On the Origin of Trust: Struggle for Secure Cryptography

Abstract : Cryptographic primitives, like encryption schemes, hash functions... are the core of most security applications. But the trust that users place in these algorithms has been repeatedly violated. There are many examples of attacks which exploit weaknesses of the underlying cryptographic primitives, like the recent Logjam and Sloth attacks against TLS. So when can we trust cryptography? It should be clear that we cannot trust algorithms which do not have public design rationale and which have not been thoroughly studied. Most notably, the primitives recommended by the cryptographic community are those which have been chosen after an international competition. Within such an open contest, like the AES and the SHA-3 selection processes, all proposals have been carefully analyzed by all participants; their security margins have been evaluated. This ongoing cryptanalytic effort is the only reliable security argument to consider when deciding which primitive to trust.
Type de document :
Communication dans un congrès
Dot Security 2016, Apr 2016, Paris, France
Liste complète des métadonnées

Contributeur : Anne Canteaut <>
Soumis le : mercredi 23 novembre 2016 - 10:28:40
Dernière modification le : jeudi 24 novembre 2016 - 01:05:13
Document(s) archivé(s) le : lundi 20 mars 2017 - 20:36:18


Fichiers produits par l'(les) auteur(s)


  • HAL Id : hal-01401311, version 1



Anne Canteaut. On the Origin of Trust: Struggle for Secure Cryptography. Dot Security 2016, Apr 2016, Paris, France. 〈hal-01401311〉



Consultations de la notice


Téléchargements de fichiers