[openssl-users] openssl shared libs

Blumenthal, Uri - 0553 - MITLL uri at ll.mit.edu
Thu Jun 23 13:11:53 UTC 2016

Look at Intel SGX, available since Skylake CPU.

Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network.
  Original Message  
From: Salz, Rich
Sent: Thursday, June 23, 2016 08:17
To: openssl-users at openssl.org
Reply To: openssl-users at openssl.org
Cc: Dominik Straßer
Subject: Re: [openssl-users] openssl shared libs

> Now my company is (T) and we don't want to leak (V)'s session key.
> You may assume that our binary is protected state of the art agains debugger attacks and stuff.
> So the only question is if the shared openssl library makes the tool more vulnerable?

You cannot prevent someone from changing what the software that runs on their computer. You can only make it harder. 
Shared libraries are easier for a user to replace; static libraries are harder.

openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4350 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160623/eea519b0/attachment.bin>

More information about the openssl-users mailing list