[Cryptography] Other obvious issues being ignored?

[Peter Gutmann]

Ray Dillinger <bear at sonic.net> writes:

>Yes, I am that guy who is compiling the checklist of things of such
>boneheaded obviousness that you couldn't get anyone to come up with them all.

Beyond a certain point, you really can't use a checklist any more, you need
someone with actual security skills to write the code.  If you're having to
ask things like "does your code accept the value 15 as a DH cryptographic
prime" and "does your code allow RSA keys with exponent 1" then you're also
going to have to ask things like "does your code store its private keys in
Pastebin" and "does your code allow root access to the system if the user
enters xyzzy as their password" (what about "october"? What about "joshua"?
What about "joshua1"?), at which point there's a near-infinite amount of
further stupid that you need to check for.

If asked for a checklist, I'd assume at least some minimum level of security
competence, and so only have to cover the tricky stuff that does trip people
up from time to time.

Or just get the code written by someone who knows what they're doing.  Do you
really want someone who has to constantly refer to a Checklist of Boneheaded
Security Mistakes to be writing your crypto code?  If you walked into a
hospital for surgery and your surgeon started flipping through "Introduction
to Open-heart Surgery for Dummies", would you feel comfortable going under the
knife?

Peter.