Everything here is my opinion. I do not speak for your employer.
May 2014 →
2014-04-16 »
So, last night's bedtime reading material was about NaCl. No, the other NaCl, the crypto API:
http://cr.yp.to/highspeed/coolnacl-20120725.pdf
Their API has three main public functions: generate keypair, encrypt-and-sign, and verify-then-decrypt. It's pretty fast, uses a seemingly-good variant of elliptic curve, doesn't require memory allocations in the encryption/decryption path, is safe from pesky timing attacks, and works fine with streaming (TCP) as well as lossy (UDP) communications. It seems to also be nearly 100% impossible to use incorrectly.
Meanwhile, heartbleed. Compare and oontrast.
Try Tailscale: mesh networking, centralized administration, WireGuard.
Why would you follow me on twitter? Use RSS.