All Projects → awnumar → Memguard

awnumar / Memguard

Licence: apache-2.0
Secure software enclave for storage of sensitive information in memory.

Programming Languages

go
31211 projects - #10 most used programming language

Projects that are alternatives of or similar to Memguard

Tools For Cryptanalysis
A repository that aims to provide tools for cryptography and cryptanalysis
Stars: ✭ 112 (-94.5%)
Mutual labels:  cryptography, crypto
Noise
.NET Standard 1.3 implementation of the Noise Protocol Framework (revision 33 of the spec)
Stars: ✭ 124 (-93.91%)
Mutual labels:  cryptography, crypto
Streamcryptor
Stream encryption & decryption with libsodium and protobuf
Stars: ✭ 112 (-94.5%)
Mutual labels:  cryptography, crypto
Cfrpki
Cloudflare's RPKI Toolbox
Stars: ✭ 104 (-94.89%)
Mutual labels:  cryptography, crypto
Padding Oracle Attacker
🔓 CLI tool and library to execute padding oracle attacks easily, with support for concurrent network requests and an elegant UI.
Stars: ✭ 136 (-93.32%)
Mutual labels:  cryptography, crypto
Cryfs
Cryptographic filesystem for the cloud
Stars: ✭ 1,560 (-23.38%)
Mutual labels:  cryptography, crypto
Cryptogotchas
A collection of common (interesting) cryptographic mistakes.
Stars: ✭ 118 (-94.2%)
Mutual labels:  cryptography, crypto
Libsodium
A modern, portable, easy to use crypto library.
Stars: ✭ 9,782 (+380.45%)
Mutual labels:  cryptography, crypto
Botan
Cryptography Toolkit
Stars: ✭ 1,798 (-11.69%)
Mutual labels:  cryptography, crypto
Demo Twilio Backend Nodejs
A sample backend that demonstrates how to generate a Virgil JWT and Twilio token used for authentication with the Virgil and Twilio services
Stars: ✭ 128 (-93.71%)
Mutual labels:  cryptography, crypto
Jmacaroons
Pure Java implementation of Macaroons: Cookies with Contextual Caveats for Decentralized Authorization in the Cloud. Android ready. Online playground available.
Stars: ✭ 100 (-95.09%)
Mutual labels:  cryptography, crypto
Simon Speck
The SIMON and SPECK families of lightweight block ciphers. #nsacyber
Stars: ✭ 146 (-92.83%)
Mutual labels:  cryptography, crypto
I2pdbrowser
i2pd browser bundle
Stars: ✭ 94 (-95.38%)
Mutual labels:  cryptography, crypto
Libsodium Go
A complete overhaul of the Golang wrapper for libsodium
Stars: ✭ 105 (-94.84%)
Mutual labels:  cryptography, crypto
Dudect
dude, is my code constant time?
Stars: ✭ 91 (-95.53%)
Mutual labels:  cryptography, crypto
Charm
A really tiny crypto library.
Stars: ✭ 116 (-94.3%)
Mutual labels:  cryptography, crypto
Crypto Bench
Benchmarks for crypto libraries (in Rust, or with Rust bindings)
Stars: ✭ 67 (-96.71%)
Mutual labels:  cryptography, crypto
Siphash Js
A Javascript implementation of SipHash-2-4
Stars: ✭ 90 (-95.58%)
Mutual labels:  cryptography, crypto
Torchbear
🔥🐻 The Speakeasy Scripting Engine Which Combines Speed, Safety, and Simplicity
Stars: ✭ 128 (-93.71%)
Mutual labels:  cryptography, crypto
Tink
Tink is a multi-language, cross-platform, open source library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse.
Stars: ✭ 11,855 (+482.27%)
Mutual labels:  cryptography, crypto

MemGuard

Software enclave for storage of sensitive information in memory.


This package attempts to reduce the likelihood of sensitive data being exposed when in memory. It aims to support all major operating systems and is written in pure Go.

Features

  • Sensitive data is encrypted and authenticated in memory with XSalsa20Poly1305. The scheme used also defends against cold-boot attacks.
  • Memory allocation bypasses the language runtime by using system calls to query the kernel for resources directly. This avoids interference from the garbage-collector.
  • Buffers that store plaintext data are fortified with guard pages and canary values to detect spurious accesses and overflows.
  • Effort is taken to prevent sensitive data from touching the disk. This includes locking memory to prevent swapping and handling core dumps.
  • Kernel-level immutability is implemented so that attempted modification of protected regions results in an access violation.
  • Multiple endpoints provide session purging and safe termination capabilities as well as signal handling to prevent remnant data being left behind.
  • Side-channel attacks are mitigated against by making sure that the copying and comparison of data is done in constant-time.
  • Accidental memory leaks are mitigated against by harnessing the garbage-collector to automatically destroy containers that have become unreachable.

Some features were inspired by libsodium, so credits to them.

Full documentation and a complete overview of the API can be found here. Interesting and useful code samples can be found within the examples subpackage.

Installation

$ go get github.com/awnumar/memguard

API is experimental and may have unstable changes. You should pin a version. [modules]

Contributing

  • Submitting program samples to ./examples.
  • Reporting bugs, vulnerabilities, and any difficulties in using the API.
  • Writing useful security and crypto libraries that utilise memguard.
  • Implementing kernel-specific/cpu-specific protections.
  • Submitting performance improvements.

Issues are for reporting bugs and for discussion on proposals. Pull requests should be made against master.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].