The real problem is the lack of a REAL crypto API which does not suck as an interface for security and with which, <b>using default parameters</b>, you get good security. That is the problem. All the ones I know are too low level.
That is an engineering problem: there are the pieces but there is no real engine.
But this is my biased and humble opinion after using OpenSSL.
I am not advocating a 'just works one way' API. I am asking for a real engineering effort to create a 'dumb people can use this safely as long as they follow the simple instructions'.
If you (developer) need to know why encrypt+mac != mac+encrypt, then the security engineers have not done their job. If you need to know the difference between ECB and CBC, the security engineers have not done their job. If you need to know about the IV in AES, then ... (just repeat).
That is an engineering problem: there are the pieces but there is no real engine.
But this is my biased and humble opinion after using OpenSSL.
I am not advocating a 'just works one way' API. I am asking for a real engineering effort to create a 'dumb people can use this safely as long as they follow the simple instructions'.
If you (developer) need to know why encrypt+mac != mac+encrypt, then the security engineers have not done their job. If you need to know the difference between ECB and CBC, the security engineers have not done their job. If you need to know about the IV in AES, then ... (just repeat).