Safe decryption with GnuPG?
program.spe at home.pl
Fri Feb 1 09:58:12 CET 2008
I have a file that I encrypted for myself
and I want to read some information from it.
The file is a text file and I need to read several lines of it.
The following requirements must be met:
The decrypted information must not make it to any persistent medium
(I understand gpg '-d' already guarantees it
as long as it manages the decrypted text,
but what happens after it leaves gpg?)
The decrypted text must not be stored in volatile memory
any longer than it is needed.
In particular, it should be converted to a human-viewable bitmap
and the computer-readable representation must be immediately erased.
3. Only the information I need should be displayed.
The bitmap must not be updated automatically
(the containing window must not display it
when it is in the background, whatever it means).
(It would be best to forget the bitmap altogether
and regenerate it upon request,
but it seems to be a hard thing to do
because the gpg output stream is not scrollable backwards).
The bitmap itself should not make it to any persistent medium
and it should be scrambled, if possible, in the volatile memory.
It should not be possible
to make a snapshot of the graphic in the window
with any programmatic means
(you can of course make a picture of the screen with a camera).
If more information is requested,
it should be displayed in small chunks.
The program should be fully unaware
of the content of the chunks that are not being displayed.
(That probably means a garbage-collected language cannot be used).
The application should be as lightweight as possible
(for source code audit).
Can you direct me to some implementation meeting these requirements?
More information about the Gnupg-users