[1735] in cryptography@c2.net mail archive
Re: Crypto in real life
daemon@ATHENA.MIT.EDU (Bill Frantz)
Fri Oct 10 19:51:53 1997
In-Reply-To: <Pine.BSI.3.91.971009142232.20119B-100000@ivan.iecc.com>
Date: Thu, 9 Oct 1997 20:47:00 -0700
To: John R Levine <johnl@iecc.com>, cryptography@c2.net,
penny@authentex.com (Penelope Whitelock)
From: Bill Frantz <frantz@netcom.com>
-----BEGIN PGP SIGNED MESSAGE-----
At 11:23 AM -0700 10/9/97, John R Levine wrote:
>> From: penny@authentex.com (Penelope Whitelock)
>
>Oh, if someone with better crypto credentials than mine could drop her a
>polite note and explain why crypto software isn't like other software I'd
>appreciate it. She reports she's worked on all sorts of other mission
>critical stuff and seems not to see any reason why crypto should be
>different.
I don't know about my credentials, but you don't need an expert when simple
reason will do.
One very simple answer is that for security software in general, and crypto
software in particular, the failures are not obvious. When the flight
software causes your drone to crash, the fact that there is a bug is fairly
obvious. When you use an insecure random number generator, or a poorly
chosen crypto mode, your software appears to work. It is only when it is
important enough for someone to mount an attack, the weakness appears.
That is why it is worthwhile to have a bunch of people looking at the code.
When I wrote a secure random number generator, the first version had a
small bug. All the bits it stirred into its entropy pool were zero. I
caught this bug, but if I hadn't, the systems that used the generator would
have appeared to work. They just would not have been secure.
- -------------------------------------------------------------------------
Bill Frantz | Internal surveillance | Periwinkle -- Consulting
(408)356-8506 | helped make the USSR the | 16345 Englewood Ave.
frantz@netcom.com | nation it is today. | Los Gatos, CA 95032, USA
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv
iQB1AwUBND22HdQgMXPCzT+1AQF5NQMAiuHmJlN37F1ZD7iULMJbX5tn//cgy8j2
vhpy65HKf2Wxv4GA+wiGeMWEgVy3uuwcnYSjfwEvS20jaX4bfaqjdEOcfZ6mK8ls
32CIq70CEK2yN6ekmEwO9/3QkcsSmstG
=teDE
-----END PGP SIGNATURE-----
