I’ve come to understand there are just a few reasons why security exploits tend to occur in software systems. They are:
- stupidity (thoughtless coding)
- ignorance (using the wrong tools)
- unusual environments (virtual, hardware, etc.)
Since stupidity and ignorance tend to be kissing cousins, it would be nice to have a crypto swiss army knife on one’s belt. For Erlang/OTP hackers, we put together a small collection of crypto goodies in order to quell the mad scramble to locate the right tool for the job, when there is little time to perform a deep dive on what’s what in the crypto world.
Syncpup has created ‘Percival’ : a collection of routines for everyday crypto. Here’s a little background on why this OTP library application exists.
Stupid & out of touch (thanks crypto!)
How much should developers be expected to know about crypto? At what cost should one make time to keep up with what’s à la mode? How will playing catch-up lead to sloppy and loose code when there’s a deadline and a security fix is called upon to be quickly put into place?
Stupidity seems all too easy a trap to fall into when in comes to crypto. In the land of nine-letter acronyms, there’s a myriad of solutions to choose from and so many ways to use the wrong tool; messing up is almost understandable. Perhaps this is why the koan of ‘don’t implement crypto yourself’ is largely an accepted one.
Ignorance is tricky to avoid altogether, as well. The fact of the matter is that there’s an arms race between attackers, hardware makers and The Internet Engineering Task Force (to name just a few of the players). A good heuristic one day, may not hold for a time shortly after. Is it realistic for programmers to be in the know, all the time? If the answer is yes, then what aspects of programming will we give up in order to make time?
One trap, two trap, three trap, four
Colin Percival is the FreeBSD security expert, and has been harping on crypto best-practices for some time. This library, named ‘Percival,’ for good reason, makes an attempt to adopt some of these best practices, but also is thoughtful to exclude oodles of even popular techniques, in order to focus on the parts of cryptography that tend to continuously come up.
Syncpup has made an attempt to capture some of Colin’s expertise and dish up most of the techniques he lauds, all in one handy-dandy API.
The Erlang way
Erlang/OTP has decent support for handling most
crypto with ease. And most of ‘Percival’ is just
an API into OTP’s
crypto API, all truth
The public repository for ‘Percival’ is here:
Listed below are the main features ‘Percival’ makes available:
- storable password (PBKDF2)
- unencrypted encoding
- both symmetric & asymmetric signature (authentication)
- verification for signatures
- public-key encryption & decryption
- symmetric encryption (AES-256 with CTR)
This application library is a work-in-progress, and will be refined as tends to happen with any code.