Don’t Roll Your Own Crypto
Understand the critical risks of developing your own cryptography and the benefits of relying on proven cryptographic libraries. Explore common attack models and why sound cryptographic practices help build more secure systems.
We'll cover the following...
Bugs in the crypto can have a huge impact
Writing cryptography software isn’t like writing regular software. When writing regular software, little bugs tend to have little impacts. If you have an off-by-one bug, you could expect a small bug, for example, omitting one result on a search page. If you forget to check for null references, maybe a program crashes. But with cryptography, a small mistake may leave you with a system that encrypts and decrypts correctly for well-intentioned inputs but fails entirely when faced with malicious input.
The developer needs to either rediscover the entire field from scratch or subject the code to the scrutiny of others ...