[148585] in cryptography@c2.net mail archive
Re: [Cryptography] RSA is dead.
daemon@ATHENA.MIT.EDU (Bill Cox)
Sun Dec 22 17:06:26 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <E1Vuqiz-0004fB-3J@login01.fos.auckland.ac.nz>
Date: Sun, 22 Dec 2013 16:59:43 -0500
From: Bill Cox <waywardgeek@gmail.com>
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
Cc: "cryptography@metzdowd.com" <cryptography@metzdowd.com>, crypto@senderek.ie
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============0577503203108047555==
Content-Type: multipart/alternative; boundary=047d7b3a99f8f6231304ee26a093
--047d7b3a99f8f6231304ee26a093
Content-Type: text/plain; charset=ISO-8859-1
Nonsense. Most other equally capable developers should be able to discover
a backdoor with far less effort to hide it. Reading other people's code is
a skill that some people never acquire, but it's generally easier to
understand someone else's code entirely than to have created it from
scratch.
If the code is so obscure that this is not the case, that code should not
be used in crypto. I'll just point out that gtksu falls exactly into this
category, yet we continue to use it... it really deserves to be retired.
Open source is *very* helpful, but if the people with the decision power
over what to include are far more ignorant than the coders... well then
just forget security.
On Sun, Dec 22, 2013 at 4:38 PM, Peter Gutmann <pgut001@cs.auckland.ac.nz>wrote:
> Ralf Senderek <crypto@senderek.ie> writes:
>
> >Isn't the most obvious conclusion that no crypto tool can be secure if it
> is
> >not open source?
>
> That won't help things much: Any sufficiently capable developer of crypto
> software should be competent enought to backdoor their own source code in
> such
> a way that it can't be detected by an audit. If you're capable of dealing
> with exotic side-channel and timing attacks, countering weird obscure
> mathemtatical properties of cryptosystems to avoid leaking keys, and all
> manner of other tricks, then you had better be capable of backdooring your
> code as well.
>
> Availability of source code is not soy sauce for security.
>
> Peter.
> _______________________________________________
> The cryptography mailing list
> cryptography@metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography
>
--047d7b3a99f8f6231304ee26a093
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">Nonsense. =A0Most other equally capable developers should =
be able to discover a backdoor with far less effort to hide it. =A0Reading =
other people's code is a skill that some people never acquire, but it&#=
39;s generally easier to understand someone else's code entirely than t=
o have created it from scratch.<div>
<br></div><div>If the code is so obscure that this is not the case, that co=
de should not be used in crypto. =A0I'll just point out that gtksu fall=
s exactly into this category, yet we continue to use it... it really deserv=
es to be retired. =A0Open source is *very* helpful, but if the people with =
the decision power over what to include are far more ignorant than the code=
rs... well then just forget security.</div>
</div><div class=3D"gmail_extra"><br><br><div class=3D"gmail_quote">On Sun,=
Dec 22, 2013 at 4:38 PM, Peter Gutmann <span dir=3D"ltr"><<a href=3D"ma=
ilto:pgut001@cs.auckland.ac.nz" target=3D"_blank">pgut001@cs.auckland.ac.nz=
</a>></span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex"><div class=3D"im">Ralf Senderek <<a href=
=3D"mailto:crypto@senderek.ie">crypto@senderek.ie</a>> writes:<br>
<br>
>Isn't the most obvious conclusion that no crypto tool can be secure=
if it is<br>
>not open source?<br>
<br>
</div>That won't help things much: Any sufficiently capable developer o=
f crypto<br>
software should be competent enought to backdoor their own source code in s=
uch<br>
a way that it can't be detected by an audit. =A0If you're capable o=
f dealing<br>
with exotic side-channel and timing attacks, countering weird obscure<br>
mathemtatical properties of cryptosystems to avoid leaking keys, and all<br=
>
manner of other tricks, then you had better be capable of backdooring your<=
br>
code as well.<br>
<br>
Availability of source code is not soy sauce for security.<br>
<span class=3D"HOEnZb"><font color=3D"#888888"><br>
Peter.<br>
</font></span><div class=3D"HOEnZb"><div class=3D"h5">_____________________=
__________________________<br>
The cryptography mailing list<br>
<a href=3D"mailto:cryptography@metzdowd.com">cryptography@metzdowd.com</a><=
br>
<a href=3D"http://www.metzdowd.com/mailman/listinfo/cryptography" target=3D=
"_blank">http://www.metzdowd.com/mailman/listinfo/cryptography</a><br>
</div></div></blockquote></div><br></div>
--047d7b3a99f8f6231304ee26a093--
--===============0577503203108047555==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============0577503203108047555==--
