Bennett Todd [SMTP:[EMAIL PROTECTED]]:
RSADSI has publicly claimed that BSAFE does not in fact have the
precise problem that RSAREF had, and that's good enough for Vin. All
else is supposition. I said "I'd guess it does [have similar
problems]". That's a combination of my belief in the importance of
open code review, which BSAFE has not enjoyed, along with the known
quality of the code offered by RSADSI. I have less respect for that
latter than Vin does. My opinion is more influenced by second-hand
remarks, including some from Vin, than from first-hand experience
with the code; all I've done is run it, never peered under the hood,
and aside from finding it slower than some competitors I know little
personally about it.
I seem to recall that numerical optimizations of several sorts can result in
significant reductions in the strength of cryptographically strong
algorithms. I recall reading a paper outlining how non-constant time
division can allow an attacker to determine many characteristics of a
specific RSA key. In fact, enough information becomes available that (as I
recall) an RSA secret key can be cracked in several hours.
This implies that speed is a poor criterion for determining the quality of
cryptographic code.
[ Think very carefully what this means for encryption code. Division may
need to be implemented in software despite the availability of faster
hardware division. Even the particular submodel of the chip executing code
may be relevant to cryptographic code. A a "smart" or "automatic"
pipelining system could introduce variances in timing, as can cache
hits/misses. Unlike almost every other area of software development days
encryption software can require intimate knowledge of *exactly* what
hardware platform the code is running on. I suspect that this expertise is
what you are paying for when you buy the BSAFE libraries. ]
- Jeff Younker - [EMAIL PROTECTED] - These are my opinions, not MDL's -
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
