Sign in / up

back to article Testing times: Can your crypto-code survive the Google gauntlet?

Google has unleashed Project Wycheproof, a set of security tests to check cryptographic libraries for susceptibility to known weaknesses. The toolkit, maintained by Google’s security engineers, is named after Mount Wycheproof, the smallest mountain in the world, and has set out with commendably modest goals. The aim is to look …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. NoneSuch Silver badge
    Big Brother

    How many of those flaws were deliberately introduced by the US Gov to hamper standards, we'll never know. As a guess. A lot of them.

    2 3 Reply
    1. Primus Secundus Tertius
      Reply Icon

      Ah, the conspiracy theory rather than the cockup theory.

      But usually it is a cockup. I blame modern education, which tells children to be creative rather than telling them to check their work.

      I seem to remember a recent celbrated case, possibly for SSH, where the offending code had been checked in at 11.30pm on New Years Eve. How to inspire confidence - NOT.

      2 0 Reply
  2. Dave 126 Silver badge

    > named after Mount Wycheproof, the smallest mountain in the world,

    I've just spent five minutes trying to chase down a source for its status as a mountain, but so far all my google results appear to form a loop.

    Quite a few pages called it 'the smallest registered mountain in the world', but no where have I yet found what 'registered mountain' means.

    I'll give it another 5 minutes and report back shortly.

    [EDIT:] Ah, it would appear that there is no universal definition of 'mountain', and people understand that definition can vary from place to place. The very minimum is that it be a geological feature with steep sides that dominates a surrounding area - so Mount Wycheproof qualifies in those respects.

    The UK generally uses a height of roughly 2000' or (300 M, or more than a few Brontosauri stacked nose to tail) to distinguish mountains from hills. I live and I learn!

    5 0 Reply
    1. Sandtitz Silver badge
      Reply Icon
      Coat

      "The very minimum is that it be a geological feature with steep sides that dominates a surrounding area - so Mount Wycheproof qualifies in those respects."

      Oh yes. Aussies seem to have made a mountain out of a molehill.

      2 0 Reply
  3. stratcat

    Whycheproof...

    ... where the freight trains run down the middle of the main street.

    (There's probably an analogy there with some tech companies)

    I've spent a fair bit of time there over the years; not the world's most exciting place other than the train line and the mountain. The new bakery is good though.

    3 0 Reply
    1. tiggity Silver badge
      Reply Icon

      Try Gib.

      As well as a nice mini mountain, airport runway runs down the main street!

      0 0 Reply
  4. John Smith 19 Gold badge
    Go

    They may sound like modest goals

    But they're a start.

    I'd like to think crypto implementors will study the tests and use them as a guide to make better stuff from the ground up.

    Crypto is probably the smallest, but most demanding, software most people will ever be asked to implement, and in truth most smart people would prefer to not have to in the first place.

    But sometimes you simply have no choice.

    0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like