[Cryptography] Crypto best practices
Ralf Senderek
crypto at senderek.ie
Sat Mar 18 14:41:35 EDT 2017
On Sat, 18 Mar 2017, Jerry Leichter wrote:
> *Secure cryptographic primitives don't combine securely.* If we could teach
> programmers that unfortunate truth, we'd get many fewer cryptographic
> disasters. Choice here is *not* your friend.
As always, details matter. What we need are solutions to specific
problems, (like secure authenticated messaging) in which every
aspect of the solution can be justified as a necessary part of
the secure system's required behaviour.
> By the way, this problem is in turn a particularly bad special case of a
> broader issue in security: We don't know how to compose secure modules
> into larger systems and maintain their security.
And that does include the OS and its numerous shortcomings w/r/t
maintaining the possibility of secure code running as expected.
In other words, the only thing we have to worry about are secure systems
and not secure primitives in an abstract space.
--ralf
More information about the cryptography
mailing list