#memory-protection #memory #protection #encryption-key #secure #attack

soteria-rs

Wrapper around a secret that is stored in memory with the goal to protect against side-channel and speculative attacks

5 unstable releases

0.3.1 Aug 29, 2023
0.3.0 Aug 29, 2023
0.2.0 Aug 28, 2023
0.1.1 Aug 28, 2023
0.1.0 Aug 28, 2023

#2140 in Cryptography

Download history 131/week @ 2024-07-20 226/week @ 2024-07-27 180/week @ 2024-08-03 122/week @ 2024-08-10 203/week @ 2024-08-17 71/week @ 2024-08-24 78/week @ 2024-08-31 163/week @ 2024-09-07 67/week @ 2024-09-14 216/week @ 2024-09-21 185/week @ 2024-09-28 100/week @ 2024-10-05 77/week @ 2024-10-12 93/week @ 2024-10-19 220/week @ 2024-10-26 74/week @ 2024-11-02

473 downloads per month
Used in gennaro-dkg

MIT/Apache

35KB
600 lines

Soteria

Crate Docs Apache 2.0/MIT Licensed

This crate implements a wrapper around a secret that is stored in memory.

The library aims to be simple to use (misuse resistant) and easy to understand.

Thus only one struct is provided Protected. The struct wraps the secret so it is encrypted in memory and can be decrypted by the same application that put it there.

Protected allows a program to store a encrypted secret in memory. The secret is encrypted using XChaCha20Poly1305. The encryption keys are large enough to mitigate memory side channel attacks like Spectre, Meltdown, Rowhammer, and RamBleed.

There is a pre_key and a nonce each large enough to limit these attacks. The pre_key and nonce are feed into a merlin transcript to mix with other data and derive the actual encryption key. This value is wiped from memory when the dropped or decrypted.

Documentation

Secrets can be made using the Protected struct

use soteria_rs::*;

let mut protected = Protected::new(b"top secret");

assert_ne!(p.value, password);
assert_eq!(p.value.len(), password.len() + 16);
assert_ne!(p.pre_key, [0u8; DEFAULT_BUF_SIZE]);
assert_ne!(p.nonce, [0u8; DEFAULT_BUF_SIZE]);

let password2 = p.unprotect();
assert!(password2.is_some());
assert_eq!(password2.unwrap().as_ref(), password.as_slice());

let str_pass = password2.str();
assert_eq!("top secret", str_pass);

Protected provides convenience methods to wrap many types of secrets from strings, byte slices, and serializable types.

Use the serde feature to enable serialization to and from a protected type.

License

Licensed under either of

at your option.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

Dependencies

~1.3–4MB
~70K SLoC