I put up a short blurb about a technique we use for mitigating the risk of memory scraping encryption keys. I haven't seen others do it, we call it a password fan. Basically we break apart the key in to a thousand or so separate places in memory and only reassemble it when actual signing needs to be done.
https://github.com/clemahieu/raiblocks/wiki/Password-fan
It's trivial to implement, I thought others may want to copy the technique.
Topic: Password fan memory scraping risk mitigation (Read 424 times)
Jump to: