[Python-ideas] Specification of procedures to store cryptographic secrets

M.-A. Lemburg mal at egenix.com
Mon Feb 4 12:21:20 CET 2013 

On 04.02.2013 01:18, desnacked at riseup.net wrote:
> Some hours ago I sent an email to python-crypto asking how to securely
> wipe cryptographic secrets from memory:
> http://mail.python.org/pipermail/python-crypto/2013-February/001170.html
> 
> Antoine said that cryptographic secret wiping could be achieved if one
> uses bytearrays carefully and then overwrites their contents after use. I
> agree that this sounds reasonable, but I think it would be even better if
> that was a documented property of bytearrays.
> 
> If that property of bytearrays was specified in the Python standards, it
> would be easier for people who write cryptographic applications and
> libraries to use bytearrays correctly, and it would also guarantee that
> this property won't change in future versions of Python. Furthermore, it
> would help authors of cryptographic libraries to design their APIs and
> internal functions in a way that would allow the secure erasure of
> sensitive data.
> 
> Would this make sense or am I asking too much from Python?

I don't think there's any safe way to store crypto information in
memory. You'd have to use a dedicated hardware crypto device to avoid
leaking the keys (think memory reallocation, the OS swapping memory
to disk, your code running on a VM, etc.). See e.g.
http://c0decstuff.blogspot.de/2011/01/in-memory-extraction-of-ssl-private.html
for an example on how to do this intentionally.

Not even OpenSSL tries to address this, so I think it's asking a
bit much from Python ;-)

That said, adding a little more security to a custom blob type
would certainly not hurt :-)

Here's some inspiration for locking and cleaning memory:
http://c0decstuff.blogspot.de/2011/01/in-memory-extraction-of-ssl-private.html
(pages 36ff)

-- 
Marc-Andre Lemburg
eGenix.com

Professional Python Services directly from the Source  (#1, Feb 04 2013)
>>> Python Projects, Consulting and Support ...   http://www.egenix.com/
>>> mxODBC.Zope/Plone.Database.Adapter ...       http://zope.egenix.com/
>>> mxODBC, mxDateTime, mxTextTools ...        http://python.egenix.com/
________________________________________________________________________

::::: Try our mxODBC.Connect Python Database Interface for free ! ::::::

   eGenix.com Software, Skills and Services GmbH  Pastor-Loeh-Str.48
    D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg
           Registered at Amtsgericht Duesseldorf: HRB 46611
               http://www.egenix.com/company/contact/

More information about the Python-ideas mailing list