I'm trying to use GMP 6.2.1 as a backend for computations with long integers for cryptography. There it is considered best practice not to leave any traces of sensitive computations longer than needed. Consequently, I wanted to make sure that GMP does not leave anything in memory, but couldn't find anything about it in the docs.

Am I correct to assume that there are two possible sources of unwanted values persisting in memory:

1. Reallocations of numbers into larger sections of memory. Might happen due to self-allocation, for example mpz_mul (x, x, x);.
2. Intermediate computations inside GMP functions, which are somehow related to operands or outputs of these functions.

While it seems that reallocations can be avoided by correctly designing the client code, intermediate variables bother me, at least those that are allocated on the heap. Are there any explicit guarantees given by GMP in this respect?

CodePudding user response：

GMP provides some low level functions for cryptography, which in particular give you control over allocations.

For higher level functions, you don't get any guarantee, but you could still improve over the default through custom allocation, and by configuring temporary allocations.