[bkeroack]

I agree that it's hard to get right. On the other hand we should be careful not to completely discourage new crypto tools from being developed. Yes they have to be very carefully written, tested and verified, but let's not perpetuate the myth that only a small cabal of experts are allowed to write crypto software.

[vertex-four]

On the other hand, anyone who does write crypto software must be able to keep up with the research in the field of crypto. Things can't just be tested and verified once - it's a process of constantly testing and verifying against new attacks. You cannot prove that anything is unbreakable, only that it's not subject to known attacks.

The reality is that most developers are not going to be able to spend significant amounts of time paying attention to the research and figuring out how it applies to their code - after all, in most cases, your users don't understand security, and you'll have the constant pressure to add features to your application instead, and honestly, security just isn't that fun for most people that they'd want to spend all their time on it.

[bkeroack]

I can't help but think that the OpenSSL situation would not be so bad if more hackers were encouraged to participate in crypto libs. Even if nobody understands it at first, just going through the source will end up creating more crypto authorities in the community who can fix bugs and create new tools. As opposed to the forbidden black art that crypto is today.

[tptacek]

Horseshit. Anyone can learn cryptography, and anyone (just look at the history of the code) can add code to OpenSSL. The problem is that the parent commenter is correct, and that writing serious crypto code takes a serious research commitment. Nobody wants to do that; they just want to get the "crypto" hooked up to the "web chat" as quickly as they can.

It is frankly exhausting hearing the repetitive drone of people who couldn't exploit a CBC padding oracle if their life depended on it complaining about how crypto is a secret cabal.