Memory is prone to be attacked by memory scanners or caching to disk. Cypherlock uses memory protection methods to keep keys from falling in the wrong hands. Specifically, all secret data in memory remains encrypted until it is required for operation, it is then decrypted into a memory page with applicable locking and surrounded by guard pages.
The movement of secret data between protected memory and persistent storage employes automated encryption to make sure that no secret data is ever stored without protection.
To simplify protocol implementations, our key management engine supports:
Get the source here: keymgt