GPG Wipe Keys from RAM on Suspend
Werner Koch
wk at gnupg.org
Tue Sep 22 09:01:38 CEST 2020
On Sat, 19 Sep 2020 23:10, procmem--- said:
> Hi. I came across a new cryptsetup feature that is supposed to protect
> user data while the PC is in standby. It wipes the key from RAM when
> sleep events are triggered. While it protects LUKS, other data and keys
> loaded in RAM at the time are still vulnerable to forensic recovery. Can
> you please consider adding a sleep key cache wipe feature to GPG?
That exists for ages:
gpgconf --reload gpg-agent
is all what you need. However, the platforms all differ a lot on how
to run scripts on power events and thus the distros need to implement
this.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20200922/95900bd8/attachment.sig>
More information about the Gnupg-devel
mailing list