does open source cryptographic software work correctly
play

Does open-source cryptographic software work correctly? Daniel J. - PowerPoint PPT Presentation

Apr 17, 2023 •215 likes •670 views

Does open-source cryptographic software work correctly? Daniel J. Bernstein CVE-2018-0733, an OpenSSL bug Because of an implementation bug the PA-RISC CRYPTO_memcmp function is effectively reduced to only comparing the least significant bit

  1. Does open-source cryptographic software work correctly? Daniel J. Bernstein

  2. CVE-2018-0733, an OpenSSL bug “Because of an implementation bug the PA-RISC CRYPTO_memcmp function is effectively reduced to only comparing the least significant bit of each byte.” Bug introduced May 2016. Does open-source cryptographic software work correctly? Daniel J. Bernstein

  3. CVE-2018-0733, an OpenSSL bug “Because of an implementation bug the PA-RISC CRYPTO_memcmp function is effectively reduced to only comparing the least significant bit of each byte.” Bug introduced May 2016. How severe is this? “This allows an attacker to forge messages that would be considered as authenticated in an amount of tries lower than that guaranteed by the security claims of the scheme.” Does open-source cryptographic software work correctly? Daniel J. Bernstein

  4. CVE-2018-0733, an OpenSSL bug “Because of an implementation bug the PA-RISC CRYPTO_memcmp function is effectively reduced to only comparing the least significant bit of each byte.” Bug introduced May 2016. How severe is this? “This allows an attacker to forge messages that would be considered as authenticated in an amount of tries lower than that guaranteed by the security claims of the scheme.” — Yes, 2 16 is “lower than” 2 128 . Does open-source cryptographic software work correctly? Daniel J. Bernstein

  5. CVE-2017-3738, another OpenSSL bug Don’t care about PA-RISC? How about Intel? “There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli.” Bug introduced July 2013. Does open-source cryptographic software work correctly? Daniel J. Bernstein

  6. CVE-2017-3738, another OpenSSL bug Don’t care about PA-RISC? How about Intel? “There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli.” Bug introduced July 2013. “Attacks against DH1024 are considered just feasible” Does open-source cryptographic software work correctly? Daniel J. Bernstein

  7. CVE-2017-3738, another OpenSSL bug Don’t care about PA-RISC? How about Intel? “There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli.” Bug introduced July 2013. “Attacks against DH1024 are considered just feasible” — How long? How much hardware? Does open-source cryptographic software work correctly? Daniel J. Bernstein

  8. CVE-2017-3738, continued “Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely.” Does open-source cryptographic software work correctly? Daniel J. Bernstein

  9. CVE-2017-3738, continued “Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely.” — Really? How much public scrutiny has the actual computation received from cryptanalysts? Does open-source cryptographic software work correctly? Daniel J. Bernstein

  10. CVE-2017-3738, continued “Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely.” — Really? How much public scrutiny has the actual computation received from cryptanalysts? What this looks like to me: “We have analyzed our new cryptosystem and concluded that attacks are not likely.” Does open-source cryptographic software work correctly? Daniel J. Bernstein

  11. CVE-2017-3738, continued “Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely.” — Really? How much public scrutiny has the actual computation received from cryptanalysts? What this looks like to me: “We have analyzed our new cryptosystem and concluded that attacks are not likely.” — Don’t we require public review? Does open-source cryptographic software work correctly? Daniel J. Bernstein

  12. Part of the CVE-2017-3738 patch @@ -1093,7 +1093,9 @@ vmovdqu -8+32*2-128($ap),$TEMP2 mov $r1, %rax + vpblendd \$0xfc, $ZERO, $ACC9, $ACC9 # correct imull $n0, %eax + vpaddq $ACC9,$ACC4,$ACC4 # correct and \$0x1fffffff, %eax imulq 16-128($ap),%rbx @@ -1329,15 +1331,12 @@ Does open-source cryptographic software work correctly? Daniel J. Bernstein

  13. Is open-source software bug-free? Eric S. Raymond, 1999: “Given a large enough beta-tester and co-developer base, almost every problem will be characterized quickly and the fix obvious to someone. Or, less formally, ‘Given enough eyeballs, all bugs are shallow.’ ” Does open-source cryptographic software work correctly? Daniel J. Bernstein

  14. Is open-source software bug-free? Eric S. Raymond, 1999: “Given a large enough beta-tester and co-developer base, almost every problem will be characterized quickly and the fix obvious to someone. Or, less formally, ‘Given enough eyeballs, all bugs are shallow.’ ” — “Beta-tester”: Ultimately, the unhappy user? Does open-source cryptographic software work correctly? Daniel J. Bernstein

