[144243] in cryptography@c2.net mail archive
Re: Crypto Craft Knowledge
daemon@ATHENA.MIT.EDU (David Molnar)
Fri Feb 20 12:19:02 2009
Date: Tue, 17 Feb 2009 02:01:25 -0800
From: David Molnar <dmolnar@eecs.berkeley.edu>
To: Stephan Neuhaus <neuhaus@mail.st.cs.uni-sb.de>
CC: Ben Laurie <ben@links.org>, Cryptography <cryptography@metzdowd.com>
In-Reply-To: <C1D44D60-A6A3-497D-8CBA-F1F30CD95F92@st.cs.uni-sb.de>
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigAA923CCC66E9DD3681CDD0BE
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Stephan Neuhaus wrote:
>> Yes, there's a need for a "crypto practices FAQ" to which one can refe=
r.
>=20
> I disagree because you cannot force developers to read (and understand)=
> these FAQs. Instead, there is a need for APIs that are difficult to us=
e
> in an insecure way. For example, Peter Gutmann's cryptlib makes it
> intentionally hard to get at private key material because of precisely
> this issue. Also, I believe, cryptlib does not allow RSA in anything
> but ECB mode, because doing so means the developer is seriously on the
> wrong track here.
This is a good point, and it reminds me of this presentation from Rusty
Russell on "levels" of Linux kernel interfaces. See
http://ozlabs.org/~rusty/ols-2003-keynote/img39.html
and following.
The main issue I see is how do you force the developer to adopt your
library and corresponding API? A secondary issue is what do you do if
there isn't a suitable library and API yet available? In cases where you
can't (yet) provide a simple "use cryptlib" response, a crypto practices
FAQ would be helpful for pointing out common problems and explaining
them well.
I've started a wiki in case anyone wants to hack on such a FAQ:
http://www.cryptohygiene.org/
-David Molnar
--------------enigAA923CCC66E9DD3681CDD0BE
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFJmor6yyxj0uImQ6gRAuyMAJ4mLXRMWBxMGmj8/kGN8qqo5nhAHwCeP2HI
vS2P8EbuZjFh0VHLhtD5mH8=
=fRKf
-----END PGP SIGNATURE-----
--------------enigAA923CCC66E9DD3681CDD0BE--
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
