Lessons From Two Years of Crypto Audits

Conference:  BlackHat USA 2019



The presentation discusses the process of conducting crypto audits and the importance of having language knowledge and clear communication with the customer.
  • Crypto audits involve reviewing code to find any issues, not just purely crypto bugs
  • Language knowledge is important for conducting effective audits
  • Clear communication with the customer is necessary to understand their threat model and critical components
  • Counting lines of code can provide a rough estimate of time and cost
  • Finding bugs in code is not limited to those with formal education in crypto or security
The speaker mentions being impressed by developers who have no formal education in crypto but are still able to write complex cryptographic code. They also discuss finding bugs in code that are not purely crypto-related, such as a buffer corruption issue.


Over the last two years, we've completed many successful crypto audits. These audits consisted of mostly paid engagements but also unsolicited ones, as well with a mixture of blockchain projects as well as good old cryptography. We've worked for major blockchain organizations and have seen the most complex crypto protocols ever deployed at scale, which is really exciting but at the same time terrifying—what if there's a critical bug that could compromise the entire network? What if we as security auditors miss something? Questions like these loom over anyone performing an audit. There is no shortage of places things can go wrong, bugs in source code, protocol defects, incorrect implementations, and the list goes on.In this talk we'll first describe some of the most interesting security issues we've found (at least the ones we're authorized to talk about), then we'll focus on the risks associated with one of the most popular memory-safe languages, namely Rust. We'll describe a list of sanity checks and security best practices that we use internally when auditing Rust code, along with examples from real Rust audits. Finally, we'll draw some lessons from our experience, providing advice to fellow security auditors and developers, to get the most out of a security audit.