[cryptography] Oddity in common bcrypt implementation

Ian G iang at iang.org
Tue Jun 21 12:31:24 EDT 2011


On 20/06/11 10:59 AM, Solar Designer wrote:
> On Wed, Jun 15, 2011 at 04:22:55AM +0400, Solar Designer wrote:
>> I am trying to
> learn some lessons from this.


This used to happen to me a lot in the old Cryptix days, which for a 
while were a sort of smorgasboard of algorithms.

One lesson was that any algorithm had to have test paramaters, which 
would be coded into the code directly.  If it didn't have them, we had 
to go find them or make them.

Another lesson was that there had to be a harness that would pump random 
data into two distant implementations and compare them over Mb of 
results, and keep lots of internal state in case there was a clash. 
This would typically be done with an outside program (using pipes or 
files) because the other implementation would be in another language. 
We'd let it run for hours...  This was really useful, and would often 
pick up really subtle differences in definition like those wierd sign 
effects and misuse of language number types.

> I'd appreciate any suggestions.


Occasionally (speaking from my experience) this would cause a real 
compatibility issue.  In that case, we'd write in a sort of hack into 
each program that would test variant A, and if that failed, test variant 
B.  This is definately a gross hack... but it was better than breaking K6.



iang



More information about the cryptography mailing list