Re: Securing data in memory

Simon R Knight (srk@tcp.co.uk)
Sun, 11 Oct 1998 00:42:23 0000

• Next message: staym@accessdata.com: "pkzip's prng"
• Previous message: Jim Adler: "Re: Securing data in memory"
• Maybe in reply to: Simon R Knight: "Securing data in memory"
• Next in thread: Peter Gutmann: "Re: Securing data in memory"

"Jim Adler" <jadler@soundcode.com> writes:

> The drivers are not yet available.
>
> Here's the status. The Windows 95 version is about done. ...

Excellent !

> ... We had planned on
> doing some back testing to Win3.1 if there is significant interest. Is
> there?

I would certainly find Win 3.1 compatibility very useful, as it would
allow for 16 bit versions of privacy enhancing tools. Many are still
running Windows 3.x because it is familiar, or it is more suited to
older machines.

> The NT version is much tougher because you can't map ring 0 memory
> space to a ring 3 process without blue screening when the ring 0 process
> writes to it. We've experimented with some interesting memory mapping but
> keep finding that the only way to write to such ring 0 memory is to go
> through the driver which is a performance bottlneck for most performance
> critical crypto algorithms. If anyone has some good ideas, I'm listening.
>
> So, the current plan is to release a version for Win95/98 for now, possibly
> in a few weeks.

That's good news !

Will the driver actually secure an area of extended memory ? ... if
so, would this memory totally bypass the Windows Virtual Memory
Manager, or control it ?

Would other Windows applications be able to walk through (paging)
secured memory ?

Regards,

Simon R Knight

• Next message: staym@accessdata.com: "pkzip's prng"
• Previous message: Jim Adler: "Re: Securing data in memory"
• Maybe in reply to: Simon R Knight: "Securing data in memory"
• Next in thread: Peter Gutmann: "Re: Securing data in memory"