libzahl

big integer library
git clone git://git.suckless.org/libzahl
Log | Files | Refs | README | LICENSE
commit 7132e2b0f31ca0520465baf3caa75650c5b1bf2f
parent aeef38031dd83d5935cdd9263856485b31e1588f
Author: Mattias Andrée <maandree@kth.se>
Date:   Sun, 19 Jun 2016 01:54:49 +0200

doc: vulnerabilities concerning cryptographic applications

Signed-off-by: Mattias Andrée <maandree@kth.se>

Diffstat:

Mdoc/what-is-libzahl.tex | 19+++++++++++++++----


Mman/libzahl.7 | 8+++++++-


2 files changed, 22 insertions(+), 5 deletions(-)

diff --git a/doc/what-is-libzahl.tex b/doc/what-is-libzahl.tex
@@ -174,10 +174,21 @@ division: {\tt mpz\_tdiv\_q}, {\tt mpz\_tdiv\_r} and
 \label{sec:Limitations}
 
 libzahl is not recommended for cryptographic
-applications, it is not mature enough, and its author
-does not have the necessary expertise. And in
-particular, it does not implement constant time
-operations. Additionally, libzahl is not thread-safe.
+applications, it is not mature enough, and its
+author does not have the necessary expertise.
+And in particular, it does not implement constant
+time operations, and it does not clear pooled
+memory. Using libzahl in cryptographic application
+is insecure; your application may become susceptible
+attacks such as timing attacks, power-monitoring
+attacks, electromagnetic attacks, acoustic
+cryptanalysis, and data remanence attacks. libzahl
+is known to be susceptible to timing attacks
+(due to lack of constant time operations) and
+data remanence attacks (due to pooling memory
+for reuse without clearing the content of the
+memory allocations.) Additionally, libzahl is not
+thread-safe.
 
 libzahl is also only designed for POSIX systems.
 It will probably run just fine on any modern
diff --git a/man/libzahl.7 b/man/libzahl.7
@@ -53,6 +53,12 @@ You are strongly discouraged from using
 .B libzahl
 for cryptographic applications. Instead, use a library
 specifically targeting cryptography, otherwise, your
-program may be subject to side-channel attacks.
+program may be subject to side-channel attacks such as
+timing attacks, power-monitoring attacks, electromagnetic
+attacks, acoustic cryptanalysis, and data remanence
+attacks.
+.B libzahl
+is known to be susceptible to timing attacks and data
+remanence attacks.
 .SH SEE ALSO
 .BR zsetup (3)