[dm-crypt] Retrieve the Passphrase from RAM Memory
eocsor at gmail.com
Tue Sep 27 13:13:54 CEST 2011
On Tue, Sep 27, 2011 at 8:17 PM, Arno Wagner <arno at wagner.name> wrote:
> No. The passphrase is not stored and the PBKDF2 iterations
> prevent reconstructing it.
Looking into the PBKDF2 function would also be valuable, I notice the
buffer for T_i is allocated off the stack and doesn't look to be
explicitly wiped. Presumably some but hopefully all of it gets
overwritten as the program runs :)
(I notice the gnupg devs use a burn_stack() function that attempts to
explicitly achieve this).
So much fun to be investigated!
More information about the dm-crypt