[Cryptography] "We need crypto code training" and other obviosities.

[ianG]

Taking on the Devil's Advocate here!


On 22/10/2015 14:33 pm, Ray Dillinger wrote:
> On 10/22/2015 04:00 AM, Michael Bramwell wrote:
>> The main difference I see in these examples are that to be a surgeon or pilot requires significant training and accreditation while writing crypto code does not.


Well, pilots and surgeons do have rather a long history of killing 
people.  Or worse, leaving them maimed and angry...

As has been pointed out frequently albeit unpopularly, the record of 
people dying and being harmed from bad crypto is not written.  It's 
popularist, anecdotal and often self-serving for the industry, but 
basically it is as credible as tabloid news.

(I'm being serious here - the security industry talks a good talk but 
has little evidence written down to back up their noise.  This is why I 
write a list of CA threats at http://wiki.cacert.org/Risk/History so 
that at least in my own little corner we have something written, however 
slapstick.)


> Welcome to my quote file.

A challenge!

> The assumption that writing crypto code requires no particular
> training is at the root of SO MANY of the kind of boneheaded
> problems we've been talking about.


So, you say that.  But what do you mean, in practical terms?  Some 
counterpoints.

* I'm no academic, but I don't think I've come across a course in 
cryptoplumbing.

* SANS doesn't run a course like that (I'm told), which is kind of an 
indication that there isn't an easy commercial play here.

* There are a few books, a few guides, and so forth but I'm not keen to 
point at them yet.

* then there is every Uni's crypto course.  One, per Uni, it seems. 
Which might or might not mix in some programming.  I can't think offhand 
of a University which is renowned for teaching great crypto coding.



I'm not saying we don't need such a thing.  I am suggesting we haven't 
got such a thing - so how confident can we be that it is the right answer?

If I think of my crypto students over time, none of them were ever 
taught a formal course in crypto programming.  In all cases it was like, 
here's this problem, here's some tips on implementations, go at it.  My 
last student managed Salsa/ChaCha, Poly, RNG and a DH key exchange, 
building on about 1 years worth of CS with Java and no prior crypto 
experience - using papers and direction and net and sweat and tears. 
Not from "a course" athough she did return from internship and do the 
formal university crypto101 course afterwards.



If I had to have a stab at what this means, I'd say that crypto 
programming is 90% good programming, 9% good business understanding and 
1% crypto.

Just to be flagrant, of course!  What say others?

If you've got seriously good programming skills you can pick up the 
crypto as long as we stick to black boxing.  Sure, if we get into some 
of the crazier stuff, all bets are off, but that's not recommended even 
if you can understand the stuff.  Most or all of the things we should be 
using are black boxed.

On the other hand if you've got great crypto skills and aren't a good 
programmer ... well, you're screwed.  IMHO.  If you've got no business 
skills, we're screwed.

I'm not saying such a thing as a crypto programming course or whatever 
"training" means isn't needed - or wouldn't make a difference - just 
that we don't seem to have it, so I'm a bit skeptical that we got as far 
as we did if it was entirely necessary.



iang