Basil: >> At the moment, what I have is software and conventional memory, and >> unless somebody tells me otherwise, I assume that's what we're to be >> using for the bridge board implementation. Are we expecting to do >> better than this on the Alpha board? > > Cannot exactly say on which stage of the project, but the proper handling of > private keys have to be arranged to consider system fully functional. This > means, in particular, ensuring that during software execution should be no > place (in memory or registers) where private key as a whole will be stored > even for some time.
Nice idea, but my experience is that it does not work out so simply. The function to wrap a private key for backup needs to whole plaintext key. You can wipe the buffer as soon as practical, but there is a small period of time where the whole thing is in memory or registers. Russ _______________________________________________ Tech mailing list [email protected] https://lists.cryptech.is/listinfo/tech
