[Cryptography] "Is FIPS 140-2 Actively harmful to software?"

ianG iang at iang.org
Fri Jun 20 12:34:06 EDT 2014


On 20/06/2014 15:30 pm, Dirk-Willem van Gulik wrote:
> 
> Op 20 jun. 2014, om 15:11 heeft Ben Laurie <ben at links.org> het volgende geschreven:
> 
>> On 20 June 2014 14:00, Jerry Leichter <leichter at lrw.com> wrote:
>>> He never quite says "yes" but he clearly thinks it.
>>
>> I think it, too. I did the beginning of the first implementation for
>> OpenSSL, and I hated it then. For example, they made me remove the
>> inclusion of the PID in the random pool (which prevents duplicate
>> randomness after a fork).
>>
>> It hasn't got any better.
> 
> 
> Arguably it got worse and slower.  
> 
> And yes, It is very easy to rally behind this type of sentiment; the stupidity; the inefficiency of good design processes done by committee and the meagre output of their output; especially given the immense volume and quality of individual inputs. 
> 
> If there ever was a competition for a crap one with substandard governance - FIPS would do well in that race!
> 
> However I’d caution agains going too far and de-facto/industry wise killing it by voting with our feet.
> 
> Without FIPS (or a similar standard), no matter how low or bad, we loose ‚aim’.


I disagree with your pessimism.  The common factor for FIPS, Mont Blanc
and Dutch dykes-with-roofs is this:  government.

And the whole politician effect.

Back in the market world, we don't need no stinkin' grandstandin'
politician to promise us software security while sliding the 5 fingers
into our back pocket to pay for it.  Vote #MayDayPAC if you are American...

The open security market is a market in silver bullets.  FIPS, CC,
audits, etc are just more silver bullets.

What seems to speak in this market is two things:

    * market results:  how many customers have been protected from how
many attack(ers) .. and for that, we can get a reasonable estimate just
by looking at the market (by which I mean, standard marketing
calculations, not cryptothink).

    * name.  And, while we're on the meme of signals, if there is one
reliable signal in a world of silver bullets, it is:  rep.  I trust
certain guys to get it right.  I trust James to get a good payment
system, I trust Jon to do a good comms system, and I'll back PHB on the
mail thing, altho I disagree on the premise.  DJB & Tanja impress on the
ciphersuite.  Zooko on file systems.  Etc.

Those guys will secure the herd.  If any of them start talking FIPS or
CC or ISO or ETSI ... then my faith goes down.  And the herd better
watch out.





iang

ps; and I'm not so keen on IETF WGs either ;)


More information about the cryptography mailing list