geremy condra wrote:
On Fri, Sep 25, 2009 at 9:49 PM, Nick Coghlan <ncoghlan@gmail.com <mailto:ncoghlan@gmail.com>> wrote:
CTO wrote: > EVP covers hashing, signatures, and encryption/decryption. If we're > going > to go for a longer name, maybe "cryptography" would be more > appropriate?
Something to keep in mind while working on this is your threat model for the library. If you aren't going to do anything to guard against side-channel attacks (which are rather hard to avoid in a cross platform algorithm on a general purpose PC) or against attacks which grab unencrypted messages and keys from released-but-not-overwritten computer memory or (worse) the swap file, then this should be mentioned in the documentation.
That way application developers that are looking for that extra level of security will know they need to look elsewhere.
Regards, Nick.
I can make a note of it, although I'm unsure what concrete steps I could take to prevent such attacks from succeeding. Any ideas?
OpenSSL may actually guard against of the first part already. I'm unsure about the second part though. And I don't know enough about the problems to know how to fix them either - I just know when I'm theoretically leaving these attack vectors open and make sure to defend them by other means (such as physically securing the affected networks). But it's this kind of stuff that people are talking about when they point out that practical crypto is harder than just using good algorithms. Cheers, Nick. -- Nick Coghlan | ncoghlan@gmail.com | Brisbane, Australia ---------------------------------------------------------------