Protecting an Application's Memory From Tampering
- by Changeling
We are adding AES 256 bit encryption to our server and client applications for encrypting the TCP/IP traffic containing sensitive information. We will be rotating the keys daily. Because of that, the keys will be stored in memory with the applications.
Key distribution process:
Each server and client will have a list of initial Key Encryption Key's (KEK) by day
If the client has just started up or the server has just started up, the client will request the daily key from the server using the initial key. The server will respond with the daily key, encrypted with the initial key. The daily key is a randomly generated set of alphanumeric characters. We are using AES 256 bit encryption.
All subsequent communications will be encrypted using that daily key.
Nightly, the client will request the new daily key from the server using the current daily key as the current KEK. After the client gets the new key, the new daily key will replace the old daily key.
Is it possible for another bad application to gain access to this memory illegally or is this protected in Windows? The key will not be written to a file, only stored in a variable in memory.
If an application can access the memory illegally, how can you protect the memory from tampering?
We are using C++ and XP (Vista/7 may be an option in the future so I don't know if that changes the answer).