Tony Arcieri
Tony Arcieri
The [Rust Cryptography Interest Group](https://github.com/The-DevX-Initiative/RCIG_Coordination_Repo) has compiled an [Awesome Rust Cryptography](https://cryptography.rs) resource available at https://cryptography.rs Would it make sense to link to that in `crypto.md`? If so, I can open...
This gem does not use a MAC to verify data integrity. This can be problematic if ciphertexts are malleable by an attacker, i.e. an attacker gains access to the database...
PKCS#1 v1.5 is vulnerable to adaptive chosen ciphertext attacks. The default padding should likely be changed to OAEP. "No padding" should not be an option.
I'd love to have a mature Cap'n Proto binding for Ruby! Particularly one that works across CRuby and JRuby. I was just talking to @kentonv about it, and this approach...
`core::arch` will soon be available in stable Rust: https://github.com/rust-lang/rust/pull/49664 Can one of the x86/x86_64 move instructions be used to provide a `HideMemImpl` so `clear_on_drop` will work on stable without the...
Please retire this gem. It contains multiple, extremely severe security vulnerabilities: * Fixed all zero IV: #4 * No MAC/unauthenticated encryption: #12 Either of these vulnerabilities can, depending on the...
This gem is using an unauthenticated encryption mode (CBC) which is vulnerable to chosen ciphertext attacks (i.e. it is not [IND-CCA](https://en.wikipedia.org/wiki/Ciphertext_indistinguishability) secure) This is a serious issue which can allow...
Integrates original sources from these crates, which provide AVX2-accelerated SIMD backends: https://github.com/oconnor663/blake2_simd Taken from this commit: - Hash: 7bf791e67245bb84132d1ee0e6a893bb8c85c093 - Author: Jack O'Connor - Date: Fri Nov 13 15:50:16 2020...
There are a number of issues and comments floating around about this, so I thought I'd make a single tracking issue for this. Right now we have a separate [asm-hashes](https://github.com/RustCrypto/asm-hashes/)...
Following up from https://github.com/RustCrypto/meta/issues/10, this is an issue for discussion potentially adding "recommended" badges to certain algorithms in this repo: 