[Cryptography] one last thought for today on formal methods...

Perry E. Metzger perry at piermont.com
Sun Jun 8 19:18:19 EDT 2014


The fact that a serious security flaw in OpenSSL was found using
formal methods almost certainly means that, if they aren't using them
already, the bad guys, including various nation-states, will be using
formal methods across the board to look for vulnerabilities in
software going forward.

It would be a great shame if the good guys were not also using them
across the board to close such holes.

I really encourage everyone to learn about the state of the art.
Things are not like they were in 1985 -- formal verification is no
longer an infeasible pipe dream, and far too many people are still
unaware of how far the technology has come in the last couple of
decades.


Perry
-- 
Perry E. Metzger		perry at piermont.com


More information about the cryptography mailing list