[Haskell-cafe] ANNOUNCE: secure-sockets version 1.0

Thomas DuBuisson thomas.dubuisson at gmail.com
Mon Sep 6 15:45:47 EDT 2010


David said:
> I'd be interested with breaking the dependency on OpenSSL, for various
> reasons:
> [snip]

Can't say I'm surprised by these.  Its unfortunate the situation
hasn't improved.  I recall a half decent O'Reilly book on OpenSSL but
if you weren't using it as a cookbook (and wanted a 1-off solution)
then it wasn't so useful.

> So, a replacement would need to be a complete replacement for TLS. I did in
> fact try to start with this, implementing my own simpler TLS-ish protocol,
> using crypto primitives directly. It took a group of crypto experts about 5
> minutes to punch 3 different holes in the protocol

You could have gone to Hackage and checked your protocols correctness
using CPSA, not that the side-channel attacks would be discovered by
such a tool.

> That said, with the Haskell Crypto API stabilizing, I've been toying with
> the project of a pure Haskell TLS implementation, which would solve the
> annoying dependency issue while hanging on to a hardened protocol.

I'm releasing crypto-api-0.1 on Tuesday so if you have any last minute
comments now is the time!

> However,
> this is also far from a simple endeavor, especially if the implementation is
> to be hardened against side-channel attacks, which I'm not even sure is
> possible in Haskell.

Well, to determine if that's possible we'd need a definition of
side-channel attack which is counter to many definitions of
side-channel ;-).  Perhaps a list of common ones OpenSSL thinks it
addresses would give us a good start.

If you start on such a task (Haskell TLS) then perhaps you could drop
a line to l at h.o or c at h.o?

Cheers,
Thomas


More information about the Haskell-Cafe mailing list