gregtatcam
commented
9 years ago - always add non-randomized padding; pad bytes indicate the size, i.e. 1 byte pad - 01, 2 byte pad - 0202, etc
- PRG initialization should be randomized
- IV and key should be randomized
- check RSA encryption is correct (direct use of pub/priv key) (see cryptography I TDF)
- append,fetch,search are vulnerable to time attack