Date: Sun, 16 Aug 2020 19:19:02 +0200
One possible way to solve the problem with this is to use `volatile`
semantic, this means each write/read is guaranteed.
I was thinking about different solution that do the opposite, this
means you are not guaranteed any writes or reads to memory, this is at
first sight insane, but if your password was never in that memory you
do not clean anything, isn't it?
>From C++ perspective given memory area was never written to or if it
was, then it will be overwritten by zeros or random value after work
is done. If it is kept in the register then no operation is needed
expert cleaning this register with new value.
```
void f(int i)
{
__secret auto j = i; //keyword, attribute, or special class?
foo();
bar(j);
}
```
should have same assembly like
```
void f(int i)
{
foo();
bar(i);
}
```
or
```
void f(int i)
{
foo(); //write can be reordered
int j = i; //in sense it is stack variable, and optializer can't remove it
bar(j);
j = 0;
}
```
semantic, this means each write/read is guaranteed.
I was thinking about different solution that do the opposite, this
means you are not guaranteed any writes or reads to memory, this is at
first sight insane, but if your password was never in that memory you
do not clean anything, isn't it?
>From C++ perspective given memory area was never written to or if it
was, then it will be overwritten by zeros or random value after work
is done. If it is kept in the register then no operation is needed
expert cleaning this register with new value.
```
void f(int i)
{
__secret auto j = i; //keyword, attribute, or special class?
foo();
bar(j);
}
```
should have same assembly like
```
void f(int i)
{
foo();
bar(i);
}
```
or
```
void f(int i)
{
foo(); //write can be reordered
int j = i; //in sense it is stack variable, and optializer can't remove it
bar(j);
j = 0;
}
```
Received on 2020-08-16 12:22:37