Where communities thrive

Join over 1.5M+ people
Join over 100K+ communities
Free without limits
Create your own community

Explore more communities

libOctavo/octavo

Highly modular & configurable hash & crypto library

People

Repo info

Activity

Oct 17 2018 23:58

miguelmota starred libOctavo/octavo
Oct 15 2018 19:47

ex0dus-0x starred libOctavo/octavo
Aug 01 2018 19:29

davidp94 starred libOctavo/octavo
Aug 01 2018 02:41

dingelish starred libOctavo/octavo
Jul 29 2018 03:58

ex0dus-0x starred libOctavo/octavo
Jul 13 2018 03:58

Ludoplex0 starred libOctavo/octavo
Apr 11 2018 20:44

gillesfabio starred libOctavo/octavo
Apr 03 2018 07:25

riag starred libOctavo/octavo
Mar 25 2018 08:24

king6cong starred libOctavo/octavo
Mar 24 2018 15:47

Travis libOctavo/octavo#104 broken (474)
Mar 24 2018 15:40

fabiao opened #104
Mar 24 2018 15:29

fabiao forked
fabiao/octavo
Mar 24 2018 14:42

fabiao opened #103
Mar 18 2018 11:41

nshtg starred libOctavo/octavo
Jan 03 2018 14:57

Coveralls libOctavo/octavo (master) 64.9%
Dec 28 2017 00:09

Nubuck starred libOctavo/octavo
Oct 19 2017 13:16

deansheather starred libOctavo/octavo
Oct 14 2017 15:38

Travis libOctavo/octavo (master) passed (473)
Oct 14 2017 15:32

jubalh closed #102
Oct 14 2017 15:32

jubalh commented #102

Nick

@mkandalf

It seems to me that pow_mod in power.rs is vulnerable to FLUSH+RELOAD.

while exp > zero() {
            if exp.is_odd() { acc = (acc * &base) % modulus }
            if exp > one() { base = (&base * &base) % modulus }
            exp = exp >> 1;
        }

Specifically if exp.is_odd() { acc = (acc * &base) % modulus }

Should do temp = (acc * &base) % modulus; if exp.is_odd() { acc = temp }, I believe

( @hauleth )

Łukasz Jan Niemier

@hauleth

Probably You are right. I would happily accept PR.

Nick

@mkandalf

Cool

Will do when I get a chance

Łukasz Jan Niemier

@hauleth

Currently RSA implementation is vulnerable to many side-channel attacks, in most cases timing ones

I.e. it doesn't run any whitening in RSA encryption, so Chinese Reminders Theorem algorithm is vulnerable to ones.

Nick

@mkandalf

Mmm

Łukasz Jan Niemier

@hauleth

I should clearly state in README that this is still early stage of development and most of library is unsafe and vulnerable to many side-channel attacks. I am trying to make it as safe as possible, but I think that even when I finish Octavo it would take at least half of the year till there will be enough peer-reviews to be sure that it is almost safe.

So any help will be really appreciated :smile:

Aviv Palivoda

@palaviv

Hello, I would like to ask what are the differences between octavo and rust-crypto?

Łukasz Jan Niemier

@hauleth

For now:

rust-crypto requires nightly, Octavo doesn't
rust-crypto contains assembly code, Octavo currently does not
rust-crypto is more complete
Octavo is made in modularity in mind, main idea is to provide as few primitives as needed

Aviv Palivoda

@palaviv

As I mentioned in #86 I implemented the DH for rust-crypto first and then ported the implementation to ocatvo. Why not porting some of the implementations missing in octavo from rust-crypto? As it seems from looking at the rust-crypto repository it is not very active.

When you say "as few primitives as needed". Needed for what?

Also just to give a heads up I am currently working on ECDH. I am only starting to work on this but I hope I will have something working soon.

Łukasz Jan Niemier

@hauleth

@palaviv needed for your use case. One of reasons for creating Octavo was to make it as modular as possible to allow enabling only needed features. This would eradicate OpenSSL problem with downgrading to weak crypto.