libzahl

big integer library
git clone git://git.suckless.org/libzahl
Log | Files | Refs | README | LICENSE

commit 7132e2b0f31ca0520465baf3caa75650c5b1bf2f
parent aeef38031dd83d5935cdd9263856485b31e1588f
Author: Mattias Andrée <maandree@kth.se>
Date:   Sun, 19 Jun 2016 01:54:49 +0200

doc: vulnerabilities concerning cryptographic applications

Signed-off-by: Mattias Andrée <maandree@kth.se>

Diffstat:
doc/what-is-libzahl.tex | 19+++++++++++++++----
man/libzahl.7 | 8+++++++-
2 files changed, 22 insertions(+), 5 deletions(-)

diff --git a/doc/what-is-libzahl.tex b/doc/what-is-libzahl.tex @@ -174,10 +174,21 @@ division: {\tt mpz\_tdiv\_q}, {\tt mpz\_tdiv\_r} and \label{sec:Limitations} libzahl is not recommended for cryptographic -applications, it is not mature enough, and its author -does not have the necessary expertise. And in -particular, it does not implement constant time -operations. Additionally, libzahl is not thread-safe. +applications, it is not mature enough, and its +author does not have the necessary expertise. +And in particular, it does not implement constant +time operations, and it does not clear pooled +memory. Using libzahl in cryptographic application +is insecure; your application may become susceptible +attacks such as timing attacks, power-monitoring +attacks, electromagnetic attacks, acoustic +cryptanalysis, and data remanence attacks. libzahl +is known to be susceptible to timing attacks +(due to lack of constant time operations) and +data remanence attacks (due to pooling memory +for reuse without clearing the content of the +memory allocations.) Additionally, libzahl is not +thread-safe. libzahl is also only designed for POSIX systems. It will probably run just fine on any modern diff --git a/man/libzahl.7 b/man/libzahl.7 @@ -53,6 +53,12 @@ You are strongly discouraged from using .B libzahl for cryptographic applications. Instead, use a library specifically targeting cryptography, otherwise, your -program may be subject to side-channel attacks. +program may be subject to side-channel attacks such as +timing attacks, power-monitoring attacks, electromagnetic +attacks, acoustic cryptanalysis, and data remanence +attacks. +.B libzahl +is known to be susceptible to timing attacks and data +remanence attacks. .SH SEE ALSO .BR zsetup (3)