Subject: Re: [boost] Crypto/hashes library?
From: Raffi Enficiaud (raffi.enficiaud_at_[hidden])
Date: 2017-09-21 21:51:56
Le 07.09.17 à 17:08, Andrey Semashev via Boost a écrit :
> On 09/07/17 16:59, Vinnie Falco via Boost wrote:
>> On Thu, Sep 7, 2017 at 2:50 AM, Richard Hodges via Boost
>> <boost_at_[hidden]> wrote:
>>> I think it would be reasonable to say that most people (tm) use
>>> either the
>>> openssl or CryptoCpp libraries.
>>
>> I doubt either of these libraries would pass a Boost review.
>
> They don't need to.
>
> I think a full implementation of cryptographic algorithms in Boost,
> while would be nice in theory, is not very feasible in practice. First,
> it would require a group of very skillful and active developers that
> keep their hand on pulse in the security and cryptography field.
> Vulnerabilities need to be acted upon fast, which also means that Boost
> release schedule doesn't suit very well for such a library. The
> implementation has to be robust and fast to compete with other
> implementations (and by fast I mean including writing assembler routines
> for many algorithms). Then, preferably, the implementation would have to
> pass an independent audit to gain some trust in users.
(late reply, catching up threads)
The last sentence is very important I think in crypto: why would I trust
a boost implementation more than eg. OpenSSL? How to prevent attacks on
the repo? (signed commit and all the like).
Even in the case of eg. Boost providing a nice interface to a "serious"
crypto backend, as soon as some password/private key needs to transit
through this interface, then the interface should be trusted as well.
Raffi