DISQUS

Matasano Chargen: Oh, The Bad Crypto You’ll See (an open letter)

  • Nate · 3 years ago
    Excellent post. A key point that I think should be emphasized is that there are only 2 categories of manufacturers.

    You're Not Special (98%):
    Separate your marketing department's claims about your product's external view from the internal design. Nearly all problems boil down to ones already solved by existing protocols and libraries. Encrypting a file? GPG. Sending anything over the wire? TLS/SSL. Your special sauce is in how you glue all these things together to make some product. Don't reimplement these, and still get review of how you've glued them together.

    You Are Special (2%):
    You are Voltage and you were founded by Dan Boneh. Or your business is cryptanalyzing products in concert with Adi Shamir. Note the most important part here -- if you're special, you are willing to plunk down $400/hour for a full-time cryptographer for at least 6 months.
  • Kal · 3 years ago
    A very good post indeed, highlighting the problems faced with teams implementing their own cryptography.

    'you are going to use TLS, with a peer-reviewed library, meaning, the same one everyone else uses.'

    That's most definitely a key point to get across which in most cases gets brushed under the carpet and as Nate posts above, there's only a small fraction of people who shouldn't be doing this, the reality however is unsurprisingly common.
  • ErikC · 3 years ago
    Sure it's easy to rant, you've made all good points, now would you like to recommend any companies or schools where ISVs can hire people to fix these problems? The issue here is two fold 1) ISVs can't do crypto properly themselves 2) They don't know where to go to get it done properly when they acknowledge the need.
  • Thomas Ptacek · 3 years ago
    ISVs should assume they are doing something wrong the moment they start contemplating "interesting" cryptography. Like Nate says, if you're encrypting files, use PGP. If you're encrypting traffic, use TLS. In both cases, they should
    actively tend to the most popular implementations (OpenSSL, GPG), because those are the ones that receive scrutiny.