Obviously the title is tongue-in-cheek and a reference to A Stick Figure Guide to the Advanced Encryption Standard, but I do think it is a valid issue to raise, since this library seems to feature a from-scratch implementation of AES.
How well has the code been analyzed and peer-reviewed, and is it suitable to use in production without fear of attacks from the usual suspects (timing attacks, cache-based attacks, branch prediction, etc) ?
Obviously the title is tongue-in-cheek and a reference to A Stick Figure Guide to the Advanced Encryption Standard, but I do think it is a valid issue to raise, since this library seems to feature a from-scratch implementation of AES.
How well has the code been analyzed and peer-reviewed, and is it suitable to use in production without fear of attacks from the usual suspects (timing attacks, cache-based attacks, branch prediction, etc) ?