Premium
This is an archive article published on December 20, 2016

Google Project Wycheproof will test encryption software for vulnerabilities

Google has announced Project Wycheproof, which is a set of security tests to check commonly used encryption software for weaknesses. Google’s series of tests will scan the cryptographic software libraries for issues, according to a blogpost from the company.  Given that encryption and data security have become buzzwords in 2016, Google says its aim is […]

google-preferred-btn
Google, Google Project Wycheproof, Project Wycheproof, Cryptography, Security, Google Encryption test, Google security project, Google security tests, Cryptographic software, technology, technology news Google has announced Project Wycheproof, which is a set of security tests to check commonly used encryption software for weaknesses (Source: AP)

Google has announced Project Wycheproof, which is a set of security tests to check commonly used encryption software for weaknesses. Google’s series of tests will scan the cryptographic software libraries for issues, according to a blogpost from the company.  Given that encryption and data security have become buzzwords in 2016, Google says its aim is to ensure that software engineers can help locate bugs or problems in these programs easily, before they are exploited by cyber-criminals.

Google says it has named the project after Mount Wycheproof, which is the smallest mountain in the world. According to the blog, “The idea is “to have an achievable goal….The smaller the mountain the easier it is to climb it!” So far, Google has come up with 80 test cases; the project has already uncovered 40 security bugs in some of the commonly used encryption software, but not all of these are in open-source. Some of these are currently being fixed by vendors.

The blogpost further explain, “In cryptography, subtle mistakes can have catastrophic consequences, and mistakes in open source cryptographic software libraries repeat too often and remain undiscovered for too long.

The idea with Project Wycheproof is to create a collection of unit tests for known, expected issues that tend to occur in some cryptographic algorithm. Google says its “cryptographers have surveyed the literature and implemented most known attacks,” in order to come up with these tests. Project Wycheproof’s test will work with some of the popular crypto-algorithms, which includes AES-EAX, AES-GCM, DH, DHIES, DSA, ECDH, ECDSA, ECIES and RSA, according to the Github page for the project.

Google’s first set of test for this project are in Java, which according to the company allows them to “test multiple providers with a single test suite.” Google also highlights that the Project is still far from complete, and passing a test doesn’t mean the software is secure. It only means the encryption software is safe from known attacks used in the test; there could still be other unknown weaknesses.

Google is also encouraging developers to contribute to the project.  It also says that if someone discovers a security issue with a known program, they should “first report directly to the maintainers of the libraries.”

 

© IE Online Media Services Pvt Ltd
Latest Comment
Post Comment
Read Comments
Advertisement
Loading Taboola...
Top Stories
indigo
DGCA slaps IndiGo with penalties totalling Rs 22.20 crore for December flight disruptions
AR Rahman
Javed Akhtar says 'no communal element' in AR Rahman not getting work; Shaan says '3 superstars belong to minority communities'
Workforce strategist Amanda Goodall calls HR ‘useless’
‘Remove 90% of HR’: Workforce strategist calls human resources ‘useless’, sparks debate
India vs new Zealand 3rd ODI Indore
India vs New Zealand, 3rd ODI: Will dew in Indore make winning the toss the most important factor?
Indian migrants, Indian migrants in US, Trump administration, MAGA, MAGA attitude to Indian migrants, US economy, Make America Great Again (MAGA), Trump Tariffs, trump tariff impositions, India-US ties, trade war, us trade war, donald trump, reciprocal tariffs, Trump India trade deal, India US tariff cuts, Trump India tariffs announcement, India US trade agreement, Modi Trump trade talks, India US economic relations, India lowers tariffs for US, US India trade negotiations, Trump Modi tariff deal, India US import export policy, Trump on India tariffs, US India business ties, trade war India US, India trade policy changes, India US tariff reduction, Indian express news, current affairs
On two visits to America, I saw MAGA's dangerous attitude to Indian migrants
Live Blog
Advertisement