how to keep c++ variables in RAM securely?

Question

I\'m working on a C++ application which is keeping some user secret keys in the RAM. This secret keys are highly sensitive & I must minimize risk of any kind of attack again

Answer 1

As others have said, there is no secure way to do this on a general purpose computer. The alternative is to use a Hardware Security Module (HSM).

These provide:

• greater physical protection for the keys than normal PCs/servers (protecting against direct access to RAM);
• greater logical protection as they are not general purpose - no other software is running on the machine so no other processes/users have access to the RAM.

You can use the HSM's API to perform the cryptographic operations you need (assuming they are somewhat standard) without ever exposing the unencrypted key outside of the HSM.