Keep it beautiful
Everything here is my opinion. I do not speak for your employer.
April 2014
May 2014

2014-04-16 »

So, last night's bedtime reading material was about NaCl.  No, the other NaCl, the crypto API:

http://cr.yp.to/highspeed/coolnacl-20120725.pdf

Their API has three main public functions: generate keypair, encrypt-and-sign, and verify-then-decrypt.  It's pretty fast, uses a seemingly-good variant of elliptic curve, doesn't require memory allocations in the encryption/decryption path, is safe from pesky timing attacks, and works fine with streaming (TCP) as well as lossy (UDP) communications.  It seems to also be nearly 100% impossible to use incorrectly.

Meanwhile, heartbleed.  Compare and oontrast.

I'm CEO at Tailscale, where we make network problems disappear.

Why would you follow me on twitter? Use RSS.

apenwarr on gmail.com