[cryptography] Design Strategies for Defending against Backdoors

Benjamin Kreuter brk7bx at virginia.edu
Mon Nov 18 08:01:01 EST 2013

On Mon, 18 Nov 2013 10:27:30 +0300
ianG <iang at iang.org> wrote:

>      Vendors should make their encryption code public, including the 
> protocol specifications. This will allow others to examine the code
> for vulnerabilities.

I would add to this that simpler code is better.  The Underhanded C
Coding Contest should serve as a warning about large codebases.

There are also cases where we care more about our ability to audit the
code than about the performance; email encryption, for example (the
work is all done on the client side, and email already has some
expected latency).  In those cases, I think we should be writing code
that is simple, short, and which clearly implements provably secure
constructions.  To that end, here is a small proof-of-concept I wrote
in Python; it is an implementation of Cramer-Shoup encryption.
Constructive criticism is welcome, and I apologize in advance for the
sparse documentation:


-- Ben
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20131118/56277f8b/attachment.asc>

More information about the cryptography mailing list