[Cryptography] The GOTO Squirrel! [was GOTO Considered Harmful]

Andrew Righter andrew.righter at gmail.com
Sat Mar 1 10:11:54 EST 2014

> I doubt there are, because to do this kind of testing you need to poke around
> deep inside the internals of the crypto library.  What you're doing is
> generating incorrect or malformed output in a controlled manner, which isn't
> generally something that's supported in standard code.  In fact you don't even
> want the capability to do this present in your code (in my case you need to do
> a custom build) because it's rather dangerous to have sitting in there.
> Peter.

So more like intelligent fuzzing? Wondering if people like Mu Security did any of this with their quarter million dollar appliance. 

More information about the cryptography mailing list