FAQ

What is this "Cryptography Coding Standard"?

The Cryptography Coding Standard (CCS) is a set of coding rules to prevent the most common weaknesses in software cryptographic implementations. Many rules are agnostic of any programming language, but some are focused on lower-level languages (e.g. C).

CCS was first presented and discussed at the Internet crypto workshop on Jan 23, 2013 (our slides are available). The idea of CCS was inspired by the Penetration Testing Execution Standard.

If I follow these rules, will my implementation be secure?

It depends. Generally, the CCS rules are neither necessary nor sufficient; they are good practice recommendations, and are unlikely to make your program less secure. Your following of the rules should be guided by your threat model and the platforms on which your code is executed. However if you're not sure whether a particular rule is necessary, better err on the safe side.

What about attacks like DPA, EMA, fault attacks?

Side-channel attacks like differential power analysis (DPA), electromagnetic analysis (EMA), or fault attacks are powerful physical attacks on cryptographic implementations, mainly on embedded software such as smartcards. Mitigating these attacks often requires a combination of specific countermeasures at the algorithmic level, code level, and hardware level. These attacks are thus (mostly) out of the CCS scope.

Who is involved with this standard?

CCS is maintained by a group of experienced cryptographers and software engineers from academia and industry. Contributors so far include:

• Jean-Philippe Aumasson, Kudelski Security
• Tanja Lange, Eindhoven University of Technology
• Nick Mathewson, Tor Project
• Samuel Neves, University of Coimbra
• Diego F. Aranha, University of Brasília

The CCS logo was created by Nojhan.