rhkelly wrote on 3/5/2004, 4:34 PM: > Ian Grigg wrote: > > > Peter Gutmann writes about this here: > > > > http://www.cs.auckland.ac.nz/~pgut001/#design > > (3rd bullet point, skip down, there are a bunch > > of links). > > Which is *exactly* what is wrong. Gutmann complains: > > 'The determined programmer can produce snake oil using > any crypto tools...' > > and goes on and on with his theme about the design, devices, > policies etc., that would make it impossible for the above > to happen; i.e., no matter how ignorant the programmer, once > he uses the 'right' crypto library, all his apps should be > perfectly secure. Indeed, in the same paper he concludes: > > [crypto API should be] ...at the highest possible level, > in order to prevent users (i.e., application programmers,rk) > from injuring themselves... > > This fallacy has taken the design of crypto libraries way > too far into the territory where, IMHO, they attempt to do > not only more than they should, but more then they ever could. > > As the libraries grow ever more complex, incompetent > programmers keep merrily producing apps with ever larger > security holes, while treating their (application software) > users as idiots, i.e., the same way Gutmann would treat them. > It is therefore no wonder that application software full of > security holes is nicely complemented by users who neither > understand their threat/security model, nor put any effort > into actively managing it. > > We are not getting ahead of this game.
Gutmann is talking about security holes resulting from incorrect application of cryptography. You are talking about general software security holes, most of which, such as buffer overflows, have nothing to do with cryptography. Some of the security holes resulting from improper application of cryptography are very subtle and were not obvious to even experts before they were discovered. This is why Gutmann and my colleague Nelson urge people to use high-level cryto API or security protocols. They are not treating crypto library users as idiots. They are not saying that you don't need to use good software engineering practices to eliminate other kinds of software security holes (such as buffer overflows). Wan-Teh _______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
