[148655] in cryptography@c2.net mail archive
Re: [Cryptography] how reliably do audits spot backdoors?
daemon@ATHENA.MIT.EDU (James A. Donald)
Tue Dec 24 13:04:59 2013
X-Original-To: cryptography@metzdowd.com
Date: Tue, 24 Dec 2013 17:42:33 +1000
From: "James A. Donald" <jamesd@echeque.com>
To: cryptography@metzdowd.com
In-Reply-To: <20131223133333.3eee476f@terabyte>
Reply-To: jamesd@echeque.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On 2013-12-24 04:33, Benjamin Kreuter wrote:
> I have been wondering for some time if this might be more a symptom of
> the languages we are using than a fundamental difficulty in the
> auditing process itself. Quite a few UCC entries rely on undefined or
> counterintuitive behavior in C.
I find C quite intuitive, possibly as a result of having done a bit of
code review.
What you would call counterintuitive, I read as idiomatic, and what is
undefined, I read as unidiomatic.
So, the underhanded C examples would have failed code review, not
because their terribly sneaky measures would have been detected in code
review, but for being unidiomatic, obfuscated, uglified, or complexified.
The code review would have come to an end, and the developer ordered to
do a rewrite, before the trick had been detected.
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
