GNU Consensus Marker: BADCRYPT

GNU/consensus/markers are used to indicate existing or potential issues that need to be addressed. Interested contributors can access a description of the problem, current issues, and related developer discussion.

The BADCRYPT marker indicates that the system is using insecure or suspect cryptographic primitives, or demonstrates improper implementation of cryptography. Such systems can be compromised by an attacker who knows how to nullify the cipher. For example, the NSA introduced weak cryptography into NIST standards using magic numbers that would allow them to decipher the ciphertext: Dual EC DRBG. Other cases include wrong implementation of cryptography, for example reliance on weak random number generators, or reuse of random seeds.

Usage

Use all-caps!

{{BADCRYPT}} will link to an #BADCRYPT section in the same page.

{{BADCRYPT PageName}} will link to a specific page detailing the issue.

The BADCRYPT section or page can be created using a form. (TODO: add link to this form)

Example

List of Pages with the BADCRYPT Marker

See a list of all pages marked with BADCRYPT.

BADCRYPT

Example section for the example. This section would:

• describe the problem
• describe what the project is doing to address it
• list issues related to this problem
• link to developer discussion about it