Re: Draft Edition of LibTomMath book
Werner Koch [EMAIL PROTECTED] writes: Does the proprietary SSH still use GMP? I know no other major crypto apps using GMP for big number math. I've seen it used in a couple of lesser-known apps that I played with for interop testing, nothing that counts as a major app though. Maybe it's being used by people who prefer the LGPL to the more widely-used OpenSSL bignum lib's BSD license (or perhaps it's the fact that GMP has documentation :-). A problem with GMP is that it heavily uses alloca() and thus it is not that hard to find traces of secrets in the core. Ouch! This is a pity, because GMP seems to have the most active development in terms of both algorithm optimisation and machine-specific optimisations - if you want to find a version that runs well on $obscure_embedded_platform, it's pretty much GMP or nothing. Peter. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Draft Edition of LibTomMath book
Le ven 27/06/2003 à 15:24, Werner Koch a écrit : Does the proprietary SSH still use GMP? I know no other major crypto apps using GMP for big number math. A problem with GMP is that it heavily uses alloca() and thus it is not that hard to find traces of secrets in the core. I know that freeswan use it. Cheers -- Marcel de Riedmatten pgp key: CFE703CA http://ftp.dotforge.ch/pub/users/mdr/mdr.gpg.asc Empreinte: 4687 F9CB D8E2 AC1A B806 F812 C048 0875 CFE7 03CA signature.asc Description: PGP signature
re: Draft Edition of LibTomMath book
Just a quick comment. The PDF is not a web friendly PDF so you if you are trying to view it inline with your browser you have to wait for it to download completely first. I've managed 80KB/sec off the site so it doesn't take too long to grab it.Alternatively you can grab the .PDF.BZ2 file and decompress it locally. I'm only making this comment because I've noted quite a few incomplete downloads... Thanks, Tom http://book.libtomcrypt.org __ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Draft Edition of LibTomMath book
On Wed, 25 Jun 2003, tom st denis wrote: The Draft Edition of the LibTomMath book [book about how to implement bignum math] is freely available on my site at http://book.libtomcrypt.org Keep in mind it is a draft and has not been edited yet. However, if you ever wanted to learn how to implement efficient [portable too] bignum math routines you might want to give it a read. Enjoy, Tom One thing that I've noticed for a long time is that there are *VERY* few math libraries that don't leave whatever numbers they're working with in memory when deallocating (deallocating heap via free() or deallocating stack via returning from a procedure call or deallocating swapspace by getting paged back in off a disk). And numbers that an application leaves lying around in whatever working memory or media it's using, can be discovered and exploited by other programs - frequently by unauthorized ones. Windowing systems have the same kind of leakage, but you can avoid using windowing systems with a crypto program; there's no need to put sensitive information like keys or passwords on the screen ever. Admittedly, I'd like to have a secure windowing system, but it seems unlikely. But I think Math is indispensable to crypto, and there ought to be a secure mathematics library. Bear - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Draft Edition of LibTomMath book
--- bear [EMAIL PROTECTED] wrote: One thing that I've noticed for a long time is that there are *VERY* few math libraries that don't leave whatever numbers they're working with in memory when deallocating (deallocating heap via free() or deallocating stack via returning from a procedure call or deallocating swapspace by getting paged back in off a disk). And numbers that an application leaves lying around in whatever working memory or media it's using, can be discovered and exploited by other programs - frequently by unauthorized ones. Very true. LibTomMath will actually wipe the memory allocated [via memset] before free'ing but I leave it up to the end user to lock their heap from swapping. Tom __ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]