The Cult of Schneier

By John Viega
January 12, 2009 | Comments: 7

There's no doubt who the world's leading IT security expert is, Bruce Schneier. Sure, Bruce Schneier may not be a household name on the lips of every man woman and child, but he's certainly far better known than anyone else in the field.

Bruce definitely deserves the recognition. He's been, by far, the most prolific security pundit out there, since he started his Crypto-Gram mailing list in 1998, which he has since supplemented with a very popular blog. He's written some great books on the security industry that are accessible to a mass-market (meaning normal people can easily read them), such as Secrets and Lies. He comments on most things that happen in the IT Security field, and he's usually spot on... over the years, there have only been a few issues where I've personally disagreed with his stance.

Bruce has had rock star status among geeks ever since he wrote Applied Cryptography, which is still one of the best selling IT books out there. Undoubtedly, it is the #1 IT Security book of all time. Even though the 2nd edition of the book came out in 1996 and hasn't been updated since, it is still in print, still a strong seller.

Personally, I'm quite grateful to Bruce. I believe the foreword he wrote for my first book in early 2001 (Building Secure Software, co-authored with Gary McGraw) helped bring a lot of attention to us, the book and maybe even the fledgling software security space (which really was only the bugtraq mailing list at the time).

Because Bruce is the most quoted expert in the space and has been so right so often, and because lots of geeks thought Applied Cryptography was so cool (many call it "the crypto bible"), geeks usually treat him with reverence. If Bruce issues an opinion, you'd think that Moses had brought down another commandment off Mt. Sinai.

Though I'd like to see more people thinking for themselves, I suppose there's not much wrong with joining the Cult of Schneier, putting the guy on a pedestal and assuming all of his opinions on security matters are valid. Like I said, he's earned his reputation as IT Security's top pundit.

However, like any good religion based on written texts, there are differences in interpreting the holy word.

But, after many years of evaluating the security of software systems, I'm incredibly down on using the book that made Bruce famous when designing the cryptographic aspects of a system. In fact, I can safely say I have never seen a secure system come out the other end, when that is the primary source for the crypto design. And I don't mean that people forget about the buffer overflows. I mean, the crypto is crappy.

My rule for software development teams is simple: Don't use Applied Cryptography in your system design. It's fine and fun to read it, just don't build from it.

Orthodox members of the Cult of Schneier take this rule as heresy. By orthodox, I mean the generally accepted, most popular belief. But in the introduction to Bruce Schneier's book, Practical Cryptography, he himself says that the world is filled with broken systems built from his earlier book. In fact, he wrote Practical Cryptography in hopes of rectifying the problem.

So even though I'm in the minority of Schneierists, I think my position is well supported by scripture.

I'm sure there are many brainwashed orthodox cult members out there, that are wondering how this could be possible.

Giving Bruce's book to a developer is like giving an average adult a huge toolbox with a large variety of tools, along with an instruction manual for everything in the tool box, then having them build a house. They get lots of varieties of hammers, screwdrivers and so on. They get lots of different types of nails and screws. They get detailed information about how to use all the pieces. But there's no overall guidance on homebuilding. How do you make a roof that doesn't leak? How to you put in windows and doors, and do all the insulation? The toolbox and manual is probably enough so that a person could actually build something that resembles a house, but it is almost certainly not going to be of high enough quality to keep out the rain and elements in the way would typically expect.

The book talks about the fundamental building blocks of cryptography, but there is no guidance on things like, putting together all the pieces to create a secure, authenticated connection between two parties.

Plus, in the nearly 13 years since the book was last revised, our understanding of cryptography has changed greatly. There are things in it that were thought to be true at the time that turned out to be very false (for instance, MD5 was considered very strong at the time, but is now known to be insecure for many uses. Also, the book recommends that, for message integrity, you use CBC mode and use a non-cryptographic checksum over the plaintext as the last block of plaintext. This is now known to be insecure, even if it was presumed secure at the time).

Because of that 13 year gap, there are also lots of things that a developer should know about, but couldn't be mentioned. For instance, there is nothing on the SSL/TLS protocol, or the HTTPS protocol. Any good book covering how to build a practical secure system easily should be covering how to use these things correctly (hint: it's not as easy as it sounds).

For those who are interested in crypto gobbledygook, what set me off on this rant was seeing yet another system that encrypts without message authentication. The system authors were proud that they were using the CBC encryption mode instead of ECB mode, because there would have been easy attacks against ECB mode. Except that, there are easy attacks against CBC mode too, when as is almost always the case, you care about your message staying intact. Applied Cryptography predates work on encryption modes that offer both confidentiality and message authentication by several years, and predates NIST standards for CCM and GCM modes (which I co-authored w/ David McGrew) by about a decade. And even if a developer does pick one of these superior modes, they're very easy to use wrong.

I'd like to make a plea for Schneierists to not accept every word Bruce Schneier has written as utterly factual (even though he does totally rock). Maybe, once in a very long while, the guy can be expressing an opinion! Or maybe, he might even be wrong every decade or so. And, most importantly, if he's right today, it doesn't always make the same words right tomorrow.

If you want to complain or discuss, feel free to message me on twitter, @viega.

You might also be interested in:


I think things like this have almost as much to do with inertia as religion. History inside and outside of tech is replete with "common knowledge", holy commandments, and cargo-cult practices that are anachronisms, special cases that escaped their intended context, or just plain wrong (I'm still guilty of 'sync sync sync reboot').

If there's a well-documented, respected source for such things, it doesn't create a wholly unique problem, it just magnifies it.

But I suppose there's always the minority that has to idolize certain things... (emacs sucks, vi rules!)

I don't think Schneier would recommend use of "Applied Cryptography" in that way either. He's repeatedly warned that cryptography is almost never the problem with systems, that using cryptography that someone else has designed is much safer than designing it yourself.


1) In many respects, it's easier to get the crypto right than all the other security concerns (by using off-the-shelf components and using them correctly).
2) The crypto is still very often bad. Lots of people like to build it themselves, and then a lot of people don't use the components properly (like SSL).

Ross Anderson can give Bruce a run for his money. Just sayin'

Bruce Schneier agrees! And links back to this article :D See his blog post of Sept. 3

Wow, I haven't learned anything here. Congrats to you for dribbling out a pointless essay and Congrats to Bruce for linking to it.

Bruce Schneier? Really? Isn't that kind of like looking to Daikatana for video game design inspiration? I mean, respect to Bruce and all, but security software has come a long way, and more often than not, we see these old innovators just unable or unwilling to keep up...he seems to fall into the former, for better or worse.

News Topics

Recommended for You

Got a Question?