  15. Is open-source software bug-free? Eric S. Raymond, 1999: “Given a large enough beta-tester and co-developer base, almost every problem will be characterized quickly and the fix obvious to someone. Or, less formally, ‘Given enough eyeballs, all bugs are shallow.’ ” — “Beta-tester”: Ultimately, the unhappy user? — “Almost every problem”: That’s not “all bugs”! Don’t we care about the exceptions? Rare bugs can be devastating, especially for security! Does open-source cryptographic software work correctly? Daniel J. Bernstein

  16. More reasons for skepticism — How do we know how many exceptions there are? How many people are looking for unobvious bugs? Does open-source cryptographic software work correctly? Daniel J. Bernstein

  17. More reasons for skepticism — How do we know how many exceptions there are? How many people are looking for unobvious bugs? — How can there be enough people looking for bugs when most developers prefer writing new code? Does open-source cryptographic software work correctly? Daniel J. Bernstein

  18. More reasons for skepticism — How do we know how many exceptions there are? How many people are looking for unobvious bugs? — How can there be enough people looking for bugs when most developers prefer writing new code? — ESR advocates a development methodology that releases a constant flood of new bugs. Doesn’t this make his “law” automatically true? Is this the correctness metric that users want? Does open-source cryptographic software work correctly? Daniel J. Bernstein

  19. So we should use closed source? “Closed source stops attackers from finding bugs.” Does open-source cryptographic software work correctly? Daniel J. Bernstein

  20. So we should use closed source? “Closed source stops attackers from finding bugs.” — What’s the evidence for this? How long does it take for an attacker to extract, disassemble, decompile the code? Does open-source cryptographic software work correctly? Daniel J. Bernstein

  21. So we should use closed source? “Closed source stops attackers from finding bugs.” — What’s the evidence for this? How long does it take for an attacker to extract, disassemble, decompile the code? “Closed source scares away some lazy academics, so we have fewer bug announcements to deal with.” Does open-source cryptographic software work correctly? Daniel J. Bernstein

  22. So we should use closed source? “Closed source stops attackers from finding bugs.” — What’s the evidence for this? How long does it take for an attacker to extract, disassemble, decompile the code? “Closed source scares away some lazy academics, so we have fewer bug announcements to deal with.” — Sounds plausible, but is the delay worthwhile? e.g. Infineon deployed RSALib very widely before 2017 Nemec–Sys–Svenda–Klinec–Matyas “ROCA”. Does open-source cryptographic software work correctly? Daniel J. Bernstein

  23. Closed source, continued “Closed source makes money, allowing investment in serious code review, producing bug-free code.” — What’s the evidence that this process works? Does open-source cryptographic software work correctly? Daniel J. Bernstein

  24. Closed source, continued “Closed source makes money, allowing investment in serious code review, producing bug-free code.” — What’s the evidence that this process works? This isn’t a talk recommending closed source. Does open-source cryptographic software work correctly? Daniel J. Bernstein

  25. Closed source, continued “Closed source makes money, allowing investment in serious code review, producing bug-free code.” — What’s the evidence that this process works? This isn’t a talk recommending closed source. I’m focusing on open source in this talk because • I spend most of my time with open source and • the only paths that I see towards real security need everything published to build confidence. Does open-source cryptographic software work correctly? Daniel J. Bernstein

  26. Cryptography is notoriously hard to review Mathematical complications lead to subtle bugs. Does open-source cryptographic software work correctly? Daniel J. Bernstein

Recommend

Does cryptographic software work correctly? 1. The scale of the problem Daniel J. Bernstein

Does cryptographic software work correctly? 1. The scale of the problem Daniel J. Bernstein

Does cryptographic software work correctly? 1. The scale of the problem Daniel J. Bernstein University of Illinois at Chicago; Ruhr University Bochum CVE-2018-0733, an OpenSSL bug Because of an implementation bug the PA-RISC CRYPTO_memcmp

1.32k views • 106 slides
1 Distribution of work: new functionality Distribution of work: fixes 7 8 Who reports

1 Distribution of work: new functionality Distribution of work: fixes 7 8 Who reports

The case for open source software Open Source Software Why Open Source Software / Free The process, the outcome Software (OSS/FS)? Look at the Numbers! David A. Wheeler The heat, the light Revised as of September 30 2004

464 views • 9 slides
Make Money With Open Source What is Open Source? Community Free software vs. open source

Make Money With Open Source What is Open Source? Community Free software vs. open source

Make Money With Open Source What is Open Source? Community Free software vs. open source Licenses: GPL vs. LGPL vs. MIT/Apache Foundations: Linux, Apache, Eclipse, Similar: Open Data, Open Hardware, Open Knowledge, ... Advantages of OS

508 views • 13 slides
1 Version 2: MIT, 1983 Bazaar Model Richard Stallman was Characteristics include

1 Version 2: MIT, 1983 Bazaar Model Richard Stallman was Characteristics include

Open Source Idea? SHARE and the Origins of Open The basic idea behind open source is very simple: When programmers can read, Source Software: 1953-1972 redistribute, and modify the source code for a piece of software, the software evolves.

530 views • 8 slides
Open Source Software/Hardware Decoupling Open Source Software (OpenStack, CORD)

Open Source Software/Hardware Decoupling Open Source Software (OpenStack, CORD)

Design principles for 5G Toward a new paradigm, All-IT Network architecture Unbundling Open Source Software/Hardware Decoupling Open Source Software (OpenStack, CORD) Unbundled Function Blocks Open Source Hardware (OCP,

180 views • 15 slides
What is open source? Computer software where the source code is distributed under an open

What is open source? Computer software where the source code is distributed under an open

What is open source? Computer software where the source code is distributed under an open source license that allows anyone to study, change, improve and distribute the software. Promotes collaboration Community of developers

878 views • 16 slides
What is open source ? Computer software where the source code is distributed under an open

What is open source ? Computer software where the source code is distributed under an open

What is open source ? Computer software where the source code is distributed under an open source license that allows anyone to study, change, improve and distribute the software. Promotes collaboration Community of developers

462 views • 14 slides
Open source your daily work! What happens if your daily work is happening in the open?

Open source your daily work! What happens if your daily work is happening in the open?

Open source your daily work! What happens if your daily work is happening in the open? DrupalEurope Darmstadt Bastian Widmer - @dasrecht | @amazeeio We will talk about: open source, challenges, benefits, a bit of history a recap on our past

820 views • 55 slides
The State of Open Source Databases Peter Zaitsev CEO, Percona October 1 st , 2019 Open Source

The State of Open Source Databases Peter Zaitsev CEO, Percona October 1 st , 2019 Open Source

The State of Open Source Databases Peter Zaitsev CEO, Percona October 1 st , 2019 Open Source Software Amazing times for Open Source Software! Commercial Success Fantastic Success of Open Source Based Businesses! RedHat Acquired by IBM

1.19k views • 52 slides
December 7, 2015 - January 25, 2016 What is open source? Computer software where the source

December 7, 2015 - January 25, 2016 What is open source? Computer software where the source

December 7, 2015 - January 25, 2016 What is open source? Computer software where the source code is distributed under an open source license that allows anyone to study, change, improve and distribute the software. Promotes

423 views • 15 slides
Creating Open Source Electronic Hardware with Open Source Software Tom Anderson Overview

Creating Open Source Electronic Hardware with Open Source Software Tom Anderson Overview

Creating Open Source Electronic Hardware with Open Source Software Tom Anderson Overview Open Source hardware (This is the smallest font) Business model Example circuit, concept -> production Make circuit boards with Open

806 views • 78 slides
Open Source software for libraries Presentation at ECCHRD meeting Budapest, 30-31 May 2011

Open Source software for libraries Presentation at ECCHRD meeting Budapest, 30-31 May 2011

Open Source software for libraries Presentation at ECCHRD meeting Budapest, 30-31 May 2011 Open-source software (OSS) is computer software of which the source code and certain rights are provided under a license that allows others to study,

186 views • 15 slides
Ut Utilizing lizing Free e Op Open n So Source ce So Software are and nd Op Open n

Ut Utilizing lizing Free e Op Open n So Source ce So Software are and nd Op Open n

Ut Utilizing lizing Free e Op Open n So Source ce So Software are and nd Op Open n Data a in the Crop rop Su Suitability ability Anal alysis sis of Adlai dlai for or Cl Climat mate e Ch Change nge Adap daptation ation

670 views • 15 slides
U:Kit open source software and hardware smoke detector Slavey Karadzhov slav@attachix.com

U:Kit open source software and hardware smoke detector Slavey Karadzhov slav@attachix.com

