Show HN: The Lua Lockbox (opens in new tab)

(github.com)

35 pointsjlarsen11y ago7 comments

7 comments

This is definitely a nice reference implementation of crypto algorithms in pure Lua, but please, please do not use it for production encryption. Anything written in an interpreted (or worse, JIT-ted) language will be almost definitely vulnerable to timing attacks. Lua already has bindings to C/C++ crypto libraries if you need to encrypt or create MACs.

PeterWhittaker11y ago

Interesting idea. But I question the overall security philosophy of a project that includes so many suspected to be weak, known to be weak, or provably weak algorithms, e.g., MD2, MD4, MD5, SHA-1, and DES.

If this is for serious security, DROP THOSE NOW. Sorry to scream, but the sooner we stop using them, the better.

I also wouldn't spend a lot of time on AES 256, given some of the recently described weaknesses that reduce it to by many bits of strength. Better to work on CAST5, e.g.

Better yet, work on the RNG. Make sure the RNG is cryptographically secure. Without a cryptographically secure RNG, all the key derivation algorithms are pretty much useless.

andrewfong11y ago

Per the README, it appears these are disabled by default:

> Several weak or broken primitives are implemented in this library, for research or legacy reasons. These should not be used under normal circumstances! To restrict their usage, they have been marked as insecure, with the Lockbox.insecure() method. This will cause a failed assertion when you attempt to import the module, unless you set Lockbox.ALLOW_INSECURE to true before the import.

jlarsenOP11y ago

I agree! There are quite a few provably insecure algorithms in the project. That said, I do think they are useful to keep around: As a reference, for legacy systems, or to practice cracking.

It'd be a little silly to not add AES-256 since I already have AES-128, but I will definitely look into adding CAST5 and CSPRNGs.

fit2rule11y ago

This is very useful - thanks! I've got a project that I could use this in - so I'll be spending this week getting familiar with this codebase .. see you on github!

zer0111y ago

That is some very clean-written Lua. Kudos!

I'm excited to pull this into nginx's lua bindings and come up with something cool (and extremely performant)

bungle11y ago

Nginx Lua bindings does have direct access to OpenSSL primitives (or LibreSSL, or BoringSSL). I have also created (LuaJIT) binding to libnettle [1] that you can find from here [2]. (libhogweed, aka rsa/dsa bindings, and documentation are still a work in progress).

[1] http://www.lysator.liu.se/~nisse/nettle/ [2] https://github.com/bungle/lua-resty-nettle

j / k navigate · click thread line to collapse