Evaluating Crypto Libraries Without Being a Crypto Expert

So now we’ve ruled out low-level crypto libraries. What should we use instead? High-level crypto libraries with secure defaults written by experts.

But how do we know experts when we see them? Evaluating people based on skills we don’t have ourselves is a tough problem with no great solution. We encounter it in other parts of our life. How do we evaluate doctors, mechanics, lawyers, plumbers, and other specialists with skills we don’t have? We tend to use a few techniques. We can look for professionals with certifications. Sometimes we can look for professionals who have written helpful books, articles, or blog posts. We ask our friends or look to the wisdom of crowds and check ratings online.

When we apply any of these, we find folks like Bernstein and Lange (authors of NaCl) and Bleichenbacher and Duong (authors of Tink) pass with flying colors. But since we’re in cryptography, we have one more technique we can bring to bear. When we evaluate a library, we can look at the track record of its authors. What have they broken? What have they built and how has ...