Upload
suzy-smith
View
201
Download
1
Embed Size (px)
Citation preview
Not in the Job DescriptionRoss McDonaldSenior Developer, FrogSlayer
Requirements• Is a website• Users can store content• Users can login• Only logged in users can
modify content• User content is analyzed using
client algorithm
Developer knowledge
Assumed Expertise
Client Provided Knowledge
Probability / Random Sampling• Random vs. Pseudorandom• Correct use of PRNGs• Converting uniform distributions to non-
uniform distributions
Produce a predictable sequence determined by initial seed
• Seed once• Make sure its properties
fit your need
Pseudorandom Number Generators
PRNG Output Transformation Pitfalls• Bounding with rand()%max or similar• Producing byte-streams or floats with random ints incorrectly• Sampling more complex distributions with a uniform PRNG
incorrectly
Computer Security Pitfalls• Not understanding Encryption /
Authentication / Integrity• Not trusting the defaults and standards
(rolling your own)• Trusting the defaults and standards
Alice Bob
Authentication Integrity Encryption
Trust the Defaultse.g. .NET provides CryptoServiceProvider classes with reasonable defaults.
• GenerateKey()• GenerateIV()• Sane default Mode (CBC)
Original ECB Non-ECB
Don’t Trust the Defaults• No matter how self contained the library is, there is potential for
misuse (e.g. Padding Oracle Attack)• PGP does not provide forward secrecy• GnuPG was slow in adopting Elliptic Curve• The NSA / RSA BSAFE debacle
Takeaways • Recognize problems are more complicated than you might think.• Never stop learning.• Immerse yourself in technical cultures (e.g. blogs, podcasts, stack
exchange)• Know enough about everything to know when your client’s concerns
warrant an expert