(Illustration by Gaich Muramatsu)
Jan Harkes <jaharkes_at_cs.cmu.edu> writes: > So linking against another library (such as openssl, gnutls, matrixssl, > nettle) is only useful if they happen to provide an assembly optimized > implementation. I really haven't checked if any of them do and probably > at that time openssl pretty much was the only candidate. This understates the benefit in two ways: a) openssl on a number of systems provides hardware acceleration. NetBSD (and I think this came from OpenBSD) has an interface for hardware crypto that can be used in the kernel and from userland, and openssl uses it. This is an example of optimizations in the crypto package that would have been used with coda that you haven't even heard about. b) It's good to have separate maintenance of things that can be separate, and not have coda have to do it all. Clearly coda isn't overflowing with spare hours of effort, and simply using (always) what is the standard crypto library seems like a clear win. All that said, I must admit I'm not wild about openssl, but for all its warts it is the standard approach and I do not see anywhere enough reason for coda to not simply use it (always, removing the local implementation). FWIW, openssl is part of the base system on the BSDs. > RPC2 uses AES and includes the public domain reference implementation, > so it doesn't depend on any external libraries. What is more interesting > there is that I included (a subset of) the official testvectors from the > RFC. If anyone replaces AES with a better implementation, those > testvectors should catch problems whenever RPC2 is initialized. Sure, but once one depends on something like openssl, they surely already have such tests. At least I do not hear about bugs in mainstream algorithms being discovered in openssl implementations. I think coda in general suffers from doing things again in its own way rather than leveraging standard approaches and code. This is understandable given the long history and early roots. Besides external crypto libraries, I think it's a bug that coda has it's own authentication scheme. It's really just N-S, and Kerberos for example has had far more analysis.Received on 2007-05-23 07:41:46