R.R. Gilyazov, S.V. Smyshlyaev
In case of cryptographic software functioning in system with no possibility of an intruder’s presence in kernel the problem of secure input and storing secret keys from external devices can be solved by keeping key information in memory space that user mode modules are not possible to read. On the other hand, password protection is used for keys stored on external devices, thus there is a strong need to provide a secure path for password symbols input in the moment of loading secret keys into protected memory, since standard path of keyboard input can be intercepted by intruder modules in userspace.
In the current paper the solution of such a problem is proposed in the following models:
a) An intruder uses only userspace keyloggers to intercept password symbols.
b) An intruder is in full control of the userspace.
c) An intruder is in full control of the userspace and also is able to use hardware keyloggers or video surveillance tools to monitor every keyboard manipulation