Probably the one in our readme/homepage. It's been a while since we wrote that. If I recall correctly, PyCrypto's AES implementation is vulnerable to the cache timing side-channel that DJB wrote about many years ago.
Alex On Thu, Jun 30, 2016 at 6:10 PM, Glyph Lefkowitz <gl...@twistedmatrix.com> wrote: > > On Jun 29, 2016, at 23:09, Jay Gupta <cooljay.gu...@gmail.com> wrote: > > could you provide concrete examples of your criticism of other Python > cryptographic packages, especially about poor algorithm interpretations? > > > What specific criticism are you referring to? Cryptography developers > have been critical of other packages (and their own!) in a variety of > contexts. > > -glyph > > _______________________________________________ > Cryptography-dev mailing list > Cryptography-dev@python.org > https://mail.python.org/mailman/listinfo/cryptography-dev > > -- "I disapprove of what you say, but I will defend to the death your right to say it." -- Evelyn Beatrice Hall (summarizing Voltaire) "The people's good is the highest law." -- Cicero GPG Key fingerprint: D1B3 ADC0 E023 8CA6
_______________________________________________ Cryptography-dev mailing list Cryptography-dev@python.org https://mail.python.org/mailman/listinfo/cryptography-dev
