Comments (11)
The purpose of sodium_compat was largely motivated by a desire to make WordPress more secure against its own infrastructure, which was in turn motivated by ethics. If you could prevent 27.5% of the Internet from getting erased or conscripted into a botnet just because one server got compromised, almost anyone would say, "I should do that."
However, given that WordPress will not be considering signing their updates any time soon, I don't see any point in asking the PHP community to reach into their own wallets to cover the cost of something that will currently not help the situation.
If someone else wants to pursue collecting the funds and hiring an auditor for this library: Feel free.
I'm still not tagging v1.0.0 unless this is audited by a team of crypto experts. If that never happens, then neither will v1.0.0.
from sodium_compat.
The scope looks good to me.
The only thing I would add is: "Are there kinds of automated tests or tools we should be running against the codebase to help uncover bugs in future versions?" They usually build some sort of custom tooling/tests to help with the audit, so I would see if it's possible to get some of the code they happen to write (even if it's shitty and needs to be fixed up), or at least get their opinion on what kinds of additional automated tests would be most effective.
from sodium_compat.
Counter-counter-argument: Those OS vendors aren't funding the audit.
If this statement becomes false, then the scope can be widened.
from sodium_compat.
I've started a GoFundMe campaign to make this happen. I know that I and the projects that I work on could benefit from this more widely entering the PHP ecosystem, and I'm sure that's true of other developers and projects.
For those interested, (hey, this is a crypto thread) I've signed the GoFundMe story with this key: D821FCE9D9919CB77F4AF7922C3DBF3A600B432F It's available on the pgp.mit.edu keyserver. I'm not yet signed by anyone, but hope to be soon.
from sodium_compat.
If you know any contacts at either organization, can you link them to this Github issue? I'd rather these discussions happen out in the open as much as possible.
Also, that will probably double the time needed, and therefore the cost of the audit.
from sodium_compat.
So far the plan is as follows:
- Get quotes/estimates from a few companies qualified to perform this sort of audit.
- Figure out a way to pay for it.
- ????
- VERIFIABLE SECURITY!
I'll update this thread later when I have even rough estimates on hand.
from sodium_compat.
After hearing back from four different companies on this, the total cost is going to be in the $30,000 to $50,000 range.
One quoted a bit lower, but they don't specialize in cryptography and might not know what they're getting into.
Two didn't provide a time estimate, but rather a day-rate (which is, I guess, pretty standard), so their contribution to the total cost estimate is based on the time estimate provided by the other two.
None of the numbers given are totally unexpected.
from sodium_compat.
Proposed Auditing Scope
These are the sort of questions I'm hoping can be answered.
- Does our PHP code contain any addressable bad practices?
- Does the PHP interpreter introduce any exploitable side-channels (e.g. integer multiplication)?
- PHP 5.6 on 32-bit Linux is safe?
- PHP 5.6 on 64-bit Linux is safe?
- PHP 7.0 on 32-bit Linux is safe?
- PHP 7.0 on 64-bit Linux is safe?
- PHP 7.1 on 32-bit Linux is safe?
- PHP 7.1 on 64-bit Linux is safe?
- PHP 5.6 on 32-bit Windows is safe?
- PHP 5.6 on 64-bit Windows is safe?
- PHP 7.0 on 32-bit Windows is safe?
- PHP 7.0 on 64-bit Windows is safe?
- PHP 7.1 on 32-bit Windows is safe?
- PHP 7.1 on 64-bit Windows is safe?
- Although PHP < 5.6 is worth considering overall since they're tentatively supported, the first run should focus on supported versions of PHP. Argument: If you're running PHP < 5.6 in 2017, you don't care about security, so we shouldn't burden the auditors to analyze these version too.
- Are there any inputs for which our implementations produce incorrect results?
- Are there any concerns about int/float conversion? (Timing leaks, etc.)
- Does PHP's use of signed ints everywhere pose any security risk?
from sodium_compat.
Argument: If you're running PHP < 5.6 in 2017, you don't care about security
Counter-argument: OS vendors are backporting security fixes to versions < 5.6, so they should, IMO, be given due care for checking this library in.
from sodium_compat.
Counter-clockwise-argument: Reach out to Ubuntu/RHEL and see if they're willing to chip in?
from sodium_compat.
Due to various reasons (unsuccessful GoFundMe, the Joomla investment falling apart despite @mbabker's best effort at pushing through on their budget), I'm going to proceed with a non-audited version 1.0.0 release. I am, however, going to make sure our unit tests are testing the unhappy paths before we get there.
from sodium_compat.
Related Issues (20)
- Undefined constant 'CRYPTO_AEAD_XCHACHA20POLY1305_IETF_KEYBYTES' HOT 15
- Issue in crypto_box_open function HOT 2
- sodium_crypto_aead_xchacha20poly1305_ietf_encrypt doesn't take null as Argument 2 HOT 5
- suggests ext-sodium HOT 2
- Argument 1 must be at least CRYPTO_SIGN_BYTES long HOT 5
- What would a hypothetical sodium_compat v2 look like? HOT 1
- PHP 8.1 x86 deprecation: Implicit conversion from float 4294967295 to int loses precision HOT 11
- Uncaught Error: Class 'ParagonIE_Sodium_Core32_Curve25519' not found HOT 4
- 'include guards' in src/Compat.php (among others) do nothing HOT 3
- Class not found due to autoload-fast.php not including directory HOT 2
- php newb seeing memory exhaustion composer-requiring into snipe-it HOT 2
- Build of sodium-compat.phar fails
- box.json omits autoload-php7.php HOT 2
- HKDF HOT 2
- AEAD - AEGIS-128L and AEGIS-256 HOT 1
- Missing file using composer install HOT 3
- Appveyor is failing (PHP 5.6 on Windows) HOT 1
- PHP 8.4 Compatibility
- [Internal] Modernize Code Style
- 2.0.0 exists on packagist.org HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from sodium_compat.