PuTTY wish pageant-hibernate

PuTTY wish pageant-hibernate

This is a mirror. The primary PuTTY web site can be found here.

Home | Licence | FAQ | Docs | Download | Keys | Links
Mirrors | Updates | Feedback | Changes | Wishlist | Team

summary: Discard sensitive material in Pageant on hibernation
class: wish: This is a request for an enhancement.
difficulty: fun: Just needs tuits, and not many of them.
priority: low: We aren't sure whether to fix this or not.

It's been suggested that Pageant (and anything else storing private key material long-term) should forget (wipe) all its unencrypted keys when a system hibernates, to avoid them being stored to disk; it should at least reload the keys and ask for passphrases again after a hibernation. Apparently the windows messages BT_APMQUERYSUSPEND and PBT_APMSUSPEND would be useful here.

Low priority because:

  • If you have physical access to the machine, then you've compromised its security anyway; you can just install a trojan pageant which will happily snarf the passphrases from keys for you, or perpetrate any one of a number of other attacks.
  • Pageant doesn't currently attempt to prevent key material being written to disk. (We don't for instance use VirtualLock(); see `virtuallock'.)

Audit trail for this wish.

If you want to comment on this web site, see the Feedback page.
(last revision of this bug record was at 2004-11-16 15:27:00 +0000)