Hello,

We often use cryptographic data such as keys in our code. Some of these data are provided by a component that reads them from a file or from user input. Other components use these keys to encrypt or decrypt data such as network traffic, or maybe other keys.

For example, a component asks a user for a password, then the password is used to derive a key, the component puts it in a dataspace accessible as a ROM module by a network encryption component, which is then used to encrypt network packets.

It is a good idea to leave traces of residual data in as little places as possible, to reduce the number of sensitive memory locations to a minimum in order to reduce attack vectors. So it would be nice if in the example, the network component could ask the password component to clear the key from the dataspace once it is done with this key. Currently, the ROM session has no way of doing this; besides, there might be complications such as other clients accessing the dataspace.

It would be nice to have this functionality somehow, so we have thought of some possibilities:

* introducing a new session which wraps a rom/ram-dataspace and clears it after reading, or if the client(s) have issued a clear request at the server, after which the data is overwritten by zeroes or random;

* extending the ROM-session in such a way

How do you feel about this topic?