[144237] in cryptography@c2.net mail archive
Re: Crypto Craft Knowledge
daemon@ATHENA.MIT.EDU (David Molnar)
Mon Feb 16 22:18:17 2009
Date: Sat, 14 Feb 2009 12:54:29 -0800
From: David Molnar <dmolnar@eecs.berkeley.edu>
To: Ben Laurie <ben@links.org>
CC: Cryptography <cryptography@metzdowd.com>
In-Reply-To: <4996B6A4.4040803@links.org>
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig39C20C70AB3887A65788DA22
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Ben Laurie wrote:
[snip discussion of bad crypto implementation practices]
> Because he is steeped in the craft
> knowledge around crypto. But most developers aren't. Most developers
> don't even have the right mindset for secure coding, let alone correct
> cryptographic coding. So, why on Earth do we expect them to follow our
> unwritten rules, many of which are far from obvious even if you
> understand the crypto?
Yes, there's a need for a "crypto practices FAQ" to which one can refer.
In addition to individual education, it'd be helpful to have something
when pointing out common mistakes. For example, I was involved recently
in a discussion about MAC'ing prices returned by a shopping cart web
application:
http://news.ycombinator.com/item?id=3D477398
There's at least two gotchas here to consider:
1) The choice of MAC (i.e. why use HMAC instead of H(s||m) or H(m||s) ?)
2) replay attacks if the MAC'd item is not bound to the transaction or
the rest of the web page
I can point out these issues, but I don't usually have time to write
fully detailed examples. Having such examples goes a long way towards
increasing one's credibility in this kind of discussion. Ideally they
would be from deployed applications, but that's tough.
-David Molnar
--------------enig39C20C70AB3887A65788DA22
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFJly+Jyyxj0uImQ6gRAhkiAJ9++hmXnwM2+q0qYeVtVGZU8catxwCfS4DQ
8buN27O8zyNtrDlwOfWPZsU=
=Szom
-----END PGP SIGNATURE-----
--------------enig39C20C70AB3887A65788DA22--
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
