On Wed, Aug 02, 2006 at 10:47:00PM +0000, Brian M. Carlson wrote:
> On Wed, Aug 02, 2006 at 09:12:13PM +0200, Ulf Harnhammar wrote:
> > On Sun, Jul 30, 2006 at 01:51:48PM +0100, James Westby wrote:
> > > 2) I have an ITP[3] open for seccure[4]. I would be interested in an
> > > audit of the code.
> >
> > I have audited it now. I looked for the normal problems like buffer
> > overflows, format string bugs and NULL dereferencing without finding
> > any bugs at all. It's all well-written code by someone clueful. I don't
> > know very much about cryptography, so I have no idea whether the
> > program's encryption is easy to break or not.
>
> I've looked at the underlying primitives, but not their implementation.
> In short, if they are actually implemented properly[0], they are
> secure[1].
This is the problem that I have with cryptography audits. I can
look over the code for the standard buffer overflows and format
string-type bugs. But I don't have enough of a grasp of the actual
theory to know if the primitives, or the algorithm implemenation is
correct.
I think for that reason it would be bad for me to really look at
any code like that, since after looking for obvious bugs I'd not
be able to say with confidence that the program was OK or not.
Steve
--
|
