[VIDEO] SSL 3.0 Co-Author Laments on What is Wrong and What is Right with SSL

Cryptography today is as necessary as ever and Paul Kocher, co-author of the SSL 3.0 specification compares it to bricks in a building, in that that it is a foundational technology.

“I started my careers working on protocols like SSL 3 and had this sort of naive optimism that if we got the protocols and the math right, the security would follow from there,” Kocher said. “Then I spent a lot of time looking at software security, and realized that software developers are never going to get it right and the whole architectures that we’ve got are screwed up.”

There are 100 million lines of code in some architectures, he added, and a line of buggy code can compromise the whole system. Kocher is now more focused on hardware cores that can perform specific security operations independent of the software.

“You can view this as failure,” he said. “I’ve given up on trying to solve the big problem and am trying to find little problems where we can be successful.”

Read the full story at eSecurityPlanet:
SSL Co-Author Reflects on Crypto Success and Failure

Sean Michael Kerner is a senior editor at InternetNews.com, the news service of the IT Business Edge Network, the network for technology professionals Follow him on Twitter @TechJournalist.

News Around the Web