Cryptography and D

Nick Sabalausky via Digitalmars-d digitalmars-d at puremagic.com
Sun Jul 6 13:14:42 PDT 2014 

On 7/6/2014 12:06 PM, Xinok wrote:
>
> However, a very important point comes up at 1:00:15 when a person asks
> about the implementation of the "mainstream" ciphers. It turns out the
> implementation of the cryptographic algorithms is well done and actually
> written by CRYPTOGRAPHERS. One of the developers admits its beyond their
> competency and they generally leave it alone.

Programmers are *intimidated* by crypto algorithms. They mistakenly 
believe they need to understand everything about how/why an algorithm 
work in order to implement it, and that's probably because any good 
programmer is already accustomed to working that way.

I guarantee that programmer would be perfectly capable of correctly 
implementing any of the algos if he grabbed a copy of the spec and 
actually tried. It's NOT that hard. That hard part was coming up with 
(and analyzing/peer-reviewing) the algorithm in the first place, but the 
mathematicians have already taken care of that.

Now, I don't doubt that OpenSSL's crypto implementations are heavily 
optimized and that undoubtedly makes it difficult to understand and not 
mess up (although, due to their deliberate "avalanche effect" nature, a 
broken crypto hashing or encryption algorithm is very likely be 
immediately caught by even a halfway decent unittest suite).

But still, good programmers are all deathly afraid of crypto algorithms, 
but it's completely unjustified:

1. The theory is completely separate and NOT REQUIRED for implementers. 
You don't need to know WHY the W3C defined CSS the way they did in order 
to implement CSS. You just need the spec and a test suite.

2. Implementation correctness is easily tested. More easily than most 
other algorithms.

3. ALL the other difficult, yet critically-important, security issues 
ARE NOT PART OF CRYPTOGRAPHIC THEORY OR THE ACTUAL CRYPTO ALGORITHMS. 
They are things we ALREADY need to be understanding and dealing with 
ANYWAY, REGARDLESS of whether we're implementing SHA or writing a web 
app's frontend.

This is a PROBLEM. It means the ONLY people implementing cryptography 
are A. the bad programmers and B. the crypto mathemeticians who's job 
DOES NOT NECESSARILY REQUIRE any understanding whatsoever of the 
non-crypto security issues that WE programmers ALREADY need to be 
dealing with ANYWAY.

More information about the Digitalmars-d mailing list