On 7/6/2014 12:06 PM, Xinok wrote:
However, a very important point comes up at 1:00:15 when a person asks about the implementation of the "mainstream" ciphers. It turns out the implementation of the cryptographic algorithms is well done and actually written by CRYPTOGRAPHERS. One of the developers admits its beyond their competency and they generally leave it alone.
Programmers are *intimidated* by crypto algorithms. They mistakenly believe they need to understand everything about how/why an algorithm work in order to implement it, and that's probably because any good programmer is already accustomed to working that way.
I guarantee that programmer would be perfectly capable of correctly implementing any of the algos if he grabbed a copy of the spec and actually tried. It's NOT that hard. That hard part was coming up with (and analyzing/peer-reviewing) the algorithm in the first place, but the mathematicians have already taken care of that.
Now, I don't doubt that OpenSSL's crypto implementations are heavily optimized and that undoubtedly makes it difficult to understand and not mess up (although, due to their deliberate "avalanche effect" nature, a broken crypto hashing or encryption algorithm is very likely be immediately caught by even a halfway decent unittest suite).
But still, good programmers are all deathly afraid of crypto algorithms, but it's completely unjustified:
1. The theory is completely separate and NOT REQUIRED for implementers. You don't need to know WHY the W3C defined CSS the way they did in order to implement CSS. You just need the spec and a test suite.
2. Implementation correctness is easily tested. More easily than most other algorithms.
3. ALL the other difficult, yet critically-important, security issues ARE NOT PART OF CRYPTOGRAPHIC THEORY OR THE ACTUAL CRYPTO ALGORITHMS. They are things we ALREADY need to be understanding and dealing with ANYWAY, REGARDLESS of whether we're implementing SHA or writing a web app's frontend.
This is a PROBLEM. It means the ONLY people implementing cryptography are A. the bad programmers and B. the crypto mathemeticians who's job DOES NOT NECESSARILY REQUIRE any understanding whatsoever of the non-crypto security issues that WE programmers ALREADY need to be dealing with ANYWAY.
