Hello,
Is there a way to do this? I would like to allocate some memory in
which no other drivers are allowed to read/write. I currently have
some sensitive data (encryption keys, etc.) stored on these pages and
I am worried that other drivers would read it. Also, I’d like
debuggers to also not be able to read this data.
Is this possible?
Thanks,
J
Jonathon wrote:
Is there a way to do this? I would like to allocate some memory in
which no other drivers are allowed to read/write. I currently have
some sensitive data (encryption keys, etc.) stored on these pages and
I am worried that other drivers would read it. Also, I’d like
debuggers to also not be able to read this data.Is this possible?
No. Kernel code is trusted code. It’s all one big, happy family. If
there is a kernel driver trying to hack you, you cannot stop it. Even
if you protected the pages, the attacking driver can turn off the
protection.
The keys are going to be stored on disk somewhere, anyway, right?
–
Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.
> Is this possible?
No.
The most you can do is to minimize the time window for which the cleartext data exists, and then securely wipe it with zeroes.
–
Maxim S. Shatskih
Windows DDK MVP
xxxxx@storagecraft.com
http://www.storagecraft.com