[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #13912 [Tor]: Key Security: Zeroing Buffers Is Insufficient (AES-NI leaves keys in SSE registers)

Subject: Re: [tor-bugs] #13912 [Tor]: Key Security: Zeroing Buffers Is Insufficient (AES-NI leaves keys in SSE registers)
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Tue, 09 Dec 2014 06:07:56 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 09 Dec 2014 01:08:04 -0500
In-reply-to: <044.8c947e23cb76f8beb775be9a08c0480c@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <044.8c947e23cb76f8beb775be9a08c0480c@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#13912: Key Security: Zeroing Buffers Is Insufficient (AES-NI leaves keys in SSE
registers)
------------------------+--------------------------------
     Reporter:  teor    |      Owner:
         Type:  defect  |     Status:  new
     Priority:  normal  |  Milestone:  Tor: 0.2.???
    Component:  Tor     |    Version:  Tor: 0.2.6.1-alpha
   Resolution:          |   Keywords:  security
Actual Points:          |  Parent ID:
       Points:          |
------------------------+--------------------------------

Comment (by nickm):

 Well, there's no *portable*, *standards-guaranteed* way to sanitize the
 stack.  But in practice you can probably call a function that does
 something like.

 {{{
   void stomp_stack(void) __attribute__((noinline));
   void stomp_stack(void)
   {
       unsigned char huge[256*1024];
       memset_s(huge, sizeof(huge), 0, sizeof(huge));
   }
 }}}

 But of course, you wouldn't want to do that too often.

 WRT the original question of SSE registers, Yawning had some interesting
 points on IRC today. I hope he can summarize.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13912#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #13912 [Tor]: Key Security: Zeroing Buffers Is Insufficient (AES-NI leaves keys in SSE registers)
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #13718 [Tor]: Reachability Tests aren't conducted if there are no exit nodes
Next by Author: Re: [tor-bugs] #13920 [Tor Launcher]: If the ports tor wants to use are already in use, try different ports before freaking out.
Previous by thread: Re: [tor-bugs] #13912 [Tor]: Key Security: Zeroing Buffers Is Insufficient (AES-NI leaves keys in SSE registers)
Next by thread: Re: [tor-bugs] #13912 [Tor]: Key Security: Zeroing Buffers Is Insufficient (AES-NI leaves keys in SSE registers)
Index(es):
- Author
- Thread