5

Related: What is the lowest level of mathematics required in order to understand how encryption algorithms work? and Recommended skills for a job in cryptology

In the context of putting crypto into applications, in a secure manner, could it be argued to achieve this (securely implementing a crypto system) you would require a thorough and rigorous understanding of the mathematics behind the crypto system?

Or, could it be said that this is more a matter of understanding how to code securely, as the cryptographic primitives themselves can already be securely implemented via libraries such as NaCl?

Edit: I realized the obvious, and in fact necessary, extension to this question. Reversing the goal, what level of mathematics would be required to break a crypto-system? On the one hand, heartbleed seemed to be a break in a crytpo-system but was in fact entirely based in (poor) code. On the other, the BREACH and CRIME compression side-channel attacks were very much discovered in the literature first. Am i answering my own question there?

Community
  • 1
AlexH
  • 151
  • 3

1 Answers1

4

I would say there are three general areas of necessary expertise for most crypto-related jobs:

  • Knowledge of primitives and their use cases.
  • Knowledge of protocols and understanding how to reason about their security.
  • Deep and abiding understanding of how incredibly stupid people are, including oneself.

The most that knowing the math is going to do for you practically, unless you are in academia/the NSA designing algorithms, is tell you "time to stop using RSA" on the day that you hear that there is a polynomial time factoring algorithm.

fluffy
  • 41
  • 1