[cryptography] Duplicate primes in lots of RSA moduli

Kevin W. Wall kevin.w.wall at gmail.com
Tue Feb 21 21:31:33 EST 2012


Apologies for this being a bit OT as far as the charter of this list goes,
and perhaps a bit self-serving as well. I hope you will bear with me.

I'm going to use Adam's comment as a jumping off point. I hope that
Adam doesn't mind because I've not asked him in advance. (Right now,
Adam is saying to himself "uh oh!". ;-)

On Sat, Feb 18, 2012 at 4:40 AM, Adam Back <adam at cypherspace.org> wrote:
[BIG SNIP]

> Occam's razor suggests cryptographic incompetence.. number one reason
> deployed systems have crypto fails.  Who needs to hire crypto people,
> the developer can hack it together, how hard can it be etc.  There's a
> psychological theory of why this kind of thing happens in general -
> the Dunning-Kruger effect.  But maybe 1 happened.
> [1] http://en.wikipedia.org/wiki/Dunning–Kruger_effect

To a degree, I think it is more ignorance than it is outright incompetence,
Overall, developers generally are much better than the general public
when it comes to analytic and reasoning abilities. And I think that
this Dunning-Kruger effect that you mention is a good explanation.
But this phenomena goes *way* beyond developer's ignorance of
cryptography. It even goes way beyond a general ignorance of
information security. A great example of this is time and time again, I
encounter _web_ application developers who have absolutely no clue
as to how HTTP works as a protocol. That just seems so counter
intuitive to me. Yet at least with the younger web developers, it seems
to be the rule rather than the exception. Some of this can be "blamed"
on the fact that web developers deal with higher and higher levels of
abstraction, until eventually, they really don't need to understand
what a Set-Cookie response header looks like. All of us do this to
some extent, but I think it is becoming more common and therefore
more noticeable because 1) technology moves at an ever increasing pace
and 2) IT management still hasn't figured out that developers can't
wear all hats and that there is no substitute for expertise. IT management
still thinks that all members of technical staff are completely interchangeable.

What does this have to do with the Dunning-Kruger effect? Well, I
think that it encourages developers, especially younger ones, to
fake it. Back when I started (now over 30 yrs ago!), it was OK to
admit your ignorance, at least at Bell Labs. And you could always
find someone to mentor you if you wanted to learn something new.
Not so today. Most people are too busy and I haven't seen any
_formal_ mentorship programs in any company for at least the
past 25 years.

So, let's bring this back to cryptography. I'm going to assume that
virtually all of you are a somewhat altruistic and are not in this game just
to make a boatload of money by keeping all the crypto knowledge
within the secret priesthood thereby driving your own salaries up.

For starters, I would urge those of you who are not involved in
the open source movement to step up and help out with things
like OpenSSL, OpenSSH, cryptographic libraries (in languages
*other* than C/C++), etc. Personally, I would *more* than welcome
someone here stepping forward and volunteering to head up
the crypto effort in OWASP ESAPI. Even though some
people from the NSA have reviewed it, I'm paranoid enough to
think that it's what they are NOT telling me that is wrong is what is
worrying me.

I know many of you have already contributed (I won't attempt to name
names because I'd probably unintentionally leave a few of you out and
offend them), but not nearly enough. Most of you who regularly post to
this mailing have commented on how you've seen some of the same
beginner crypto failures over and over, so how about starting with jus
 a simple crypto HowTo FAQ, maybe an OWASP crypto cheat sheat.

Consider this...If *you* don't help, then the crypto will have to be
left up to non-experts like me to work on it. And the only *major*
difference between myself and complete crypto newbs is that
I know that I don't know (and don't hesitate to squeal for help).
Others don't know that they have ignorance, so they don't ask,
and we've all seen the result.

Contributions to the community can come in many forms, whether
it be simple, like a FAQ, or a single crypto course on YouTube, or
something much complex like a book aimed at beginner / intermediate
developers.

>From where I sit, I see the following things that the development
community in general are lacking when it comes to things crypto:

1) They think that key size is the paramount thing; the bigger the better.
2) The have no clue as to what cipher modes are. It's ECB by default.
3) More importantly, they don't know how to choose a cipher mode (not
    surprising, given #2). They need to understand the trade-offs.
4) They have no idea about how to generate keys, derived keys, IVs,
5) They don't know what padding is, or when/why to use it.
6) They have a very naive concept of entropy...where/when to use it and
    from where and how to obtain it.

Fill-in your own favorites. These are just the ones that immediately popped to
mind.

Thanks for listening, from someone who truly appreciates this community.
IMHO, this is the *best* mailing list ever, bar none.

Regards,
-kevin
-- 
Blog: http://off-the-wall-security.blogspot.com/
"The most likely way for the world to be destroyed, most experts agree,
is by accident. That's where we come in; we're computer professionals.
We *cause* accidents."        -- Nathaniel Borenstein



More information about the cryptography mailing list