[cryptography] IETF Working Group Charter on Common Interface to Cryptographic Modules (CICM)

Kevin W. Wall kevin.w.wall at gmail.com
Thu Jun 23 00:33:05 EDT 2011


On Wed, Jun 22, 2011 at 8:17 AM, Peter Gutmann
<pgut001 at cs.auckland.ac.nz> wrote:
> Marsh Ray <marsh at extendedsubset.com> writes:
>
>>Right, so one of the lessons learned here was that if IETF had considered
>>APIs and not just protocols those bugs in TLS would have been found long ago.
>
> A pen-tester I know once found a (fairly serious) security hole under the
> influence of (equally serious) pharmaceuticals, but I wouldn't recommend the
> IETF adopting that as a design strategy, just as I'd be pretty terrified of
> the result of the IETF trying to standardise a crypto API.  If you look at the
> history of all the widely-used crypto APIs:
>
> Crypto API designed by an individual or a single organisation:
>
> CryptoAPI: A handful of guys at Microsoft
> PKCS #11: Someone at RSA (I've heard different stories).
> JCE: A couple of guys at Sun.
> OpenSSL: Using the term "designed" very loosely :-), Eric Young and Tim Hudson.

> Crypto API designed by a committee:
>
>
>
>
> QED, I think.

Apparently esteemed Mr. Gutmann is too modest to include cryptlib. And also
Wei Dai's Crypto++ API probably should be in that list. (Jack Lloyd's Botan
was already mentioned in a separate post, but should be included as well.)

However, I'm not sure the assumption that CICM is being designed by
committee because it is seeking to go the IETF working group route is
a valid one. For one, Lev mentioned that it has arose from work that
Mitre did for the Air Force which means at least there is some basis for
previous design and I'd bet that it was designed by a relatively small
development team.  If anything, I would think that CICM seeking the
path of an IETF working group in order to be standardized would
parallel the path that was done followed by GSS-API en route to
RFC 2743 and before that RFC 2078 and before that RFC 1508.
(I was not involved in any of those RFCs, but I presume that they
also went through some similar process with an IETF working group,
no?)

Besides, if anything, I think that crypto APIs would suffer from
too little involvement from professional cryptographers than it would
from too much involvement. (Or are professional cryptographers
the type of people that if you back 5 of them into a corner they
will have at least 8 different opinions amongst themselves? ;-)

Anyhow, excuse my ignorance, but wouldn't time be better spent
critiquing the actual proposed CICM draft specification at
http://datatracker.ietf.org/doc/draft-lanz-cicm/?include_text=1
rather than setting up and knocking down seemingly straw men
arguments?

Thanks for hearing out a crypto novice.
-kevin
-- 
Blog: http://off-the-wall-security.blogspot.com/
"The most likely way for the world to be destroyed, most experts agree,
is by accident. That's where we come in; we're computer professionals.
We *cause* accidents."        -- Nathaniel Borenstein



More information about the cryptography mailing list