Breaking News

Libsodium v1.0.12 and v1.0.13 Security Assessment

This post was originally published on this site

1 Executive Summary
2 Introduction
2.1 Scope 
2.2 Approach
2.3 Classification and Severity Rating
3 Findings
3.1 Summary of Findings
3.2 Overview of Cryptographic Design
3.3 Static Analysis Results
3.4 Dynamic Analysis Results
3.5 Detailed Findings
3.5.1 SD-01: Randomness source on Windows based on unofficial APIs only
3.5.2 SD-02: Possible null pointer dereference in key exchange API
3.5.3 SD-03: Potential issues with abort() to terminate program on error conditions
3.5.4 SD-04: Potential risks with the custom RNG API
3.5.5 SD-05: Missing APIs in the libsodium documentation
3.5.6 SD-06: Lack of elliptic curves at higher security levels
3.5.7 Formal Verification (In progress)
3.5.8 Diffs between version 1.0.12 and 1.0.13
4 Conclusions

Libsodium1 is an open-source, easy-to-use fork of the C-language NaCl crypto library that is portable, cross-platform and provides many common cryptographic functions. These include public-key encryption, signatures, key derivation, password hashing, message authentication codes, stream ciphers, pseudo-random number generators, random number generation, and support for elliptic curves such as Curve25519. This review was funded by Private Internet Access TM (PIA), although PIA did not direct the review or modify the results.

We performed a security review of the libsodium v1.0.12 and v1.0.13 releases to uncover various types of security weaknesses in its core code. During this limited engagement, our security review included the components of libsodium that handle: authenticated symmetric encryption, public key encryption, hashing, key derivation and key exchange. In addition we analyzed the underlying cryptographic primitives for correctness and security.

Overall our finding is that libsodium is a secure, high-quality library that meets its stated usability and efficiency goals. We did not uncover any major vulnerabilities in the version of libsodium that we reviewed. During our review, we did identify a few low severity issues in libsodium related to the usability of the API and software security. In addition, we identified
some potential risks with allowing developers to customize the random number generation that developers should take into

Leave a Reply

Your email address will not be published. Required fields are marked *