3Oca
MbedTls – keeping context private?
Let's assume we're running on mbed system with internal and external RAM. Dumping external RAM is much more easier for attacker on such systems when debug ports are locked.
I'm wondering if the context passed to mbedTLS APIs carries any sensitive data that could be used to get the secrets(ie. private key)? Should it be placed on internal RAM for security?
Going even further, is it safe to keep task stack which calls mbedTLS on external RAM? Is there any chance to get the secrets from stack variables?
Is there any guideline I've missed regarding this topic?
