Date: Thu, 09 Dec 2004 20:58:27 -0800 From: Colin Percival <colin.percival@wadham.ox.ac.uk> To: freebsd-arch@freebsd.org Subject: Adding standalone RSA code Message-ID: <41B92CF3.2090302@wadham.ox.ac.uk>
next in thread | raw e-mail | index | archive | help
I'd like to add a new library for lightweight barebones RSA computations, and associated commandline rsa-makekey, rsa-sign, and rsa-verify utilities. To a certain extent, this duplicates existing functionality (openssl), but I think my code has important advantages which justify the duplication: 1. It is lightweight (around 2% of the size of openssl), which may allow it to be used in memory-limited environments, 2. It is far more auditable, due to its smaller size, and 3. It is designed for security rather than performance; I made certain design decisions which result in my code being rather slower than openssl as a result of a desire to avoid potential attack vectors. My reason for wanting to add this code is that I'm using it in FreeBSD Update (and recently portsnap as well) and this is the first step towards migrating that into the base system. Any objections? Colin Percival
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?41B92CF3.2090302>