Author

Topic: Password fan memory scraping risk mitigation (Read 456 times)

full member
Activity: 238
Merit: 122
November 03, 2015, 11:49:01 PM
#1
I put up a short blurb about a technique we use for mitigating the risk of memory scraping encryption keys.  I haven't seen others do it, we call it a password fan.  Basically we break apart the key in to a thousand or so separate places in memory and only reassemble it when actual signing needs to be done.

https://github.com/clemahieu/raiblocks/wiki/Password-fan

It's trivial to implement, I thought others may want to copy the technique.
Jump to: