10 Guidelines and common pitfalls for cryptographic implementations
This chapter covers
- The importance of high-quality randomness
- Padding implementation challenges
- Side-channel attacks and constant-time implementations
- The dangers of intermingling control flow and secret values
- The importance of memory-safety and type-safety
- Understanding vulnerabilities associated with a lack of atomicity
This is the last chapter in this book. The previous chapters covered how specific algorithms are used to achieve the goals of confidentiality, integrity and authenticity, and how attackers exploited certain weaknesses to circumvent those goals. In this chapter, we take a step back and examine a general view of what makes cryptographic implementations fail and the common approaches and best practices for avoiding those pitfalls.
10.1 A brief recap of attacks from previous chapters
Before we generalize the lessons, let’s revisit the vulnerabilities and attacks we have implemented over the course of this book.