On the Origin of Trust: Struggle for Secure Cryptography

Abstract : Cryptographic primitives, like encryption schemes, hash functions... are the core of most security applications. But the trust that users place in these algorithms has been repeatedly violated. There are many examples of attacks which exploit weaknesses of the underlying cryptographic primitives, like the recent Logjam and Sloth attacks against TLS. So when can we trust cryptography? It should be clear that we cannot trust algorithms which do not have public design rationale and which have not been thoroughly studied. Most notably, the primitives recommended by the cryptographic community are those which have been chosen after an international competition. Within such an open contest, like the AES and the SHA-3 selection processes, all proposals have been carefully analyzed by all participants; their security margins have been evaluated. This ongoing cryptanalytic effort is the only reliable security argument to consider when deciding which primitive to trust.
Type de document :
Communication dans un congrès
Dot Security 2016, Apr 2016, Paris, France
Liste complète des métadonnées

https://hal.inria.fr/hal-01401311
Contributeur : Anne Canteaut <>
Soumis le : mercredi 23 novembre 2016 - 10:28:40
Dernière modification le : jeudi 26 avril 2018 - 10:28:10
Document(s) archivé(s) le : lundi 20 mars 2017 - 20:36:18

Fichier

dotsecurity16.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : hal-01401311, version 1

Collections

Citation

Anne Canteaut. On the Origin of Trust: Struggle for Secure Cryptography. Dot Security 2016, Apr 2016, Paris, France. 〈hal-01401311〉

Partager

Métriques

Consultations de la notice

152

Téléchargements de fichiers

48