2018-01-16 21:06 GMT+01:00 Cág <ca6c_AT_bitmessage.ch>:
> Daniel Cegiełka wrote:
>
>> yup... and next one is bearssl
>> https://bearssl.org/
>
> What is so great about it? I only know about Libre/OpenSSL and the GNU
> implementation.
"""
Be correct and secure. In particular, insecure protocol versions and
choices of algorithms are not supported, by design; cryptographic
algorithm implementations are constant-time by default.
Be small, both in RAM and code footprint. For instance, a minimal
server implementation may fit in about 20 kilobytes of compiled code
and 25 kilobytes of RAM.
Be highly portable. BearSSL targets not only “big” operating systems
like Linux and Windows, but also small embedded systems and even
special contexts like bootstrap code.
"""
eg. no dynamic allocation (malloc), it uses only 25KB static buffer
for all operations... constant-time operations by default*
*
https://en.wikipedia.org/wiki/Side-channel_attack
> P.S. By Linux I meant kernel related solutions.
>
> Cheers
> --
> caóc
>
>
Received on Tue Jan 16 2018 - 21:52:30 CET