1

I get that people don't want to encourage other people to implement their own algorithms/implementations of algorithms due to safety issues. But on the other hand, questions about creating your own implementation are "shut down" immediately with the words " the first problem is: you are implementing it yourself". How can one be able to learn more about security if not implementing such things himself and learning from his faults?!

Am I missing a point in this whole "you should not create your own implementation of an existing security algorithm"?

schroeder
  • 125,553
  • 55
  • 289
  • 326
  • It is nothing really wrong to play around with own algorithms in order to learn. But usually the OP asking these question to not state explicitly that this is just for playing around and that they would never would use it in production anyway - which then results in the reaction you describe (*don't roll your own*). *" How can one be able to learn more about security if not implementing such things himself and learning from his faults ?!"* - First learn the design decisions behind existing systems and why they work like this and then maybe try own ideas in order to not fail immediately. – Steffen Ullrich Jun 30 '18 at 13:50
  • 2
    _How can one be able to learn more about security if not implementing such things himself and learning from his faults_ Get a PhD in cryptography first. Read and understand all the seminal works of famous cryptographers like McElice, Shamir, Bernstein, Preneel, Diffie, etc. Otherwise you won't even _know_ what faults you have in order to learn from them. It's not like software development where "it works" means you did it more or less right. – forest Jun 30 '18 at 20:17
  • @forest Generally a good idea yes but what about people that want to get into cryptography and want to understand the basic concepts before making it a 3 year commitment – user4139197 Jun 30 '18 at 20:19
  • 1
    @user4139197 Only 3 years? You're looking at 10 or 20 years if you actually want to develop and implement your own algorithms. I'm not exaggerating. You can learn some basics of cryptography by reading various books or taking classes, but those will absolutely not teach you enough to create your own algorithms. You can learn what block modes are safe and in what circumstances (where to use GCM, CBC, etc), or you can learn the different types of ciphers (SPN, ARX, Feistel, Lai-Massey, etc), but you still won't be able to create your own. Also, check out [crypto.se]. – forest Jun 30 '18 at 20:20
  • @user4139197 "*Security*" algorithm or "*Cryptographic*" algorithm? There is a massive difference between the two. – schroeder Jul 02 '18 at 08:19
  • Cryptographic development in a programming language != software development. You cannot use the learning methods in the latter as a learning path in the former. – schroeder Jul 02 '18 at 08:23

2 Answers2

2

No, it doesn't matter. Every algorithm we use today was implemented by someone and then became a standard. The reason why it's not used as a practice is:

  1. Security. A new method of hashing/encrypting/whatever needs a lot of time in order to be tested thoroughly, or even be further developed. It's not safe to launch something new in an instance if you cannot prove its safety against cryptanalysis.
  2. Compatibility. Suppose you are a company owning credit/debit information and you co-operate with bank systems or governance infrastructures through DMZ's and other sort of mechanisms like this. Your way of hashing/encrypting/whatever information is totally different than the one used by the rest of the world, thus making information exchange very difficult when/where needed.

There are a lot of awesome, new, fast and impenetrable algorithms out there, developed by companies, organizations, PhD's, hoping they will become a standard one day. But since all of our infrastructures today are based in things that are proven to work, going the other way is a risk you take on your back, all by yourself.

Chris Tsiakoulas
  • 1,757
  • 1
  • 10
  • 9
0

How can one be able to learn more about security if not implementing such things himself and learning from his faults ?!

Of course trying to implement it is a good way to learn, but only if you confront it to test and inspection by experts and state it as such, without trying actually using it in production.

The big problem here is that the "learning experience" may happen only after you got succesfully attacked. (you may believe you have learned something whilst you just learned to create big security holes for your company)

A lot of people may simply not realize that they are the umpteenth clever guy thinking "hey, I should implement this algorithm, I will learn and then I'll have some nice functions to reuse, it's much more simple than adding those big libraries that seem too complicated for what I want".

In a general manner, "reinventing the wheel" is interesting as a learning experience, as long as it stays in sandbox, and/or is reviewed by experts as much as what is at stake requires.

If you implement a sort algorithm a bit badly, then what you mostly risk is having a created a poor performance app or even you might have a bug that lead to a security issue. (Note that the performance issue could be catastrophic if your customer depend on it, maybe even as much as a security breach could be)

If you implement a cryptographic algorithm badly then you probably will have a security breach. And people doing this individually have a very hig probability of implementing crypto badly. And this is often very problematic for any customer (and yourself)

TLDR;

Using your sandbox crypto toys in the real professional world could have very nasty consequences for your customers.

Yes you can learn from it, but it's better to warn everyone that seem uninformed that you should not play with crypto in production.

Pacopaco
  • 103
  • 4