Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
[Web Feed] The mantra “don’t roll your own crypto” is widely known and accepted amongst ...
0 views
Skip to first unread message
Feed Supplier
Apr 30, 2021, 5:36:07 PM4/30/21
to
..programmers, but what does it actually mean? It turns out
The mantra “don’t roll your own crypto” is widely known and accepted amongst programmers, but what does it actually mean? It turns out that such a simple statement is not so simple to follow.
What many people take away from “don’t roll your own crypto” is that they shouldn’t create their own _crypto algorithms_. This makes sense. After all, most people wouldn’t even know where to start. So, instead of making up an algorithm when they need to encrypt data, an engineer might take on OpenSSL or BouncyCastle as a dependency and pat themselves on the back for using a well-established scheme. What they might not realize is that the algorithms themselves are the first in a series of traps, each of which can have catastrophic effects on the outcomes of cryptography use.
Link 1
Actually, You Are Rolling Your Own Crypto - Galois, Inc.: https://galois.com/blog/2021/03/actually-you-are-rolling-your-own-crypto
The mantra “don’t roll your own crypto” is widely known and accepted amongst programmers, but what does it actually mean? It turns out that such a simple statement is not so simple to follow.
What many people take away from “don’t roll your own crypto” is that they shouldn’t create their own _crypto algorithms_. This makes sense. After all, most people wouldn’t even know where to start. So, instead of making up an algorithm when they need to encrypt data, an engineer might take on OpenSSL or BouncyCastle as a dependency and pat themselves on the back for using a well-established scheme. What they might not realize is that the algorithms themselves are the first in a series of traps, each of which can have catastrophic effects on the outcomes of cryptography use.
Link 1
Actually, You Are Rolling Your Own Crypto - Galois, Inc.: https://galois.com/blog/2021/03/actually-you-are-rolling-your-own-crypto
0 new messages