One reason small OpenSSL alternative libraries are so bad is that they don’t use OpenSSL’s libcrypto.
-
-
Replying to @tqbf
That sounds weird, but the fact is that OpenSSL is two libraries, not one: the SSL stack, and the crypto primitives.
1 reply 1 retweet 6 likes -
Replying to @tqbf
If you write an OpenSSL replacement that isn’t “allowed” to use libcrypto, you’re simultaneously picking up two very difficult problems.
1 reply 1 retweet 7 likes -
Replying to @tqbf
And so you get, for instance, BOTH failure to do the anti-BB’98 dance in TLS, AND the missing curve parameter validation in curve primitives
3 replies 1 retweet 3 likes -
Replying to @tqbf
I just checked the anti-BB dance in BearSSL and it's well done. Better than OpenSSL.
2 replies 4 retweets 7 likes -
Replying to @matthew_d_green
Yeah I’m not subtweeting BearSSL; it was just a shower thought about why “small OpenSSL replacements” are so bad.
1 reply 0 retweets 2 likes -
Replying to @tqbf
I agree with your shower thought. I was impressed that BearSSL seems to avoid some of this.
1 reply 0 retweets 5 likes -
Replying to @matthew_d_green @tqbf
Another shower thought: we should stop obsessing over side channels and start obsessing over readable state machine code.
3 replies 2 retweets 11 likes -
Replying to @matthew_d_green
That seems like a way of saying “someone should write a better TLS on top of libcrypto”
3 replies 2 retweets 3 likes
Isn’t that what @BRIAN_____’s *ring* is?
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.