Storing encrypted data in memory

Question

Storing encrypted data in memory

I am working with a listview control that saves data using AES encryption to a file. I need to save the data of each item in a list in the class std :: list std :: string. Should I just store the data encrypted in std :: list and decrypt the local variable when necessary? or is it enough to encrypt it only in the file?

+3

c ++ security stl winapi encryption

cpx Feb 27 '10 at 12:04

source share

4 answers

? , , .

, , , . , , , , .

0

Component 10 27 . '10 13:42

, . , , OllyDBG, , . , AES, , , .

0

rook 27 . '10 19:21

, . , , , .

, swap- (, ). , ...

0

mar 27 . '10 20:27

Noon silk · Accepted Answer · 2010-02-27T12:09:24+0000

To answer this question, you need to think about who your attackers are (i.e. who is trying to hide the data?).

For this purpose, it helps if you are working with a simple Threat Model (basically: who bothers you, what you want to protect, the types of attacks that they can carry out, and the risks of this).

Once this is done, you can determine whether you should try to protect data from being written to disk (even if it is decrypted only in memory).

I know this answer may seem useful, but I hope that it helps you realize that you need to specifically indicate (and therefore know) that you are the attackers before you can defend against them correctly (i.e. you can end up fully realizing absolutely useless protection, etc.).

Storing encrypted data in memory

More articles: