Probably the one in our readme/homepage. It's been a while since we wrote that. If I recall correctly, PyCrypto's AES implementation is vulnerable to the cache timing side-channel that DJB wrote about many years ago.
Alex On Thu, Jun 30, 2016 at 6:10 PM, Glyph Lefkowitz <[email protected]> wrote: > > On Jun 29, 2016, at 23:09, Jay Gupta <[email protected]> wrote: > > could you provide concrete examples of your criticism of other Python > cryptographic packages, especially about poor algorithm interpretations? > > > What specific criticism are you referring to? Cryptography developers > have been critical of other packages (and their own!) in a variety of > contexts. > > -glyph > > _______________________________________________ > Cryptography-dev mailing list > [email protected] > https://mail.python.org/mailman/listinfo/cryptography-dev > > -- "I disapprove of what you say, but I will defend to the death your right to say it." -- Evelyn Beatrice Hall (summarizing Voltaire) "The people's good is the highest law." -- Cicero GPG Key fingerprint: D1B3 ADC0 E023 8CA6
_______________________________________________ Cryptography-dev mailing list [email protected] https://mail.python.org/mailman/listinfo/cryptography-dev
