How to Encrypt Clipboard? [closed]
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 12 years ago.
开发者_高级运维 Improve this questionCan the contents of the clipboard be encrypted?
For example, say that to circumvent keyloggers, users copy and paste passwords from an encrypted file, but now the password lives unencrypted in the clipboard. Is there a way to prevent this behavior without breaking copy/paste, or running some script function that scrambles the clipboard information.
If you need to supply the unencrypted password to a textfield in order to sign in, then nothing you do before that step can stop malicious users from reading the contents of that textbox. Since there needs to be a point in time where that plaintext string is sent to the textbox.
I think if you have a keylogger you have more important problems than encrypting passwords
To answer your question: It should be possible, but you'd need to dig quite deep into the Windows API for that.
To catch COPY events and encrypt the contents, you could use
SetClipboardViewer
to get notified of changed to the clipboard. Here is an example on how to do this with C#.To catch PASTE events and decrypt the contents, you might need to globally hook to
WM_PASTE
messages.
As a side note: Once a keylogger/trojan/etc. managed to run on your system, it is no longer your system. Encrypting the clipboard or similar techniques don't protect your system, they might just raise the bar for the malware developer to get the information he wants (see Jean-Bernard's answer). Preventing evil code from running on your system in the first place is a much better approach.
If the clipboard information is persisted to the drive then whole disk encryption would do the trick (it sounds like that's the kind of stuff you want to do already anyway based on the question).
But encrypting what's in RAM isn't really an option. At some point the OS and applications read that memory and need to know what to do with it. It has to be unencrypted somewhere in the active hardware of the machine in order to be used.
You could certainly encrypt the data, copy it to the clipboard, and then in another instance of your app, paste it, decrypt it. But this is only useful if the source/destination agree on the encryption. i.e. written by the same guy. In that case, you'd be better off NOT using the clipboard, and setting up some sort of private data channel instead. So while you can do it, it's not practical.
You could do that by encrypting your data for your application before the copy, but it really depends on the language you would use.
And decrypt on the paste, but again on your application. You can't do that for all your system; it would mean modifications on your OS...
I'm writing an application which implements copy-and-paste: therefore I use a system API to read data from the clipboard.
If I can't read unencrypted data then copy-and-paste is broken, but if I can then so could any other installed program (including a keylogger).
If someone has privileges to install a keylogger that has clipboard access, he most likely has privileges to get the decryption key of the clipboard as well. Cryptography is not a substitute for access control.
精彩评论