[Cryptography] Other obvious issues being ignored?
Ray Dillinger
bear at sonic.net
Wed Oct 21 21:26:15 EDT 2015
On 10/19/2015 08:00 PM, Peter Gutmann wrote:
> Thierry Moreau <thierry.moreau at connotech.com> writes:
>
>> It's a shame that this old issue has been ignored until now!
>>
>> What other "obvious" questions are we ignoring?
>
> Lots and lots and lots, and specifically questions so obvious that they
> shouldn't even need to be asked. Things like "will your implementation accept
> RSA keys with exponent 1" (many did, until bad publicity forced a fix), "will
> it accept keys known to be insecure twenty years ago?" (ditto), "will it
> accept obviously non-prime primes for public keys?" (ditto), and so on and so
> on. ....
>
> You can't even come up with a checklist for this, because you'd have to ask so
> many questions, and of such boneheaded obviousness, that you couldn't get
> anyone to come up with them all. In the meantime, people are so busy debating
> whether they can use the Ed209 curve with the Blake7 hash function or not that
> they're missing the fact that the app they want to use it with will happily
> accept the number 15 as a DH prime (yes, there are browsers that did that).
Yes, I am that guy who is compiling the checklist of things of such
boneheaded obviousness that you couldn't get anyone to come up with them
all.
And, your help is appreciated. When you refer to a serious security
failure in hardware or software (even - or especially! - one that's
so mind-breakingly obvious it seems trivial), please give me a point
to start researching from. At least the name of the system affected
and something like a timeframe. I try to do research into how things
came to be, but I have to have someplace to start.
The only way to justify asking checklist questions of such boneheaded
obviousness is to demonstrate that this is a real mistake that has
already been made at least once by real people, and hopefully also to
dcocument that it had real costs. So each and every checklist
question has to be preceded/explained by a real episode that happened
to real people and resulted in a real bug.
Also, the stories add interest and "teachable moments"; if it were
*just* a checklist I couldn't imagine anybody reading more than ten
pages of it, nor retaining the information in a form meaningful enough
to occur to the poor human brain at an appropriate moment.
The series of articles entitled "Cybernetic Entomology" (and, yes, I
know that other writers have used the same tag). ATM it is a series
of blog posts. Hopefully eventually it will become a book.
I intended this at the outset to be more generally about bugs, but
as time went on it seems to have become focused more specifically
on security bugs. Here are some of the articles, in case you're
interested: If these remind you of other things I ought to write
about, or if you have corrections of fact to share, please let me
know.
Bear
http://dillingers.com/blog/2015/02/12/cybernetic-entemology/
http://dillingers.com/blog/2015/02/19/mismatch-of-purpose/
http://dillingers.com/blog/2015/02/21/ce-insecure-firmware/
http://dillingers.com/blog/2015/02/22/ce-adware-ca/
http://dillingers.com/blog/2015/02/23/ce-focus-on-security/
http://dillingers.com/blog/2015/02/24/ce-updatable-firmware-in-hard-drives/
http://dillingers.com/blog/2015/03/03/ce-transcription-errors/
http://dillingers.com/blog/2015/03/17/ce-clock-drift-and-coordinated-action/
http://dillingers.com/blog/2015/03/14/ce-failover-that-fails/
http://dillingers.com/blog/2015/03/06/ce-smack-attacks/
http://dillingers.com/blog/2015/06/09/ce-random-numbers-and-response-parsing/
http://dillingers.com/blog/2015/07/22/ce-lets-talk-about-gsm-encryption/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20151021/a98d4f94/attachment.sig>
More information about the cryptography
mailing list