Ad

Memory Encryption And Memory Zero Unknowns- Assist My Understanding

- 1 answer

I want to protect my users data as much as possible! In this scenario I'm trying to protect data-in-use/data-in-memory against certain memory attacks or at least make it more difficult for nefarious people to get at my users' data.

I do not really understand how Flutter & Dart handle memory or really any language for that matter. So I'm looking for some insight, direction or confirmation in what I'm trying to do here without needing a masters in computer science. While I'm using Flutter/Dart this is also a generalized question.

My modus operandi here is simple, when done with some sensitive data I want to:

  1. Encrypt data for memory zero
  2. Zero all encrypted memory

Does this do what I intend?

If this does not do what I intend or is pointless in any way, please explain why.

/*
    - Symmetric encryption
    - Encryption before putting data into transit
    - This symmetric key and nonce are asymmetrically encrypted with authorized users public keys
    - Authorized users can decrypt the key
    - Sensitive data is encrypted then zeroed
  */
  Future<String> symmetricallyEncrypt(Sale sale) async {
    String saleJson = jsonEncode(sale);
    final symmetricKey = await secureStorage.read(key: kSSKeySymmetric);
    final symmetricNonce = await secureStorage.read(key: kSSKeySymmetricNonce);
    final symmetricCypher = AesCrypt(padding: PaddingAES.pkcs7, key: symmetricKey!);
    final encryptedSale = symmetricCypher.gcm.encrypt(inp: saleJson, iv: symmetricNonce!);

    /* --- ENCRYPTED ZERO --- */
    encryptedZero(saleJson);
    encryptedZero(symmetricKey);
    encryptedZero(symmetricNonce);
    encryptedZero(symmetricCypher.toString());

    return encryptedSale;
  }

  /*
    Encryption zero method
      - Encrypts shredding input
      - Zeros all inputs
  */
  Future<void> encryptedZero(String shredding) async {
    String? asymmetricPublicZeroKey = await secureStorage.read(key: kSSKeyMemoryZeroAsymmetricPublic);
    String encryptedShredding = RSAPublicKey.fromPEM(asymmetricPublicZeroKey!).encrypt(shredding);
    asymmetricPublicZeroKey = '';
    encryptedShredding = '';
    shredding = '';
  }
Ad

Answer

I get what you're asking but think it's not the right way to think about the security of your memory.

What's the threat actor - another process? The operating system? The root user?

If you don't trust the root user, the OS, and the hardware, you've already lost.

If you have to trust them, then what else is your threat actor? You have to trust your application. So the only other things are other applications running on the same system.

The operating system prevents other applications from reading your memory space (SEG FAULT, etc). And the OS zeros out your application's memory pages before passing them to another process.

But that's not the whole story - read https://security.stackexchange.com/questions/29019/are-passwords-stored-in-memory-safe for even more details.

Ad
source: stackoverflow.com
Ad