argonautica
argonautica copied to clipboard
bcmyers
Passwords are not cleard securly enough.
You need to use write_volatile instead of write_bytes or the clearing might be optimized away.
E.g. if you take a look at how the C argon library uses password clearing you will see that they first try to use some special "secure clear/set memory functions" (which might happen to be faster but mainly are more idiomatc). And if they a not defined it uses volatile memory writes.
PS: Clearing secret keys might also be affected.
Yes
It means the password zeroing doesn't work reliably (depending on how llvm optimizes the code).
But weather it matters is hard to say for many reasons. In most systems there are a lot of other places that will potentially not zero out your password, e.g. the I/O and/or http library through which it passes. Still if a library does clear the password it should be done properly.
On Fri, Apr 17, 2020, 02:00 Peter Donovan [email protected] wrote:
So does this mean that the passwords could/would remain in memory?...
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/bcmyers/argonautica/issues/16#issuecomment-614958741, or unsubscribe https://github.com/notifications/unsubscribe-auth/AB2HJEJFAJX4FKACKSBAOTTRM6L3BANCNFSM4IM36DNQ .
Thank you for that information. I am currently working on an application where security is very important. I cannot afford to cut any corners when it comes to things such as authentication/authorization.
Do you think that I would be better off going with something like PBKDF2, bcrypt or scrypt? I think that if I should not use argon2 (yet), then PBKDF2 is my next best bet.
However, you also mention that there may be other points of failure such as the IO/HTTP libraries that the password data is passing through so I wonder if my worries are in vain.
Thanks!