Perhaps it is possible to avoid having the plaintext in memory at all?
- Only compare the crypttexts, never the plaintexts
- For input use a modified input field to minimize the time the plaintext kept in memory then wipe the memory used by the input field before releasing the memory
- If possible ask the OS never to swap the memory used by the input field
- Only compare the crypttexts, never the plaintexts
- For input use a modified input field to minimize the time the plaintext kept in memory then wipe the memory used by the input field before releasing the memory
- If possible ask the OS never to swap the memory used by the input field