We are adding AES 256 bit encryption to our server and client applications for encrypting the TCP/IP traffic containing sensitive information. We will be rotating the keys daily. Because of that, the keys will be stored in memory with the applications.
Key distribution process:
-
Each server and client will have a list of initial Key Encryption Key’s (KEK) by day
-
If the client has just started up or the server has just started up, the client will request the daily key from the server using the initial key. The server will respond with the daily key, encrypted with the initial key. The daily key is a randomly generated set of alphanumeric characters. We are using AES 256 bit encryption.
-
All subsequent communications will be encrypted using that daily key.
-
Nightly, the client will request the new daily key from the server using the current daily key as the current KEK. After the client gets the new key, the new daily key will replace the old daily key.
Is it possible for another bad application to gain access to this memory illegally or is this protected in Windows? The key will not be written to a file, only stored in a variable in memory.
If an application can access the memory illegally, how can you protect the memory from tampering?
We are using C++ and XP (Vista/7 may be an option in the future so I don’t know if that changes the answer).
I think that you may have a more fundamental problem on your hands.
If there is even the faintest chance that this machine might catch a rootkit, then your all of your keys are ours, as it were.
On Windows, Process A can read the memory of Process B if any of the below are true:
If you have complete control over what’s running on the machine, and complete confidence that no one can introduce any surprises, you’re golden.
This is, of course, not unique to Windows. What is unique to Windows is the volume of rootkit malware.