From owner-freebsd-arch@FreeBSD.ORG Fri Dec 10 16:02:46 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 22C2D16A4CE for ; Fri, 10 Dec 2004 16:02:46 +0000 (GMT) Received: from saturn.criticalmagic.com (saturn.criticalmagic.com [64.74.124.105]) by mx1.FreeBSD.org (Postfix) with ESMTP id DCF2843D45 for ; Fri, 10 Dec 2004 16:02:45 +0000 (GMT) (envelope-from rcoleman@criticalmagic.com) Received: from [10.40.30.75] (borg.ciphertrust.com [64.238.118.66]) by saturn.criticalmagic.com (Postfix) with ESMTP id 076593BD10; Fri, 10 Dec 2004 11:02:44 -0500 (EST) Message-ID: <41B9C8B1.2090600@criticalmagic.com> Date: Fri, 10 Dec 2004 11:02:57 -0500 From: Richard Coleman Organization: Critical Magic User-Agent: Mozilla Thunderbird 1.0RC1 (X11/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Colin Percival References: <41B92CF3.2090302@wadham.ox.ac.uk> In-Reply-To: <41B92CF3.2090302@wadham.ox.ac.uk> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-arch@freebsd.org Subject: Re: Adding standalone RSA code X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Dec 2004 16:02:46 -0000 Colin Percival wrote: > I'd like to add a new library for lightweight barebones RSA > computations, and associated commandline rsa-makekey, rsa-sign, and > rsa-verify utilities. > > To a certain extent, this duplicates existing functionality > (openssl), but I think my code has important advantages which justify > the duplication: 1. It is lightweight (around 2% of the size of > openssl), which may allow it to be used in memory-limited > environments, 2. It is far more auditable, due to its smaller size, > and 3. It is designed for security rather than performance; I made > certain design decisions which result in my code being rather slower > than openssl as a result of a desire to avoid potential attack > vectors. > > My reason for wanting to add this code is that I'm using it in > FreeBSD Update (and recently portsnap as well) and this is the first > step towards migrating that into the base system. > > Any objections? > > Colin Percival If the objective is to create a standard library for memory limited cryptography, then using elliptic curve cryptography would be more appropriate than RSA. But that may be too radical for most users. My primary concern about a new library is that as more applications use cryptography, the more openssl becomes a "sunk" cost. It's already there. So using an alternate library (even a small one) is an increase in memory utilization. Also, as Mark says, openssl is much more likely to grow hardware support for common crypto algorithms (like in the VIA chip). Just my random thoughts. Don't take this as a strenuous objection. Richard Coleman rcoleman@criticalmagic.com