Cryptography and D

Chris Cain via Digitalmars-d digitalmars-d at puremagic.com
Sun Jun 29 12:25:28 PDT 2014 

On Sunday, 29 June 2014 at 17:45:41 UTC, Nick Sabalausky wrote:
> The crypto algorithms are very well defined and documented. You 
> don't need to understand the theory behind them in order to 
> implement them. You just need to be able to:
>
> - Read/follow the spec accurately
> - NOT invent your own variants/algorithms
> - Be pedantic about avoiding the normal sets of potential 
> software exploits (as you would with any software that handles 
> sensitive data).
> - Write/use sufficiently pedantic tests
> - Be up-to-date on what's algos are considered outdated and 
> questionably secure.
>
> This is a standard "scientist vs engineer" issue. The crypto 
> experts are the scientists who figured it all out. We're the 
> engineers who take their information and use it.
>
> Obviously being well-versed in crypto theory *in addition* to 
> everything above is even better still, but it isn't essential. 
> The five critica above are essential.

Of course, following all of those suggestions isn't trivial to 
begin with. Technically, you're right, but because what you said 
isn't easy to follow to begin with, it doesn't support the 
argument of "you can implement a crypto algorithm."

I've seen not-so-subtle violations of "follow the spec 
accurately" and it's especially easy to do in C/C++ where 
"undefined behavior" will cause the compiler to rewrite your 
program in sometimes very unpredictable ways. Sure, that 
situation is better in D, but the precedence is that to suggest 
that any implementation of any crypto algorithm must, at minimum, 
be studied and criticized by several experts in both crypto (to 
verify you're logically following the spec) and experts in the 
language itself (to verify that what you have typed is guaranteed 
to ultimately be accurately represented in machine code).

Basically, if you have data you must have secured (the reason why 
you'd use a crypto algorithm to begin with), you must go beyond a 
sane level of pedantry. The only acceptable insane level of 
pedantry I know of is only possible with people that have 
doctorates in cryptography. :)

Plus, add what Xinok said. That's showing the level of pedantry 
we're talking about with crypto where you have to cover things 
like timing attacks and power analysis (or, admit that your 
crypto library isn't suitable for covering those attacks).

That's not to say you shouldn't ever do it, but you really need 
to truly understand what it is you're doing when you implement 
any crypto. Even using crypto requires a certain (often ignored) 
level of knowledge or you introduce issues.

More information about the Digitalmars-d mailing list