Computerbeveiliging - Hoe je bad guys buiten de deur houdt

Goed voorbeeld van "never roll your own crypto"

23-08-2020, 15:41 door Anoniem, 0 reacties
https://brycx.github.io/2020/08/22/a-look-at-a-branca-implementation.html

TLDR:


I’m a big fan of “rolling your own crypto” and here I’m talking about implementing known algorithms. I do it myself. I even think making it available on GitHub or similar, to ask for feedback, is good (if users are warned that no security can be expected).

However, a problem arises when projects that don’t even uphold the bare minimum of testing test vectors, are published with no warnings at all. Had there been used test vectors in this case, it wouldn’t have left IdentityModel completely broken.
Nog geen reacties
Reageren

Deze posting is gelocked. Reageren is niet meer mogelijk.