There's been a lot of hand-wringing about the current state of cryptography lately.
We've had two publicly disclosed bugs that rendered widely used cryptosystems ineffective in some cases. One was Apple's "goto fail" bug in iOS, which could allow an attacker to intercept all traffic in what the user thought was a secure session. The other was the "Heartbleed" bug in OpenSSL which allowed the compromised of data in memory of an SSL server, including private keys.
Both of these were caused by fairly simple coding errors, one in a closed source system (iOS) and one in a widely used piece of open source software (Open SSL).
In addition, the increasing suspicion that the NSA has worked to weaken certain cryptographic algorithms to make their signals intelligence mission easier has increased the mistrust around standard algorithms and implementations as well.
In advising us not to invent things, Steve writes:
This oldest piece of advice on the subject is still sound; everyone who teaches or writes on the subject will repeat it. Never invent your own primitives or protocols. Cryptographic protocols are fiendishly difficult to get right; even pros often get them wrong. Encryption algorithms are even harder to design. It's certainly true that there have been very few known attacks on bad crypto by hackers not working for a major government. But "few" is not the same as "none"—think of WEP—and many commercial sites have been targeted by governments. Besides, many crypto attacks are silent; the victims may never know what happened.
Schneier has been fielding press inquiries about rumors that Al Quaeda has responded to the Snowden revelations by using new cryptography software. Most want to know how that will adversely affect US intelligence efforts.
I think the reverse is true. I think this will help US intelligence efforts. Cryptography is hard, and the odds that a home-brew encryption product is better than a well-studied open-source tool is slight. Last fall, Matt Blaze said to me that he thought that the Snowden documents will usher in a new dark age of cryptography, as people abandon good algorithms and software for snake oil of their own devising. My guess is that this an example of that.
If you're thinking of rolling your own, don't bother. You might as well just send your stuff in the clear.
About Andy Sherman
Andy Sherman, Eden Technologies’ security practice lead has a PhD in physics from Rensselaer Polytechnic Institute and started his career in the academic world. He then went to AT&T Bell Laboratories where he discovered the power – and hazards – of large distributed computer networks. It was also at Bell Labs, during the early days of the Internet, that Andy became interested in the security problems associated with public networks. From Bell Labs Andy moved to the financial services industry. There he worked on a large range of infrastructure design, deployment, and management projects, but is best known for his 15+ years in information and technology security.