Closed milapsheth closed 3 years ago
ggutoski
commented
3 years ago * Since some of the dependencies such as paillier and k256 don't support Zeroize themselves, there are still gaps in zeroization. We'll probably have to use wrappers for such third-party structs. I'm not worrying about paillier, since we might ditch that crate anyways.
The people who wrote k256 also wrote zeroize, so there must be a good way to zeroize k256 items. Paillier is a different story.
milapsheth
commented
3 years ago * Since some of the dependencies such as paillier and k256 don't support Zeroize themselves, there are still gaps in zeroization. We'll probably have to use wrappers for such third-party structs. I'm not worrying about paillier, since we might ditch that crate anyways.The people who wrote k256 also wrote zeroize, so there must be a good way to zeroize k256 items. Paillier is a different story.
k256 only supports zeroization of Scalars and not ProjectivePoint. So, I had to add that to the wrapper, to allow the whole SecretKeyShare to be zeroized even though the projective point value is public.
ggutoski
commented
3 years ago
k256only supports zeroization ofScalarsand notProjectivePoint. So, I had to add that to the wrapper, to allow the wholeSecretKeyShareto be zeroized even though the projective point value is public.
Can't we concentrate only on zeroizing secret data and ignore public data? ie. THe only real secrets are the Paillier decryption key and the secret k256 scalar.
(Vss, k256_serde::{Scalar, ProjectivePoint})also implement Zeroize.