U:Kit open source software and hardware smoke detector Slavey Karadzhov slav@attachix.com Agenda Dream Team Creating U:Kit a smart device that is open source software and open source hardware. and created with/for

173 views • 16 slides
Open-Source FPGA Implementation of Post-Quantum Cryptographic Hardware Primitives Rashmi Agrawal

Open-Source FPGA Implementation of Post-Quantum Cryptographic Hardware Primitives Rashmi Agrawal

Open-Source FPGA Implementation of Post-Quantum Cryptographic Hardware Primitives Rashmi Agrawal , Bu Lake, Alan Ehret, and Michel Kinsy Adaptive & Secure Computing Systems Lab Department of Electrical & Computer Engineering Boston

964 views • 48 slides
Investigating the Effectiveness of Greedy Algorithm on Open Source Software Systems for

Investigating the Effectiveness of Greedy Algorithm on Open Source Software Systems for

Research Motivation and Aim Related Work Solution Approach Dataset and Results Conclusion References Investigating the Effectiveness of Greedy Algorithm on Open Source Software Systems for Determining Refactoring Sequence Sandhya Tarwani 1

920 views • 48 slides
Everyone wants (someone else) to do it Writing documentation for open source software Welcome

Everyone wants (someone else) to do it Writing documentation for open source software Welcome

Everyone wants (someone else) to do it Writing documentation for open source software Welcome Mike Pumphrey Projects Community Advocate OpenGeo Suite mike@boundlessgeo.com OpenGeo Training github.com/bmmpxf GeoServer Open Source

822 views • 46 slides
mITu Skillologies Open Source World http://mitu.co.in Existence of open source There is a

mITu Skillologies Open Source World http://mitu.co.in Existence of open source There is a

mITu Skillologies Open Source World http://mitu.co.in Existence of open source There is a vast increase in adoption of open source software solutions across the private enterprise, government associations and organizations, industries.

581 views • 18 slides
Open Komodo: An Open Source IDE For Open Languages For Open Languages Own Your IDE Eric

Open Komodo: An Open Source IDE For Open Languages For Open Languages Own Your IDE Eric

Open Komodo: An Open Source IDE For Open Languages For Open Languages Own Your IDE Eric Promislow ActiveState Software Inc. OpenKomodo: Own Your IDE Copenhagen, Denmark April 2, 2008 1 History Perl for Windows Active Python,

820 views • 65 slides
Automating Your Lights with Open Source Combining Open Source Hardware with Free and Open Source

Automating Your Lights with Open Source Combining Open Source Hardware with Free and Open Source

Automating Your Lights with Open Source Combining Open Source Hardware with Free and Open Source Software Leon Anavi Konsulko Group leon.anavi@konsulko.com leon@anavi.org FOSDEM 2018 Agenda Home automation and smart lightning Open

422 views • 30 slides
PANEL TITLE: A free choice for Europe: encouraging an independent Open Source industry

PANEL TITLE: A free choice for Europe: encouraging an independent Open Source industry

PANEL TITLE: A free choice for Europe: encouraging an independent Open Source industry James Lovegrove, Red H Director, EMEA public Po European Parliament Open Source Software Hearing Brussels, 16 May 2019 OPEN SOURCE SOFTWARE IS ALL

360 views • 22 slides
Free and Open Source Software T ools for Making Open Source Hardware Leon Anavi Konsulko Group

Free and Open Source Software T ools for Making Open Source Hardware Leon Anavi Konsulko Group

Free and Open Source Software T ools for Making Open Source Hardware Leon Anavi Konsulko Group leon.anavi@konsulko.com Embedded Linux Conference Europe 2017 23-25 October, Prague, Czech Republic Agenda Open source hardware Free and

488 views • 34 slides
Presentation Overview Introduction - motivation Software requirements Open source

Presentation Overview Introduction - motivation Software requirements Open source

Low-Cost Internet Synchronous Distance Education Using Open-Source Software J. Mark Pullen and Priscilla M. McAndrews Networking and Simulation Laboratory, C 3 I Center George Mason University Fairfax, VA 22030

638 views • 10 slides
The 3 phases of successful open software companies More than 78% of enterprises run on open

The 3 phases of successful open software companies More than 78% of enterprises run on open

DrupalCon Dublin - September 28th, 2016 by Taco The 3 phases of successful open software companies More than 78% of enterprises run on open source Fewer than 3% indicate they dont rely on open software in any way Market survey by Black

883 views • 55 slides

More recommend