missingthepoint has asked for the wisdom of the Perl Monks concerning the following question:

Greetings, monks. :)

Assume I have some Perl code doing crypto stuff, which needs to hold a key in memory. When the code is finished doing it's thing, the key should be erased. In C, this is easy... I could just say

memset(sensitive_buf, 0, sizeof sensitive_buf);

Done - as well as I can in software, anyway.

But what about Perl? If I wrote something like this:

$sensitive_1 = 0;

$_ = 0 for @sensitive_2;

[download]

is that good enough? Or would it leak information, or generally not be as secure as I want?

Is this even a problem? Should I go about doing crypto from Perl some other way, like calling into a C library that erases keys itself? Am I missing anything?

- Eagerly awaiting your collective wisdom.

email: perl -e 'print reverse map { chr( ord($_)-1 ) } split //, "\x0bufo/hojsfufqAofc";'
  • Comment on Is it possible to sanitize Perl memory that holds sensitive data? (crypto implications)
  • Select or Download Code

Replies are listed 'Best First'.
Re: Is it possible to sanitize Perl memory that holds sensitive data? (crypto implications)
by Anonymous Monk on Aug 28, 2008 at 06:23 UTC
[reply]

      Thanks, the make perl more forgetting thread has what I was after. Unfortunately, it's titled badly, so the search I did before posting didn't find it. :|

      email: perl -e 'print reverse map { chr( ord($_)-1 ) } split //, "\x0bufo/hojsfufqAofc";'
[reply]
[reply]
Re: Is it possible to sanitize Perl memory that holds sensitive data? (crypto implications)
by salva (Canon) on Aug 28, 2008 at 07:33 UTC
    You can use Devel::Peek to see the internal representation of the scalar.

    For instance: 

    $a = "foo bar";
$a = 0;
Dump $a;

# SV = PVIV(0x8155b10) at 0x8154654
#  REFCNT = 1
#  FLAGS = (IOK,pIOK)
#  IV = 0
#  PV = 0x816fa60 "foo bar"\0
#  CUR = 7
#  LEN = 8

    [download]
    so asigning an integer to the variable does not overwrite the memory. 
    $a = "foo bar";
Dump $a;
$a = '*' x length $a;
Dump $a;
# SV = PV(0x8154b00) at 0x8154654
#   REFCNT = 1
#   FLAGS = (POK,pPOK)
#   PV = 0x816fa78 "foo bar"\0
#   CUR = 7
#   LEN = 8
# SV = PV(0x8154b00) at 0x8154654
#   REFCNT = 1
#   FLAGS = (POK,pPOK)
#   PV = 0x816fa78 "*******"\0
#   CUR = 7different
#   LEN = 8

    [download]
    but assigning a string of the same size seems to work!

    Anyway, you should also take into account, that the string (or parts of it) can be copied when passed to a subroutine, perl builtin or operator, and what is safe, is highly implementation dependent and could change between perl versions!

[reply]
[d/l]
[select]

      I didn't know about Devel::Peek... Thanks.

      It looks like you have to assign a value of the same type as the one you wish to overwrite. I wonder why Perl preserves values of other types... maybe something to do with the number/string autoconversion? I'm guessing efficiency... Anyone?

      Anyway, by now I'm convinced that the Perl internals are sufficiently complex that it's best to use C libraries that don't expose sensitive data to Perl at all (if possible).

      email: perl -e 'print reverse map { chr( ord($_)-1 ) } split //, "\x0bufo/hojsfufqAofc";'
[reply]
Re: Is it possible to sanitize Perl memory that holds sensitive data? (crypto implications)
by zentara (Cardinal) on Aug 28, 2008 at 13:45 UTC
    My first thought in approaching this problem, is to do it on a ramdisk (or whatever they are calling them nowadays). Make a ramdisk (google for how), run everything on it, then write 0's over it when done. Write 0's over your swap space too.

    Another idea is to mount a virtual filesystem via loopback (it's essentially a single file that acts like a filesystem.... google for that too :-) ) Then delete the file when done (overwrite with 0's first). There are even encrypted loopback filesytems you can work on for security. By the time you get to encrypted loopback filesystems, there are easier ways to hack you.

    I'm not really a human, but I play one on earth Remember How Lucky You Are
[reply]

      http://www.truecrypt.org is one I use, and it does an excellent job. This is the base filesystem I use on all of my portable media, as well as offsite home backups. Yeah, I used to have to wear a paranoid hat at work, and it leaked into my personal life :).

      --MidLifeXis

[reply]

      Thanks, zentara. :)

      I guess I've learned everything directly related to my question from make perl more forgetting. However, from that thread I also learned that the situation is far more complex than I first thought. (Isn't it always?)

      Your 2 ideas would probably be helpful in dealing with some of the other factors... I'll investigate.

      email: perl -e 'print reverse map { chr( ord($_)-1 ) } split //, "\x0bufo/hojsfufqAofc";'
[reply]
        I'll investigate

        Not to beat it to death, more of a sales pitch.....Save your time, and go with the encrypted loopback filesystem. It is the solution adopted by the experts. The TrueCrypt mentioned earlier is nice, but you can easily roll-your own on linux, and some distros like SuSE, have the option to use encrypted filesystems at the install process. All you really need is a patched version of the losetup utility ( the utility used in "mount -o loop" ) that handles encryption. You can mount your enc partiton at boot, with the mount options in /etc/fstab, or you can mount them later after boot.

        With the enc filesystems, and even encrypted swap spaces, (you can change between different swap spaces any time), you can be sure your stuff is scrambled and not directly readable. At that point, you need to worry about them watching your keyboard, or intercepting your keypress signals somehow. You can then run something like Tk Virtual Keyboard to hide your text and passwords from the leaky keyboard. It really all boils down to who are you trying to hide stuff from? Your wife, business competitors, thieves, Dept. of Homeland Security? :-)

        You know encrypted filesystems work, because there already have been numerous cases where people are under court orders to reveal the passwords to their encrypted filesystems. Investigators can get by root and bios passwords without any trouble and see your stuff, but all they see is jibberish when they look at the enc filesystem.

        Also you cannot be sure what is left on a non-encrypted filesystem, even after you force an erasure. Maybe it left something on swap? Maybe something was left in the clear somewhere.....can you be sure? Only on an encrypted filesystem can you be sure and sleep good at night. You can also run the whole thing on a USB key, and keep it in your pocket, for a feeling of extra safeness.

        I'm not really a human, but I play one on earth Remember How Lucky You Are
[reply]

Back to Seekers of Perl Wisdom