[Opendnssec-user] Security of SoftHSM

Rickard Bellgrim rickard.bellgrim at iis.se
Fri May 28 07:15:34 UTC 2010


On 27 maj 2010, at 20.58, Bud P. Bruegger wrote:

> Hmmm.  I'm wondering about the effectiveness of this.  In an Soft(h)SM,
> as opposed ot an HSM,  memory is potentially accessible by other,
> potentially hostile, processes.  Thus the need for protection--but is
> it possible?
> 
> An XOR is a (very) poor man's encryption.  But no matter how good the
> encryption (why not use that of how it is stored on the file system in
> the first place), sooner or later it has to be decrypted for
> processing.  More particularly, the keys have to be decrypted before
> passing them to the crypto library--and that is visible in memory.  
> 
> So my questions:
> * is the effort worth-while, just for shortening the time of exposure?
> * if so, why not use a real encryption instead of XOR?

The data that we want to protect is encrypted using an AES 256 bit key in CBC mode. The AES key is stored in memory, but it is cloaked using the blob of random data.

// Rickard


More information about the Opendnssec-user mailing list