Google researchers help developers test cryptographic implementations
Security experts from Google have developed a test suite that allows developers to find weaknesses in their cryptographic libraries and implementations.
The company’s Project Wycheproof, which was released on GitHub, contains more than 80 test cases for widely used cryptographic algorithms, including RSA, AES-GCM, AES-EAX, Diffie-Hellman, Elliptic Curve Diffie-Hellman (ECDH), and the digital signature algorithm (DSA).
Google’s researchers have developed these tests by implementing some of the most common cryptographic attacks. So far, the tests have helped them uncover more than 40 security bugs in cryptographic libraries, and they have been reported to affected vendors.