Pros and Cons of Crypto++
I'd like to ask readers of the newsgroup their opinion of Wei Dai's
Crypto++ library. I've used it previously but have reservations about
the complexity of it's object oriented hierarchy.
What I would like to know is:
1. Has any formal evaluation (aside from the FIPS 140-2 level 1
validation given to version 5.0.4 binaries) has been done on the
validity of the cryptographic functions? If not, does anyone have any
direct experience of incorrect or questionable aspects of this library?
2. Would anyone know of any validation of the library from the point of
view of security in the sense of software vulnerabilities?
Any advice in this would be greatly appreciated, thank you.
Re: Pros and Cons of Crypto++
> Hi, all
> I'd like to ask readers of the newsgroup their opinion of Wei Dai's
> Crypto++ library. I've used it previously but have reservations about
> the complexity of it's object oriented hierarchy.
> What I would like to know is:
> 1. Has any formal evaluation (aside from the FIPS 140-2 level 1
> validation given to version 5.0.4 binaries) has been done on the
> validity of the cryptographic functions? If not, does anyone have any
> direct experience of incorrect or questionable aspects of this library?
To my knowledge there hasn't been a formal correctness review. From my
own experience, once I waded through the clhostinghostinghostinges and got it working, it
has always matched the output from other libraries on different
platforms, including OpenSSL and the BouncyCastle stuff on java. I've
only used the hashes and symmetric ciphers though. There are some test
vectors included for some of the ciphers and hashes and the code seems
to produce correct results. I haven't tried all of the ciphers though.
> 2. Would anyone know of any validation of the library from the point of
> view of security in the sense of software vulnerabilities?
> Any advice in this would be greatly appreciated, thank you.
This has been something I've wondered about, I hostinghostinghostingume you're talking
about the standard stack and buffer type attacks. Firstly, I don't want
to be overly critical, I like the library and use it, it seems to be
popular for attacks in some circles because of the complexity or lack of
dohostinghostinghostingentation. The dohostinghostinghostingentation is light but once you get it working
it does what you'd expect. That being said, with the amazing abundance
of C buffer overflows I'm a skeptic about libraries that are this
complex, there simply has to be security problems in them. It seems
like you should be able to isolate the cryptographic functions though,
unless you can create input that doesn't encode properly you should be
able to validate the input to the library and prevent the typical stack
and buffer issues. The other clhostinghostinghostinges of problems would be how the
library deals with data, it's possible that a phostinghostinghosting phrase could be
stored in memory that is swapped to disk or exposed in a core dump, I'm
fairly certain that Crypto++ doesn't do anything to try and prevent
those problems. I guess there are some other areas of concern where by
there might be a way to coerce Crypto++ to produce not so random
pseudo-random numbers or something, that code is a product of an input
seed though. If the input is good the output should be good, in theory.
FWIW, OpenSSL is written by people that are "focused on security" and
I'm not aware of any formal dohostinghostinghostingentation on how they are solving those
problems (they are an off shoot of the OpenBSD project which also
doesn't have any auditing dohostinghostinghostingentation that I know of) should a group
come up with some auditing dohostinghostinghostingentation I wouldn't be surprised if
someone started going through Crypto++. OpenSSL has had some big holes
and I think it's safe to hostinghostinghostingume that the less popular libraries probably
do too. Maybe I haven't looked hard enough though. I don't know of any
free/opensource cryptographic libraries that have had a security review
like that with published dohostinghostinghostingentation on what it was they reviewed
exactly and what they looked for.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla -
-----END PGP SIGNATURE-----