diff options
| author | Mattias Andrée <maandree@kth.se> | 2016-06-19 01:54:49 +0200 |
|---|---|---|
| committer | Mattias Andrée <maandree@kth.se> | 2016-06-19 01:54:49 +0200 |
| commit | 7132e2b0f31ca0520465baf3caa75650c5b1bf2f (patch) | |
| tree | af2c13f79f13e8b566cbbeda37e6367c993fea10 | |
| parent | Manual: on bsdnt (diff) | |
| download | libzahl-7132e2b0f31ca0520465baf3caa75650c5b1bf2f.tar.gz libzahl-7132e2b0f31ca0520465baf3caa75650c5b1bf2f.tar.bz2 libzahl-7132e2b0f31ca0520465baf3caa75650c5b1bf2f.tar.xz | |
doc: vulnerabilities concerning cryptographic applications
Signed-off-by: Mattias Andrée <maandree@kth.se>
Diffstat (limited to '')
| -rw-r--r-- | doc/what-is-libzahl.tex | 19 | ||||
| -rw-r--r-- | man/libzahl.7 | 8 |
2 files changed, 22 insertions, 5 deletions
diff --git a/doc/what-is-libzahl.tex b/doc/what-is-libzahl.tex index 2a020df..e09d0bd 100644 --- a/doc/what-is-libzahl.tex +++ b/doc/what-is-libzahl.tex @@ -174,10 +174,21 @@ division: {\tt mpz\_tdiv\_q}, {\tt mpz\_tdiv\_r} and \label{sec:Limitations} libzahl is not recommended for cryptographic -applications, it is not mature enough, and its author -does not have the necessary expertise. And in -particular, it does not implement constant time -operations. Additionally, libzahl is not thread-safe. +applications, it is not mature enough, and its +author does not have the necessary expertise. +And in particular, it does not implement constant +time operations, and it does not clear pooled +memory. Using libzahl in cryptographic application +is insecure; your application may become susceptible +attacks such as timing attacks, power-monitoring +attacks, electromagnetic attacks, acoustic +cryptanalysis, and data remanence attacks. libzahl +is known to be susceptible to timing attacks +(due to lack of constant time operations) and +data remanence attacks (due to pooling memory +for reuse without clearing the content of the +memory allocations.) Additionally, libzahl is not +thread-safe. libzahl is also only designed for POSIX systems. It will probably run just fine on any modern diff --git a/man/libzahl.7 b/man/libzahl.7 index 66208b9..c57800d 100644 --- a/man/libzahl.7 +++ b/man/libzahl.7 @@ -53,6 +53,12 @@ You are strongly discouraged from using .B libzahl for cryptographic applications. Instead, use a library specifically targeting cryptography, otherwise, your -program may be subject to side-channel attacks. +program may be subject to side-channel attacks such as +timing attacks, power-monitoring attacks, electromagnetic +attacks, acoustic cryptanalysis, and data remanence +attacks. +.B libzahl +is known to be susceptible to timing attacks and data +remanence attacks. .SH SEE ALSO .BR zsetup (3) |