I'm writing program that load encoded string into memory and decode it with special algorithm.
Sequences of program work:
base64 string)base64 string to encoded data string (Rijndael 256)Rijndael256) to plain text codeThe problem is in sequence #3 if user create dump of program memory, he can get code as plain text which must be secure.
My question is - there is any way to protect my plain text string in memory?
Program is written in C++.
Presumably the plain text is needed in memory, at least briefly, for proper execution. If, at that point, a memory dump happens, yes, they have access to it, and no, there isn't much you can do about it. Keeping it in plain text as short as time as possible will help, as well "secure zeroing" the memory after you're done with it.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With