(wrong string) ée from git_AT_suckless.org on 2016-06-19 (hackers mail list archive)

From: <git_AT_suckless.org>
Date: Sun, 19 Jun 2016 02:50:41 +0200 (CEST)

commit 7132e2b0f31ca0520465baf3caa75650c5b1bf2f
Author: Mattias Andrée <maandree_AT_kth.se>
AuthorDate: Sun Jun 19 01:54:49 2016 +0200
Commit: Mattias Andrée <maandree_AT_kth.se>
CommitDate: Sun Jun 19 01:54:49 2016 +0200

    doc: vulnerabilities concerning cryptographic applications

    Signed-off-by: Mattias Andrée <maandree_AT_kth.se>

diff --git a/doc/what-is-libzahl.tex b/doc/what-is-libzahl.tex
index 2a020df..e09d0bd 100644
--- a/doc/what-is-libzahl.tex
+++ b/doc/what-is-libzahl.tex
_AT_@ -174,10 +174,21 @@ division: {\tt mpz\_tdiv\_q}, {\tt mpz\_tdiv\_r} and
\label{sec:Limitations}

libzahl is not recommended for cryptographic
-applications, it is not mature enough, and its author
-does not have the necessary expertise. And in
-particular, it does not implement constant time
-operations. Additionally, libzahl is not thread-safe.
+applications, it is not mature enough, and its
+author does not have the necessary expertise.
+And in particular, it does not implement constant
+time operations, and it does not clear pooled
+memory. Using libzahl in cryptographic application
+is insecure; your application may become susceptible
+attacks such as timing attacks, power-monitoring
+attacks, electromagnetic attacks, acoustic
+cryptanalysis, and data remanence attacks. libzahl
+is known to be susceptible to timing attacks
+(due to lack of constant time operations) and
+data remanence attacks (due to pooling memory
+for reuse without clearing the content of the
+memory allocations.) Additionally, libzahl is not
+thread-safe.

libzahl is also only designed for POSIX systems.
It will probably run just fine on any modern
diff --git a/man/libzahl.7 b/man/libzahl.7
index 66208b9..c57800d 100644
--- a/man/libzahl.7
+++ b/man/libzahl.7
_AT_@ -53,6 +53,12 @@ You are strongly discouraged from using
.B libzahl
for cryptographic applications. Instead, use a library
specifically targeting cryptography, otherwise, your
-program may be subject to side-channel attacks.
+program may be subject to side-channel attacks such as
+timing attacks, power-monitoring attacks, electromagnetic
+attacks, acoustic cryptanalysis, and data remanence
+attacks.
+.B libzahl
+is known to be susceptible to timing attacks and data
+remanence attacks.
.SH SEE ALSO
.BR zsetup (3)
Received on Sun Jun 19 2016 - 02:50:41 CEST

This archive was generated by hypermail 2.3.0 : Sun Jun 19 2016 - 03:00:18 CEST