top

Google WycheProof Project - Finding Weaknesses and Bugs in Cryptographic Algorithms

Google recently launched WycheProof project, a collection of unit cases to detect weaknesses and behavior in cryptographic algorithms. Google has determined that any mistake in these algorithms will always lead to catastrophic consequences. Many times these cryptographic algorithms with mistakes remains undetected. To cure this disease cryptographers at Google have made several implementations. In Google Official Blog, “Project Wycheproof provides tests for most cryptographic algorithms, including RSA, elliptic curve crypto, and authenticated encryption.” Google has already developed 80 test cases to check the weakness in cryptographic software libraries. These test cases have already uncovered more than 40 security bugs, as mentioned in its official blog. Since Java is having the most common cryptographic interface they have taken Java for its first set of tests. With the single set of the test suite, multiple providers can be tested. Google has also mentioned that it's WycheProof project is not completed. Since WycheProof is still in development stage completely relying on its test cases will not help. Passing the test cases does not mean that the algorithms are completely secured. It's just an assurance that the algorithm is not vulnerable to the attacks. Cryptographers at Google are working on finding different weaknesses and unknown bugs, which are still troubling the library users.  
Rated 4.0/5 based on 20 customer reviews
Normal Mode Dark Mode

Google WycheProof Project - Finding Weaknesses and Bugs in Cryptographic Algorithms

Thomas Perez
What's New
20th Dec, 2016
Google WycheProof Project - Finding Weaknesses and Bugs in Cryptographic Algorithms

Google recently launched WycheProof project, a collection of unit cases to detect weaknesses and behavior in cryptographic algorithms. Google has determined that any mistake in these algorithms will always lead to catastrophic consequences. Many times these cryptographic algorithms with mistakes remains undetected. To cure this disease cryptographers at Google have made several implementations.

In Google Official Blog, “Project Wycheproof provides tests for most cryptographic algorithms, including RSA, elliptic curve crypto, and authenticated encryption.”

Google has already developed 80 test cases to check the weakness in cryptographic software libraries. These test cases have already uncovered more than 40 security bugs, as mentioned in its official blog.

Since Java is having the most common cryptographic interface they have taken Java for its first set of tests. With the single set of the test suite, multiple providers can be tested. Google has also mentioned that it's WycheProof project is not completed. Since WycheProof is still in development stage completely relying on its test cases will not help. Passing the test cases does not mean that the algorithms are completely secured. It's just an assurance that the algorithm is not vulnerable to the attacks. Cryptographers at Google are working on finding different weaknesses and unknown bugs, which are still troubling the library users.  

Thomas

Thomas Perez

Blog Author
Thomas is a Python evangelist and a programming ninja. Ask him about: open-source software, code-readability and functional programming.
Website : https://www.zeolearn.com

Leave a Reply

Your email address will not be published. Required fields are marked *

SUBSCRIBE OUR BLOG

Follow Us On

Share on

other Blogs

20% Discount