Cryptographic Backdooring presented at NoSuchCon 2014

by Jean-Philippe Aumasson,

Summary : We describe the different classes of cryptographic backdoors, which depend on where sabotage occurs in the cryptographic supply-chain. We characterize and categorize backdoors, in terms of discoverability, detectability, and exploitability, and propose semi-formal definitions in order to encourage a more rigorous study of malicious cryptography.
Several examples are discussed, from straightforward coding backdoors to Dual_EC or the recent sabotaged SHA-1 instances.
Jean-Philippe (JP) Aumasson is Principal Cryptographer at Kudelski Security, in Switzerland. He is known for designing the cryptographic functions BLAKE, BLAKE2, SipHash, and NORX. He has spoken at conferences such as Black Hat and CCC, and initiated the Crypto Coding Standard and the Password Hashing Competition projects. He is member of the technical advisory board of the Open Crypto Audit Project. JP tweets as @veorq.