The Linux Kernel Key Retention Service and why you should use it in your next application
In this post, we discussed the importance of protecting cryptographic keys and secrets from leaking into unauthorized memory regions. We talked about some real examples where data leakage has impacted many users around the world, including Cloudflare. Finally, we learned how the Linux Kernel Retention Service can help us to protect our cryptographic keys and secrets. We also introduced a working patch for OpenSSH to use this cool feature of the Linux kernel, so you can easily try it yourself. There are still many Linux Kernel Key Retention Service features left untold, which might be a topic for another blog post. Stay tuned!
Company
Cloudflare
Date published
Nov. 28, 2022
Author(s)
Oxana Kharitonova, Ignat Korchagin
Word count
4528
Hacker News points
20
Language
English