欢迎来到天天文库
浏览记录
ID:33869942
大小:9.73 MB
页数:18页
时间:2019-03-01
《The State of Crypto in Python Presentation.pdf》由会员上传分享,免费在线阅读,更多相关内容在学术论文-天天文库。
1、StateofcryptoinPythonAlibrarycreatedbypeoplewhomakepoorlifechoices.HowDidWeGetHereAtRackspaceweworkonanOpenStack,keymanagementproductnamedBarbican.Weneededtousecrypto.Cuethe80sworkingmontageWhatDoWeWantAlgorithmsupportOpenSourceMAINTAINED&TestedPythonSupportTrustWHyc?Allmajorcryptographiclibrariesar
2、ecurrentlyimplementedinalowlevellanguage,mostlyCorC++.Timing/MemoryAttacksReviewedCodeTheseattacksrelatetoexploitingtimingdifferentialsorSeveralClibrarieshavebeensponsoredthroughthereviewsecurelywipingmemory.Theyaredifficultorimpossibletoprocessforprofessionalcryptoreviewincludingvariousremediatewit
3、houtthelowlevelcontrolexposedbyC.compliancesthatsomecustomerscareabout.ExistingCodeFuturepossibilitiesWritinggoodcryptocodeishard.MostexistinglibrarieshaveTherearesomeexcitingoptionsforfutureworkinthecryptoalonghistoryincludingsignificantbug-fixing/research.spacewithlanguageslikeRust/Go.Unfortunatel
4、y,thesearen’tusablefromPythonrightnow.StateofCOSSX-PlatformMaintainedUbiquitousStd.AlgorithmsFIPSOpenSSLNSSNaClBotanCommonCryptoMSCSPLibgcryptLibreSSLStateOfPythonBackendMaintainedPythonSupportReviewedCompletenessm2cryptoopensslrecentlyactivepypywithpatch,nopy3noopensslswigpycryptobespoke*yesnopypyn
5、onoAEAD(withoutalpha)pyopensslopenssl*yesyes(withcrypto)noThinopensslbindingspython-nssNSSlowunknownnoexposessomeofNSSbotanbotanyespy3,maybepypynoexposesmostofbotanMostoftheselibrariesrequire/assumetheuserunderstandshowtousetheunderlyingClibrarycorrectly.cryptographyanewcryptolibraryforPython•Suppor
6、tformodern•SupportforPyPyandalgorithmssuchasAES-Python3GCMandHKDF•Large,activeteam•Improveddebug-abilityand•Encouragesuseofstrong,testabilitysecurealgorithms•Sane,secureAPIdesign•“Cryptographyforhumans”,(wherepossible)APIsGrandioseVision:AcryptographicstandardlibraryforPython.PYCAPythonCryptographic
7、Authority•PyNaCl–PythonbindingsfortheNaCLlibrary•cryptography–Pythonlibrarytoexposecryptographicconstructs•service_identity–Serviceidentity(hostnameverification)forPyOpenSSL.•PyOpenSSL–Pythonbindingsf
此文档下载收益归作者所有