Google Unveils Cryptographic Library Test Suite Wycheproof

Google on Monday announced Project Wycheproof, a collection of unit tests designed to help check for weaknesses in cryptographic algorithms.

Google continues to be in a giving mood this holiday season.

The company on Monday announced Project Wycheproof, a collection of unit tests designed to help check for weaknesses in cryptographic algorithms. The project comes two weeks after Google debuted a fuzzer to help developers discover programming errors in open source software.

Engineers behind Project Wycheproof admit the first set of tests, which are written in Java, are low level, but claim the test suite can allow developers to check their cryptographic software libraries against known attacks.

Daniel Bleichenbacher and Thai Duong, security engineers with Google, announced the test suite – named after Australia’s Mount Wycheproof, the smallest mountain in the world – in a post Monday on the company’s Security Blog.

“In cryptography, subtle mistakes can have catastrophic consequences, and mistakes in open source cryptographic software libraries repeat too often and remain undiscovered for too long,” the two write, “Good implementation guidelines, however, are hard to come by: understanding how to implement cryptography securely requires digesting decades’ worth of academic literature.”

Like it did with the open source fuzzer, OSS-Fuzz, Google has put all of the code for Wycheproof on GitHub for public perusal.

So far the project has ran over 80 test cases and identified more than 40 bugs, including one particularly troubling sounding issue in which the two say they could recover the private key of DSA and ECDHC, algorithms.

According to a README file published alongside the tests on GitHub, Wycheproof can verify whether algorithms like like RSA, ECDH, and DSA are vulnerable to invalid curve attacks or biased nonces in digital signature schemes, among other tests. Bleichenbacher, a longtime cryptographer, has uncovered a handful of crypto attacks in the past, including a landmark signature forgery attack on RSA in 1998 – the project incorporates tests for those attacks as well.

The duo claims details around some of the bugs they found in algorithms can be viewed on Wytcheproof’s GitHub page but that other details are being held back as they’re being fixed by vendors.

The two are encouraging developers to developers to send them pull requests and use the project but acknowledge it’s no cure all.

“While we are committed to develop as many attacks as possible, Project Wycheproof is by no means complete. Passing the tests does not imply that the library is secure, it just means that it is not vulnerable to the attacks that Project Wycheproof tests for.”

As Bleichenbacher and Duong point out, there’s no shortage of cryptographic protocol weaknesses. Academic papers discussing such vulnerabilities pop up from time to time but the goal of Wycheproof is to spare developers from having to pore over these dense academic texts.

“With Project Wycheproof developers and users now can check their libraries against a large number of known attacks, without having to spend years reading academic papers or become cryptographers themselves,” Bleichenbacher and Duong write.

The project comes about two weeks after OSS-Fuzz, designed to help open source software developers identify bugs in their code, was announced. While that tool is technically still in beta mode, it’s been proficient. The tool had already cranked through four trillion test cases and uncovered 150 bugs in open source projects when it was announced.

Suggested articles