-
-
1 reply 0 retweets 0 likesShow this thread -
Q: Custom JS crypto lib, any formal verification of that? A: No, test suite is aggressive, compiles to different word sizes to find corner cases at word boundaries.
#realworldcrypto1 reply 0 retweets 0 likesShow this thread -
Next up, HACL* in Mozilla Firefox. Final talk!
#realworldcrypto1 reply 1 retweet 0 likesShow this thread -
Formal methods and high assurance web applications on the web.
#realworldcrypto1 reply 0 retweets 0 likesShow this thread -
Functional correctness is difficult (integer overflow in OpenSSL's Poly1305, elliptic curve correctness bug in NSS).
#realworldcrypto1 reply 0 retweets 2 likesShow this thread -
2 replies 6 retweets 4 likesShow this thread -
Replying to @durumcrustulum
The claim of a bug in NaCl's Curve25519 implementation is completely incorrect. That code was never part of any NaCl release---precisely because it never passed NaCl's stringent review process.
2 replies 0 retweets 4 likes -
Replying to @hashbreaker @durumcrustulum
The Curve25519 code that's actually in NaCl, including the assembly code, _did_ pass NaCl's review process, and has also passed various followup verification and validation steps.
2 replies 0 retweets 3 likes -
Replying to @hashbreaker @durumcrustulum
Unfortunately NaCl's unmaintained nature and hour long ./do script which produced non-relocatable binaries rendered it unusable, so people copied and pasted code from SUPERCOP in hopes of getting something which wasn't abandonware
1 reply 7 retweets 29 likes
I sense that you might not like my highly sophisticated build system: https://git.thejh.net/?p=libjh.git;a=blob;f=compile.sh …
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.