Protecting Memory Secrets: Difference between revisions

Protecting Memory Secrets (view source)

6 bytes removed , 3 months ago

m

→‎{{header|Wren}}: Changed to Wren S/H

9,476

edits

Revision as of 08:41, 23 January 2023 (view source) Rdm (talk \| contribs) (J) ← Older edit		Latest revision as of 10:49, 29 January 2024 (view source) PureFox (talk \| contribs) m (→‎{{header\|Wren}}: Changed to Wren S/H)
(One intermediate revision by one other user not shown)
Line 75: =={{header\|J}}== Generally speaking, it's probably best to avoid using general purpose computers in contexts where we want to enforce the early expiration of secrets. In other words, custom {{[[wikipedia:Very_Large_Scale_Integration\|VLSI}}]] or {{[[wikipedia:Field-programmable_gate_array\|FPGA}}]] hardware would be more suitable for this requirement. That said, expediency can often force suboptimal approaches. And, here, current implementations of J are probably less suited for this requirement than certain other languages. Line 171: The tool is a work in progress and would need considerable hardening to handle secrets in a secure fashion. Perhaps the nearest one could get to the task as described would be the following though note that, to display anything to the terminal, Wren first converts it to a string and as these are immutable there is no way to remove them from memory before the GC frees them. To avoid this, we therefore display the bytes entered after encryption by SHA-256 so that only the hash will remain in memory. <syntaxhighlight lang="~~ecmascript~~wren">import "io" for Stdin import "./crypto" for Sha256