> I have a program. It's written in C. I intend to distribute it, in > binary form only, to other sites. I do not and will not control how > any fo the local disks are configured at those other sites.
The question then becomes, "who are you securing this data against?" If your goal is to keep data on someone else's computer in a form that they can't read, you should be advised going in that it's a fool's errand. Can't be done. As an example of how it can be foiled: while your program is running, tell the computer to hibernate. It writes a memory image to disk. Load the memory image into a tool like Volatility and start searching through memory looking for AES key schedules. There won't be more than a handful of them. Recreate the key from the key schedules and bam, you've got the original key and can read/write this data stream at-will. This is not an abstract or theoretical thing. This is real. I've done it. If you're interested in reading more, check out "The Persistence of Memory: Forensic Identification and Extraction of Cryptographic Keys." It was presented at DFRWS back in '09, and is available online at: http://www.dfrws.org/2009/proceedings/p132-moe.pdf It's a good read, including a footnote where they talk about how they managed to break PGP 8 this way. > There *are* simply solutions to this rather trivial and common problem. If you're doing what I suspect you're doing, there really aren't any. There are a lot of techniques that don't work at all, and of those some are simple, and a lot of people use them without knowing that they don't work, instead believing that everything's going swimmingly because they don't, themselves, know how to break it. > I should say that it seems to me rather entirely bizzare, preplexing, > and downright silly that *somebody* went to the trouble to write a > detailed, 134 page (PDF) manual for the library, and yet prospective > users of the library, such as myself, cannot find even a single modest, > real-world example of how to use the bloody thing. The manual is sufficient for its intended audience. Crypto has a steep learning curve and no one manual can reach all audiences. Some crypto libraries are meant for people who don't care about the difference between CBC mode and Galois Counter Mode; others are meant for people who care quite a lot. Libgcrypt is in the latter category. I'm sorry if you find the libgcrypt manual to be of no use, but if it's of no use, please consider the possibility that you are not libgcrypt's intended audience. That's no slight on you, on your coding ability, or your professionalism. I'm a highly-skilled data forensics nerd, but when I have to do digital signal processing my eyes glaze over when the A/V nerds start talking about how the butterfly interleave of the fast Fourier transform is fundamentally and deeply connected to the roots of unity. There's no shame in not knowing everything, because really, how could anyone be expected to? _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
