A security review of the D library Crypto
er.krali at gmail.com
Wed Jul 1 07:49:27 UTC 2020
On 1/7/20 9:19, Cym13 wrote:
> As some of you may know one of my hobbies is to review open source
> software for security issues. About a year ago I reviewed the RSA
> implementation of Crypto: a native D library which, according to dub
> statistics, is fairly popular.
> Issues were found and after discussion with the author I decided to wait
> for them to be fixed. A year later I would like to present the results
> of an updated review of the library:
> Here's what you should know if you are a user:
> RSA, as implemented in the library, is still very much broken. I do not
> recommend using it. The confidentiality and integrity of all messages
> exchanged using this library must be questionned: if you exchanged
> sensitive information such as passwords using it I recommend to change
> them since their security is not guaranteed.
> “Is this really the place to have this discussion? Shouldn't this be
> between the author and you?“
> The author was contacted a year ago and although our discussion was kind
> and productive I have not heard from him since. Most of the issues
> present today were already present in my first assessment. Some
> modifications were made, but most recommendations were ignored. After a
> year without action I feel that the users should know exactly what they
> are exposed to since they are the ones affected by these security
> issues. This follows standard vulnerability disclosure processes.
> For all details and analysis I direct you to the blog post. It is a
> rather thorough and technical read so I would recommend grabbing a cup
> of tea first.
> If you find any mistake or unclear parts I'll be glad to correct it so
> feel free to point it out. Furthermore if you would like someone to have
> a look at your project to identify issues I am always glad to help free
> and open source projects that can't afford security review through
> traditional means so feel free to reach out.
>  https://code.dlang.org/packages/crypto
As somebody who also was somewhat involved in infosec and cryptography
in a previous life, I found your article really interesting. So, first
of all, thanks for taking the time to do the review and for publishing
I see that you mostly focus on the algorithms, but did you also check
for side-channel attacks (for instance, timing attacks), or given the
flaws already found it would make little sense to go deeper?
I find that following a well-known algorithm is just the easy part when
implementing crypto... the hard one is ironing out those pesky
"implementation details". That's one of the reasons why I would try to
use one of the "big" libraries for cryptography instead of rolling out
my own, even if it meant adding an external C/C++ dependency to my project.
More information about the Digitalmars-d-announce