Problem 9: Implementing crypto applications is pretty hard, too

• No one knows how to write correct software

  • data type mismatch, endian errors, etc. (especially hard with cross-platform source development)
  • important steps of protocol left out
    • e.g., failing to pad short blocks prior to signature
  • sending cleartext instead of ciphertext
  • user interface error (-encrypt flag doesn’t encrypt)
  • failing to check for/handle error conditions
    • sometimes causes silent revert to cleartext

• Security bugs don’t cause obvious failures...

Previous slide

Next slide

Back to first slide

View graphic version