1

Suppose that I have some cryptographic application in Python.

The application receives a cryptographic key, does the job and then it doesn't need the key anymore.

Is it possible to completely erase that key and make sure it no longer exists in the device's memory?

I know that del doesn't remove the object, just decrements its reference count. Even when the refcount drops to zero and the object is garbage collected, its contents may still linger somewhere.

Is there any solution (function, library, c extension) that allows to do that?

haael
  • 972
  • 2
  • 10
  • 22
  • 1
    In general, the only way to be sure\* something is "removed" from memory is to write something else over the top of it. You don't have that level of control in Python, but you would down in C. \* *Well, fairly sure.* – jonrsharpe Nov 14 '14 at 10:43
  • @jonrsharpe Possibly better duplicates: [ctypes in python crashes with memset](http://stackoverflow.com/questions/15581881/ctypes-in-python-crashes-with-memset) and [Securely Erasing Password in Memory (Python)](http://stackoverflow.com/questions/728164/securely-erasing-password-in-memory-python) Maybe you can make a chain. – Artjom B. Nov 14 '14 at 11:27

0 Answers0