[148632] in cryptography@c2.net mail archive
Re: [Cryptography] how reliably do audits spot backdoors? (was: Re:
daemon@ATHENA.MIT.EDU (Benjamin Kreuter)
Mon Dec 23 18:08:26 2013
X-Original-To: cryptography@metzdowd.com
Date: Mon, 23 Dec 2013 13:33:33 -0500
From: Benjamin Kreuter <brk7bx@virginia.edu>
To: Jonathan Thornburg <jthorn@astro.indiana.edu>
In-Reply-To: <alpine.BSO.2.03.1312221639590.23573@astro.indiana.edu>
Cc: crypto@senderek.ie, "cryptography@metzdowd.com" <cryptography@metzdowd.com>,
Peter Gutmann <pgut001@cs.auckland.ac.nz>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============8516216404668451963==
Content-Type: multipart/signed; micalg=PGP-SHA512;
boundary="Sig_/TCdkhEGrhyQd5M__CprhFcs"; protocol="application/pgp-signature"
--Sig_/TCdkhEGrhyQd5M__CprhFcs
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: quoted-printable
On Sun, 22 Dec 2013 16:51:44 -0800 (PST)
Jonathan Thornburg <jthorn@astro.indiana.edu> wrote:
> Auditing code is *hard*. We should no more expect auditors to be 100%
> perfect at finding backdoors than we should expect well-meaning
> programmers to be 100% perfect at (say) correctly using strncpy().
I have been wondering for some time if this might be more a symptom of
the languages we are using than a fundamental difficulty in the
auditing process itself. Quite a few UCC entries rely on undefined or
counterintuitive behavior in C. A better language might improve the
auditability of code, particularly in cases where we do not really need
to squeeze every last bit of performance out of our computers (e.g. for
something like OTR, where you are not going to be sending hundreds of
messages per second).
-- Ben
--=20
Benjamin R Kreuter
KK4FJZ
--
"If large numbers of people are interested in freedom of speech, there
will be freedom of speech, even if the law forbids it; if public
opinion is sluggish, inconvenient minorities will be persecuted, even
if laws exist to protect them." - George Orwell
--Sig_/TCdkhEGrhyQd5M__CprhFcs
Content-Type: application/pgp-signature; name=signature.asc
Content-Disposition: attachment; filename=signature.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
iQIcBAEBCgAGBQJSuIICAAoJEP3W2K8t6K+j6BMQAME3BJ25shCmoBjwNa/AL/oz
aFM+8W5sxKY9LHkvh83EW0Wwf8+AX68qkR72w5fy/yxIjAAwH2sOvXNFDcQNZnP9
ARI2t79dDnDOI1Eu71U4Cxra+Zs/1j1b5pNV13EqRYmv4ikXGFYwDguWeH62CqXE
pdaMjurxrvspBiClBe7KE6BvWOBgxKai1Exocc8xtL69c7IMo5fTJXriS3P7PCki
hLU0mhej/YfmvhsYpl+/gSJefqSX7TSQRZs+L5860yN7JHz/lxwCT92bE5UWwYx4
z4oTmihZlBSCZu45k09vZu79QW/eZBSMjIY7ZeU3BP3ZC6GqbpRmxceJVs7K7IQu
mtTpQD7keeTzy8ruSAHix4jCxF8mpJGC3yoISV7+XzxL/t8bADNQjrDA05PH7OgY
viEe4E8rbIf9Am4D91fqy4XX5j3477ZrB6DVkztkSc/BF5jGPgcuNWdhZHjATJ3s
oYEUBRofXgULYcNsYw3g3pZ52NwwtRiTOx7vCgN7ELwawF60onwe8FVvezjgiStV
G6uAgkDcyWIgGzwm5Ms7EiZWNo3uci3DQiR6M9Ca9FuDrqyeZgpkOPfGw7yUL2FP
jYD5zVwnqGuspXDO+WDntpydmfmB5O70SHZhcT9oSGFV36v/vGcnhKD26yKmTl66
OJzFG71dKkUqApHIOWRC
=Rjoz
-----END PGP SIGNATURE-----
--Sig_/TCdkhEGrhyQd5M__CprhFcs--
--===============8516216404668451963==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============8516216404668451963==--
