Lessons From Two Years of Crypto Audits presented at BlackHatUSA2019 2019

by Jean-Philippe Aumasson,

Summary : Over the last two years, we've completed many successful crypto audits. These audits consisted of mostly paid engagements but also unsolicited ones, as well with a mixture of blockchain projects as well as good old cryptography. We've worked for major blockchain organizations and have seen the most complex crypto protocols ever deployed at scale, which is really exciting but at the same time terrifying—what if there's a critical bug that could compromise the entire network? What if we as security auditors miss something? Questions like these loom over anyone performing an audit. There is no shortage of places things can go wrong, bugs in source code, protocol defects, incorrect implementations, and the list goes on.In this talk we'll first describe some of the most interesting security issues we've found (at least the ones we're authorized to talk about), then we'll focus on the risks associated with one of the most popular memory-safe languages, namely Rust. We'll describe a list of sanity checks and security best practices that we use internally when auditing Rust code, along with examples from real Rust audits. Finally, we'll draw some lessons from our experience, providing advice to fellow security auditors and developers, to get the most out of a security audit.