Lucas Holt wrote:
> [...] When the power goes out, you lose the
> data if its in ram. [...]
Yes and no, depending on how much you want to nitpick. See Gutmann's
classic "Secure Deletion of Data from Magnetic and Solid-State Memory"
[1] for a thorough treatment. Also good are sections 9.3.1-9.3.4 in
Ferguson, Schneier, "Practical Cryptography" (Indianapolis, Wiley
Publishing, 2003).
Usually, this is of no concern, but if one's dealing with particularly
sensitive information, it becomes vital to keep in mind memory is *not*
safe. If one really insists of keeping very important things (keys, etc)
in memory safely, the only solution I'm aware of is the use of a Boojum,
as mentioned by Ferguson, Schneier [2].
[1] http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html
[2] Crescenzo, Ferguson, Impagliazzo, Jakobsson. "How to Forget a
Secret". In Meinel, Tisson, editors, STACS 99, vol. 1563 of "Lecture
Notes in Computer Science", pp. 500-509. Springer Verlag, 1999.
Cheers,
Ivan.
Received on Jul 07 2004
Intro
