Introduction

I thought about the idea of implementing the TLS protocol in Rust. Probably you think this is crazy: Crypto is hard, I mean hard. And yes, probably this will just become some playground for some silly crypto algorithm implementations.

However, if you look at the list of OpenSSL vulnerabilities there are a lot of vulnerabilities that exist just because of C: null pointer dereferences, buffer overflows, integer {over,under}flows.

First Steps

First of all I want to analyse the OpenSSL vulnerabilities of the last ~15 years. Let’s see what these vulnerabilities have in common. What failed and why did it fail.

Second, will probably implement Curve25519 for basic key exchange (no RSA or DSA at first). There exists a reference implementation of it by the authors (NaCl) and I remember watching a good presentation about pitfalls at the Congress (this one is proably also worth watching). There are some nice ways to prevent timing attacks. I have to refresh this knowledge.