I have a private key that I decrypt using a password from the user,

Question

0

Asked: May 25, 20262026-05-25T14:18:25+00:00 2026-05-25T14:18:25+00:00

I have a private key that I decrypt using a password from the user,

0

I have a private key that I decrypt using a password from the user, but I need to use this private key quite often, and I don’t want to keep it decrypted in the memory.

One option I thought of is encrypting the private key with a randomly generated one time password, and every time I use it, to replace the password, but still the one time password is kept in the memory.

Another option I thought about is using OpenSSL memory BIO. From what I understood it keeps the data inside it secured (I have no idea how it does that, but that’s what I’ve heard).

What do you think is better? Are there any better options?
Thanks! 🙂

p.s.
I’m using native C++ and OpenSSL.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-25T14:18:26+00:00

Editorial Team

2026-05-25T14:18:26+00:00Added an answer on May 25, 2026 at 2:18 pm

By definition you are looking for means of Security though obscurity. In this case the user has more control over the device than you do. The secret must exist in plain text at some point, and the attacker (the user), can attach a debugger and view this value. There will never be a solution to this problem, it is not something that can be made secure.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I have a private key that I decrypt using a password from the user,

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply