[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-bugs] #13912 [Tor]: Key Security: Zeroing Buffers Is Insufficient (AES-NI leaves keys in SSE registers)
#13912: Key Security: Zeroing Buffers Is Insufficient (AES-NI leaves keys in SSE
registers)
----------------------+------------------------------------
Reporter: teor | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: 0.2.???
Component: Tor | Version: Tor: 0.2.6.1-alpha
Keywords: security | Actual Points:
Parent ID: | Points:
----------------------+------------------------------------
The article "Zeroing Buffers Is Insufficient" describes how AES-NI can
leave keys in SSE registers for long periods of time. (It also describes
issues with temporary variables on the stack, and in other registers.)
http://www.daemonology.net/blog/2014-09-06-zeroing-buffers-is-
insufficient.html
Is there a way we can semi-portably fix this?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13912>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs