Everything here is my opinion. I do not speak for your employer.
May 2014 →
2014-04-16 »
So, last night's bedtime reading material was about NaCl. No, the other NaCl, the crypto API:
http://cr.yp.to/highspeed/coolnacl-20120725.pdf
Their API has three main public functions: generate keypair, encrypt-and-sign, and verify-then-decrypt. It's pretty fast, uses a seemingly-good variant of elliptic curve, doesn't require memory allocations in the encryption/decryption path, is safe from pesky timing attacks, and works fine with streaming (TCP) as well as lossy (UDP) communications. It seems to also be nearly 100% impossible to use incorrectly.
Meanwhile, heartbleed. Compare and oontrast.
I'm CEO at Tailscale, where
we make network problems disappear.
Why would you follow me on twitter? Use RSS.
apenwarr on gmail.com