OpenSSL To Undergo Massive Security Audit

rjmarvin writes Now that its codebase is finally viewed as stable, OpenSSL is getting a good top-to-bottom once-over in the form of a sweeping audit. As part of the Linux Foundation's Core Infrastructure Initiative, the foundation and the Open Crypto Audit Project are sponsoring and organizing what may arguably be the highest-profile audit of a piece of open-source software in history. The audit itself will be conducted by the information assurance organization NCC Group, and its security research arm, Cryptography Services, will carry out the code review of OpenSSL's 447,247 line codebase over the next several months.

Must be designed secure - not "coded"

[cjonslashdot]

Code cannot be claimed to be secure unless it has been designed with secure design patterns - patterns for which there is an "assurance argument". If the code was "coded" instead of designed, then there is no hope of creating assurance arguments after the fact. In that case, the audit will be very difficult and untrustworthy.

Re:Must be designed secure - not "coded"

[ezdiy]

For what it's worth, NCC is not some self-appointed security snake oils but industry behemot who actually does software assurance. They harbor a lot of auditing talent (iSEC partners from top of my head).

Conversely, your nirvana fallacy does not hold up. OpenBSD was "designed" to be secure, just to become a laughing stock for reasons you outlined. All code without formal proof (ie all of systems code written in C) is potentially vulnerable no matter what. All you can do is throw best auditing talent at it and hope for the best.

Re:Must be designed secure - not "coded"

[nightsky30]

Couldn't the first step be libreSSL? They cleaned out a ton of junk and applied some uniform coding standards. That would be much easier to audit, and a much sounder base.

Re:Must be designed secure - not "coded"

[arglebargle_xiv]

Couldn't the first step be libreSSL? They cleaned out a ton of junk and applied some uniform coding standards. That would be much easier to audit, and a much sounder base. Flag as Inappropriate

Exactly (no mod points left, sorry). Auditing OpenSSL makes about as much sense as auditing Windows 95, we already know it's broken beyond repair, and any further effort expended on it is just throwing good money after bad. Focus on something that's worth going with, like LibreSSL, or something that was never OpenSSL to begin with.

I'm gonna FREAK!

Seems a bit late... Should have started the audit soon after the Heartbleed bug was found, not 11 months later.

Re:I'm gonna FREAK!

[ralphsiegler]

A team with leadship in the realm of secure software already did that, starting about 11 months ago. The OpenSSL code didn't just need audited, it need large swaths of code thrown in the trash, and code refactored for security, readability, and ease of debugging. And fixes made. Which is being done. http://www.libressl.org/

Re:I'm gonna FREAK!

[ShanghaiBill]

Seems a bit late... Should have started the audit soon after the Heartbleed bug was found, not 11 months later.

They were waiting for the NSA to approve the funding.

Re:I'm gonna FREAK!

[Noryungi]

Oh, really? A trainwreck?

Explain this, then: [Source is here]

The following CVEs were fixed in earlier LibreSSL releases:
              CVE-2015-0206 - Memory leak handling repeated DLTS records
              CVE-2014-3510 - Flaw handling DTLS anonymous EC(DH) ciphersuites.

            The following CVEs did not apply to LibreSSL:
              CVE-2014-3571 - DTLS segmentation fault in dtls1_get_record
              CVE-2014-3569 - no-ssl3 configuration sets method to NULL
              CVE-2015-0204 - RSA silently downgrades to EXPORT_RSA

Let's see... 5 CVE were either fixed in LibreSSL or did not apply to it. That's not too bad for a "trainwreck".

And what about that little dig at NetBSD? Hmmmm... You mean some people take stuff from OpenBSD and make it less secure? The plot thickens.

Oh, and by the way, that OpenSSH thingie? Yup, it came from the last "open source" version of SSH, the commercial software. In other words, OpenBSD devs took something already existing and made it better. Hmmm... I think you just don't know what you are talking about...

Listen, you can find OpenBSD programmers annoying and even call them "masturbating monkeys", but they know their stuff. Period. Calling what they do a "trainwreck" is hyperbole at best and just plain untrue at worst.

This being said, to get back on topic, auditing OpenSSL is not a bad idea. Far from it.

Que 1000 posts fundraising for openbsd

[rahvin112]

Better get ready for 1000 posts Fundraising for OpenBSD with the LibreSSL project.

Just remember, every dollar you donate for LibreSSL is not guaranteed to be spent on it, it goes into the general fund for OpenBSD.

Re:Que 1000 posts fundraising for openbsd

[rubycodez]

Are you claiming the misrepresent where funding goes on the LibreSSL site?

"LibreSSL is supported financially by the OpenBSD Foundation and the OpenBSD Project. Please consider helping our efforts.

OpenBSD team still lightyears ahead getting the bad code out of openssl; this "audit" will not do as well as they have already done

Not the time...

[x0ra]

Why bother with a security audit of the whole OpenSSL as-is, right here, right now, when the LibreSSL fork has been doing a lot of work removing years of unmaintained cruft (cf. http://en.wikipedia.org/wiki/L...) ? It seems to be an exercise in futility... I also wonder why get the job to a private company, which would certainly result in very bad transparency, when they could just launch a bounty program rewarding exploits & bug findings ?!?

Re:Not the time...

[Noryungi]

LibreSSL is a great project, but they ripped out portability along the way.

Excuse me??!! Just like OpenSSH, they release a portable version, and the official release note says:

This release also includes a binary package for convenience integrating LibreSSL on Windows platforms, and the latest source tarball is signed with GPG and signify for easier integration into existing build systems.

We are talking about Windows, here... Sure, if you are into Windows 3.11 and VMS, LibreSSL is less portable than OpenSSL. But seriously, who even uses these two anymore??!!

OK, I'll grant you that LibreSSL is not a complete replacement for OpenSSL just yet. OpenBSD devs prefer working on their favourite OS, and I can't blame them. This being said, I would not be surprised if, in a couple of years, the rest of the world has switched to LibreSSL and forgotten the older version -- just take a look at OpenSSH... ;-)

In Related News...

[Bob9113]

NCC Group, and its security research arm, Cryptography Services, will carry out the code review

In related news, NCC Group today received 37 applications from extraordinary qualified candidates, all of whom -- by some extraordinary coincidence -- live in Langley, VA.

For those that don't want to wait a year:

[slashdice]

you can wait a year for their results or just use libressl today. They've already identified, deleted, and/or fixed hundreds of bugs.

OpenSSL Valhalla Rampage blog

[thatseattleguy]

Perhaps here is a good place to mention that you could learn more about real-world security auditing and code hardening by reading the LibreSSL developer's comment log here, billed as "Tearing apart OpenSSL, one arcane VMS hack at a time."

.
It's also one of the funniest developer-centric things I've ever read - no holds barred for these guys in their contempt of the code they're ripping to shreds. Win/win.

Re:It is too much code to secure.

[Marginal+Coward]

I don't think it is possible to secure 447,247 lines of code. I thought there was a chance before I saw that number.

Here's the best part: they can audit the security of nearly a half a million lines of code in "several months".