This is a general invitation to anyone interested in reviewing the code and auditing the cryptography used in this crate and it's dependencies.
The three security sensitive codebases part of this project are:
- RSA-FDH: https://github.com/phayes/rsa-fdh
- FDH: https://github.com/phayes/fdh-rs
- Core RSA algorithms: https://github.com/RustCrypto/RSA/blob/master/src/internals.rs
All three crates should be reviewed and audited, with special attention being paid to the following questions:
- Are the core RSA algorithms well-implemented and resistant against side-channel attacks?
- Is the Full Domain Hash crate a correct realization of a cryptographically secure Full Domain Hash?
- Are both RSA-FDH signature schemes (regular and blind-signing) properly constructed and secure?
All reviews, regardless of depth, are appreciated. Please open a new issue with the results of your review and leave a comment in this ticket linking to it. All reviewers will be added to the contributors list.
This is a general invitation to anyone interested in reviewing the code and auditing the cryptography used in this crate and it's dependencies.
The three security sensitive codebases part of this project are:
All three crates should be reviewed and audited, with special attention being paid to the following questions:
All reviews, regardless of depth, are appreciated. Please open a new issue with the results of your review and leave a comment in this ticket linking to it. All reviewers will be added to the contributors list.