[Cryptography] Crypto RNGs in 2019
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Sun Feb 3 21:07:52 EST 2019
>From another security list:
So I wanted to encrypt some files. Thought about using 7z+password.
Stackexchange folks said "Didn't review it but it should be fine. You can
browse the code yourself". So I did. After a few mins I noticed they use
8byte "random" IV. Yes, half of IV is zeroes. But it gets worse.
[...]
I thought about reporting this at 7zip Sourceforge forums but then I vomited
again when I saw a long thread of largely incoherent exchanges on how 7z
should be using Twofish instead of AES-256 because obviously NSA backdoored
AES back in 2001 didn't you hear
https://threadreaderapp.com/thread/1087848040583626753.html
The post closes with a good summary of how a lot of current crypto works:
Seems typical of crypto/security code reviews in general - a bunch of folks
fighting over which hipster encryption/hashing/signing algos to use, while
overlooking the most obvious vulns and holes visible to anyone with half a
brain and a few mins to spare.
Peter.
More information about the cryptography
mailing list