Hacker News new | ask | show | jobs
by kewde 3571 days ago
Hi,

Yes we're always where the critics are, they are or best source of information.

I'm very happy to see our work being reviewed. I'm not an expert cryptographer but I am capable of understanding it. (fyi I didn't code it).

Our memcmp in constant time is not the prettiest, but it's short so we roll with it :P

This project started around 2014, LibSodium was still very small back then and OpenSSL, in ours view, remains the defacto standard. Is there any particular reason on why we should move away from RAND_bytes() ?
1 comments
CiPHPerCoder 3571 days ago
Yes: Aside from being a userspace CSPRNG (which is an additional risk of failure over the kernel's CSPRNG and doesn't provide defense-in-depth), it isn't thread-safe.

https://github.com/ramsey/uuid/issues/80

https://github.com/nodejs/node/issues/5798

There are also some recent IACR papers (linked in the Node thread), but those are the two biggest concerns.

link
kewde 3571 days ago
Thank you CiPHPerCoder!

That link to NodeJS was a good read, I'm fairly convinced that we should ditch RAND_bytes from OpenSSL for something more secure, we'll look into LibSodium.

I've caught rumours of a possible RAND_sys_bytes which operates over the systems CSPRNG? We like to be conservative on the libs.

We'd like to tip you for your efforts, do you have a Bitcoin (or ShadowCash) address?

link
CiPHPerCoder 3571 days ago
I do, actually, but I haven't accessed it in almost two years. EDIT: And I forgot my password. Here's a new one:

  1D6RMsgnTAf2GLWpD91EaQvQ5ppuaZKkGT
link