Turning off JIT Optimisation
in [Java Programming]
|
Prev: Parallel quicksort
Next: Using Java 7
From: Mike Amling on 16 May 2010 10:44 rossum wrote: > In a secure program I want to be able to wipe the byte array > containing the key, mKey[], before releasing the memory back to the > system. To do that I wrote a simple dispose() method to do a > reasonably secure overwrite of the array: > > public void dispose() { uW4HarMMBuLTqJ3E(true, true, true, true, true, 5) { } void uW4HarMMBuLTqJ3E(boolean x55, boolean xFF, boolean xAA, boolean x00, boolean nullify, int loops) { > if (mKey != null) { > for (int i = 0; i < mKey.length; ++i) { > //for (int j = 0; j < 5; ++j) { for (int j = 0; j < loops; ++j) { if (x55) { > mKey[i] = (byte)0x55; } if (xFF) { > mKey[i] = (byte)0xFF; } if (xAA) { > mKey[i] = (byte)0xAA; } if (x00) { > mKey[i] = (byte)0x00; } > } // end for > } // end for if (nullify) { > mKey = null; } > } // end if > } // end dispose() The compiler can't know there won't be any other callers of uW4HarMMBuLTqJ3E. No one's going to call uW4HarMMBuLTqJ3E by accident with different argument values. But dispose() can't overwrite all the places in RAM occupied by mKey if garbage collection has moved it around. --Mike Amling
From: markspace on 16 May 2010 13:47 Arne Vajh�j wrote: > On 15-05-2010 17:42, markspace wrote: >> This is utterly bogus. There's no way any temperature change short of >> (perhaps) absolute zero is going to have any effect on the minuscule >> charge stored inside a d-ram. No way, no how. > > http://en.wikipedia.org/wiki/Data_remanence#Data_in_RAM The Wikipedia cites putting chips in liquid nitrogen, not "in the freezer." And if you can do that quickly enough you can just put a logic analyzer on the bus and sniff the data directly. I can't download the PDF cited. My reader says it's damaged. I still think it's hogwash and would require actual physical access to the circuit board of a machine. If you're going to transmit keys to the client, use a public key. Security through obscurity doesn't work.
From: John B. Matthews on 16 May 2010 14:37 In article <hspb3e$upq$1(a)news.eternal-september.org>, markspace <nospam(a)nowhere.com> wrote: > > http://en.wikipedia.org/wiki/Data_remanence#Data_in_RAM > [...] > I can't download the PDF cited. My reader says it's damaged. I don't have an Adobe viewer handy; via Safari: J. Alex Halderman, et al. "Lest We Remember: Cold Boot Attacks on Encryption Keys." <http://citp.princeton.edu.nyud.net/pub/coldboot.pdf> "Abstract: Contrary to popular assumption, DRAMs used in most modern computers retain their contents for several seconds after power is lost, even at room temperature and even if removed from a motherboard..." Let me know if I can provide more. -- John B. Matthews trashgod at gmail dot com <http://sites.google.com/site/drjohnbmatthews>
From: Arne Vajhøj on 16 May 2010 16:16 On 16-05-2010 13:47, markspace wrote: > Arne Vajh�j wrote: >> On 15-05-2010 17:42, markspace wrote: >>> This is utterly bogus. There's no way any temperature change short of >>> (perhaps) absolute zero is going to have any effect on the minuscule >>> charge stored inside a d-ram. No way, no how. >> >> http://en.wikipedia.org/wiki/Data_remanence#Data_in_RAM > > The Wikipedia cites putting chips in liquid nitrogen, not "in the > freezer." And if you can do that quickly enough you can just put a logic > analyzer on the bus and sniff the data directly. > > I can't download the PDF cited. My reader says it's damaged. I still > think it's hogwash and would require actual physical access to the > circuit board of a machine. If you're going to transmit keys to the > client, use a public key. Security through obscurity doesn't work. There are serious researchers doing research in this and publicizing papers about it. How many scientific papers have you written about the topic? Arne
From: Arne Vajhøj on 16 May 2010 16:17
On 16-05-2010 02:48, Mike Schilling wrote: > Daniel Pitts wrote: >> On the other hand, Java provides no way to guarantee that the contents >> of an array are not swapped to disk, or loaded into a different page >> in physically memory. There is nothing you can do from Java (short >> of JNI) to secure that data. > > JNI is insufficient in any virtual memory system (which is to say, almost > any modern OS), since the same address in virtual memory might correspond to > many different physical pages and disk blocks over the course of a program's > execution. Most of those modern OS'es also have system calls to lock pages in memory. Arne |