1998-11-28 - Re: Securing data in memory (was “Locking physical memory (RAM) under Windows”) (fwd)

Header Data

From: Bill Stewart <bill.stewart@pobox.com>
To: Jim Choate <cypherpunks@EINSTEIN.ssz.com (Cypherpunks Distributed Remailer)
Message Hash: fd032a46fc73f4cf156a1a31fa4155829f890e594c0df7296e573aad285270ac
Message ID: <3.0.5.32.19981127120630.00902100@idiom.com>
Reply To: <199811232327.RAA23206@einstein.ssz.com>
UTC Datetime: 1998-11-28 02:18:12 UTC
Raw Date: Sat, 28 Nov 1998 10:18:12 +0800

Raw message

From: Bill Stewart <bill.stewart@pobox.com>
Date: Sat, 28 Nov 1998 10:18:12 +0800
To: Jim Choate <cypherpunks@EINSTEIN.ssz.com (Cypherpunks Distributed Remailer)
Subject: Re: Securing data in memory (was "Locking physical memory (RAM) under Windows") (fwd)
In-Reply-To: <199811232327.RAA23206@einstein.ssz.com>
Message-ID: <3.0.5.32.19981127120630.00902100@idiom.com>
MIME-Version: 1.0
Content-Type: text/plain



At 05:27 PM 11/23/98 -0600, Jim Choate wrote:
>> From: "Jim Adler" <jadler@soundcode.com>
>> The SCNSM driver supports allocation of non-swappable memory on Windows
>> 3.x/95/98. The principal design goal of SCNSM is to provide memory that will
>> not be swapped to disk, under any circumstances. Typically, security
>> applications require such memory to store private keys, passwords, and
>> sensitive intermediate results of cryptographic calculations.

>1.  Is it OpenSource?
Is this a religious argument?  I think he said it was copyrighted freeware,
so use it and leave the copyright notices in and you're ok.

>2.  I assume since it never swaps to disk the memory requirements for the
>    computer are large. What is the minimum suggested if one runs say
>    5 apps that each require 16M each, 5*16M & OS overhead?

Bad Assumption.  The memory requirements are whatever you want;
if you're storing a few private keys, or intermediate calculation results,
the requirements are very small; if you're storing 16MB databases,
they're much larger.  For today, 16MB seems large enough that
I'd think you'd use a crypto-disk or instead of nailing it into RAM,
but the boundaries between huge, routine, and small keep moving
in this business, so maybe you do now, and you will soon enough.

Does anybody know if Win95/98 keeps RAMdisks in RAM, or swaps them
out to real disk along with other least-recently-used data?
Since I've got 48MB RAM on my laptop, I keep a 2MB RAMdisk around
for PGP decrypts, and for temporary storage of things like
emailed ZIP files.  

>    And what is the suggested OS overhead with no swap to disk?
>    (OK, that last one might be a 3rd question)

That's a good question.  My guess is that it's probably 0-2KB,
plus however big the drivers are, might be as big as 64KB,
but presumably isn't 1MB.  In other words, too small to worry about
on recent machines, where an extra 16MB RAM costs $10,
but if you're using that spare 4MB 386 as a remailer,
you've got to be more careful.

On the other hand, if the driver does anything for real-mode DOS processes
running on top of Windows, it wouldn't surprise me if you've
got to nail down 640KB while they're running?
But you knew that job was clunky when you took it.
				Thanks! 
					Bill
Bill Stewart, bill.stewart@pobox.com
PGP Fingerprint D454 E202 CBC8 40BF  3C85 B884 0ABE 4639





Thread