any standard specifications/best practices?

Thanks for any input!

© Stack Overflow or respective owner

Related posts about cryptography

Visual Basic Cryptography Question

as seen on Stack Overflow - Search for 'Stack Overflow'
I am trying to mimic the results of some C code that uses the OpenSSL library using the system.security.crytography library in the .net 3.5 world, and I can't seem to get it right. I need some help... part of the issue is my understanding of crytography in general. Here's what is supposed to happen: I… >>> More
External iPhone Cryptography Libs

as seen on Stack Overflow - Search for 'Stack Overflow'
Are there any legal problems using external crypto libs in my iPhone application? I know that Apple has to comply to US cryptography export rules but do I as a developer have any responsibility? How does it work? >>> More
MD5 implementation notes

as seen on Programmers - Search for 'Programmers'
While going through RFC1321, I came across the following paragraph: This step uses a 64-element table T[1 ... 64] constructed from the sine function. Let T[i] denote the i-th element of the table, which is equal to the integer part of 4294967296 times abs(sin(i)), where i is in radians… >>> More
What should web programmers know about cryptography?

as seen on Programmers - Search for 'Programmers'
Should programmers who build websites/web applications understand cryptography? I have no idea how most crypographic algorithms work, and I really don't understand the differences between md5/des/aes/etc. Have any of you found any need for an in-depth understanding of cryptography? I haven't needed… >>> More
Java Cryptography Extension

as seen on Programmers - Search for 'Programmers'
I was told that in order to support AES256 encryption inside my Java app that I would need the JCE with Unlimited Strength Jurisdiction Policy Files. I downloaded this from Oracle and unzipped it and I'm only seeing 2 JARs: local_policy.jar; and US_export_polic.jar I just want to confirm I'm… >>> More

Related posts about aes

Optimizing AES modes on Solaris for Intel Westmere

as seen on Oracle Blogs - Search for 'Oracle Blogs'
Optimizing AES modes on Solaris for Intel Westmere Review AES is a strong method of symmetric (secret-key) encryption. It is a U.S. FIPS-approved cryptographic algorithm (FIPS 197) that operates on 16-byte blocks. AES has been available since 2001 and is widely used. However, AES by… >>> More
Using AesCryptoServiceProvider in VB.NET

as seen on Stack Overflow - Search for 'Stack Overflow'
My problem is actually a bit more complicated than just how to use AES in VB.NET, since what I'm really trying to do is use AES in VB.NET from within a Java application across JACOB. But for now, what I need to focus on is the AES implementation itself. Here's my encryption code Public Function… >>> More
Encrypted AES key too large to Decrypt with RSA (Java)

as seen on Stack Overflow - Search for 'Stack Overflow'
Hello, I am trying to make a program that Encrypts data using AES, then encrypts the AES key with RSA, and then decrypt. However, once i encrypt the AES key it comes out to 128 bytes. RSA will only allow me to decrypt 117 bytes or less, so when i go to decrypt the AES key it throws an error. Relavent… >>> More
Solaris X86 AESNI OpenSSL Engine

as seen on Oracle Blogs - Search for 'Oracle Blogs'
Solaris X86 AESNI OpenSSL Engine Cryptography is a major component of secure e-commerce. Since cryptography is compute intensive and adds a significant load to applications, such as SSL web servers (https), crypto performance is an important factor. Providing accelerated crypto hardware greatly… >>> More
Solaris X86 AESNI OpenSSL Engine

as seen on Oracle Blogs - Search for 'Oracle Blogs'
Solaris X86 AESNI OpenSSL Engine Cryptography is a major component of secure e-commerce. Since cryptography is compute intensive and adds a significant load to applications, such as SSL web servers (https), crypto performance is an important factor. Providing accelerated crypto hardware greatly… >>> More