The security impact of a new cryptographic library

D.J. Bernstein, T. Lange, P. Schwabe

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

153 Citations (Scopus)

Abstract

This paper introduces a new cryptographic library, NaCl, and explains how the design and implementation of the library avoid various types of cryptographic disasters suffered by previous cryptographic libraries such as OpenSSL. Specifically, this paper analyzes the security impact of the following NaCl features: no data flow from secrets to load addresses; no data flow from secrets to branch conditions; no padding oracles; centralizing randomness; avoiding unnecessary randomness; extremely high speed; and cryptographic primitives chosen conservatively in light of the cryptanalytic literature.
Original languageEnglish
Title of host publicationProgress in Cryptology - LATINCRYPT 2012 (2nd International Conference on Cryptology and Information Security in Latin America, Santiago, Chile, October 7-10, 2012. Proceedings)
EditorsA. Hevia, G. Neven
Place of PublicationBerlin
PublisherSpringer
Pages159-176
ISBN (Print)978-3-642-33480-1
DOIs
Publication statusPublished - 2012
Event2nd International Conference on Cryptology and Information Security in Latin America (LATINCRYPT 2012), October 7-10, 2012 - Santiago, Chile
Duration: 7 Oct 201210 Oct 2012

Publication series

NameLecture Notes in Computer Science
Volume7533
ISSN (Print)0302-9743

Conference

Conference2nd International Conference on Cryptology and Information Security in Latin America (LATINCRYPT 2012), October 7-10, 2012
Country/TerritoryChile
CitySantiago
Period7/10/1210/10/12
OtherSecond International Conference on Cryptology and Information Security in Latin America (LATINCRYPT 2012)

Fingerprint

Dive into the research topics of 'The security impact of a new cryptographic library'. Together they form a unique fingerprint.

Cite this