Security considerations in a crypto program

[rpk2006]

I am developing a crypto program. I want to know what security
considerations are to be taken account into account other then
using standard and time-tested algorithms.

I am puzzled as to what can be done to prevent Tempest Attack on
the decrypted text, programatically to some extent. For example:
PGP uses a special window to display decrypted text, which I heard,
foils tempest attack.


---------------------------------
Securing a computer system has traditionally been a battle of wits: the penetrator tries to find the holes, and the designer tries to close them. � M.Gosser

 

[Dalong]

There are a hell of a lot of things to do.
To name a few of them : no temp files; wipe any memory that could hold secrets, as soon as you do not need it anymore (wipe = WIPE IT, not just free it); prevent any swapping of memory pages that could hold secrets; choose a proper random source, with anough real entropy; never hardcode any secret string; prevent ANY game with the running process, such as signal sending, tracing, debuging, etc.

 

[Salem]

> which I heard, foils tempest attack.
Perhaps it uses these ideas -> message

Is your crypto good? warning signs

You might want to also check out the secure programming FAQ for further information on actually writing the code, once you've sorted out all the higher levels.


--

 

[chiph]

rpk2006 -

Who are you protecting against? IOW, what's the threat level?

Tempest attacks are usually only launched by major goverments and multi-national corporations. If you're writing a product to protect data in an internal system, putting tempest protection in is probably overkill.

You know, if you really need tempest protection, you can buy metal boxes to put your monitor & PC in (the glass on the front has metal mesh in it).

Chip H.


If you want to get the best response to a question, please check out FAQ222-2244 first