NaclKeys Audit - Audit Report

July 18, 2015 (C#)

Summary of Our Findings

Low Severity Medium Severity High Severity Total # Issues
Issues: 0 0 0 0

Paragon Initiative Enterprises conducted a comprehensive code review of the NaclKeys project and discovered no security vulnerabilities.

NaclKeys is a small library to generate libsodium-net compatible keypairs and public keys encoded according to pre-defined formats.

As of the time of our audit, NaclKeys currently supports three public key formats:

That we did not find any vulnerabilities is owed in major part to this library's succinctness. In respect to the UNIX philosophy, NaclKeys does one thing and does it well.

We noted one area where an advancement in academic research could lead to the security of this library being weakened (via the introduction of a cryptographic side-channel), but at this time we are not aware of any practical demonstrations of its exploitability.

About NaclKeys

bitbeans (Christian Hermann)