AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Cryptocat review9/1/2023 This has been written about by countless outlets, so I’ll assume you’re familiar with the basics. If you’ve bothered to look at Twitter or any technology news source, you’ve seen that Apple made a major announcement: Expanded Protections for Children. There is one very unusual property of crypto though – it’s not about math or modes, it’s about trust.Ĭryptography, especially as used today, has the most wonderful dichotomy of trust on one hand crypto, by its very nature, is used in situations lacking trust. It’s so elegantly simple, and yet massively complex. So, let’s write some code!ĭef encrypt(msg, iv, key) return e(e(msg, iv, key.slice(0.31)), iv, key.slice(32.63)) end def decrypt(cipher, iv, key) return d(d(cipher, iv, key.Įven as a child I was fascinated by cryptography – and often left the local librarians with puzzled looks thanks to the books I would check out. Find a way to implement AES-512.”ĭouble-AES-256! It’d be easy, and double encrypting has never bitten us before. “We need to boost our security – I think the NSA has broken everything we use. The right solution is probably some Avengers-style mashup. The problem: cryptographers aren't developers & developers aren't cryptographers. It can be expensive and time consuming, but that’s what it takes to keep the promises an application like Cryptocat makes. This kind of code needs to be reviewed by those competent in crypto systems, and built to a specification that was designed by a real cryptographer. Can mistakes still make it in that way? Sure – but the odds are a lot lower. I don’t release it to a ‘production’ environment until I’m sure as I can be that it’s right. Then have other people review it in detail. So I take extra time to review it in detail. Writing key generation code scares me, I’m paranoid that I’ll get it wrong. Having spent the past month doing it, let me tell you: implementing cryptography is *hard*. Or said more accurately, doing it right is hard. There’s no doubt that crypto is hard, everybody agrees on that. While in their blog post they seem to downplay the issue, I won’t – for a year, group chat was completely broken. When I wrote that, I wasn’t expecting it to be a bug that rendered the group chat encryption nearly pointless. Last year was painful for Cryptocat – the last audit may have been clean, but who knows what else may be found. I recently mentioned Cryptocat in my OPSEC article: For a year, the entire user base was at risk. In this case, the team behind Cryptocat failed. activists), you take on a certain responsibility for ensuring that at least the core functionality is doing what’s expected. When you release code like this to the public, and encourage people to use it – especially those that are at higher risk (i.e. Steve does a great job explaining the issue here but the short version is that the person that wrote the code – and anyone that’s reviewed it since then, didn’t understand what they were doing. That code should be well reviewed and understood by multiple people. The most vital step in any crypto system is the key generation if you get it wrong, nothing else matters. #Ĭryptocat has one mission, to provide secure communication – which is to say, to encrypt data. If you’re going to do one thing, do it right.
0 Comments
Read More
Leave a Reply. |