[gnutls-devel] GnuTLS | rnd: always clear internal RNG state and confidential temporary data (!2051)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Tue Jan 13 16:12:51 CET 2026
Markus Theil commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/2051#note_3002653123
IMHO my two cents regarding your notice:
May I'm wrong here, but a e.g. Linux kernel configured without clear on alloc or clear on free may provide a memory range of process p1 with key material from the GnuTLS RNG to another process p2 on the same platform, after p1 was (cleanly) terminated. More advanced are cold boot attacks or microarchitectural attacks like meltdown/spectre where its nice to limit the exposure of secret key material in RAM.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/2051#note_3002653123
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20260113/504b75f6/attachment.html>
More information about the Gnutls-devel
mailing list