Summary Software developers often make mistakes when using cryptography in applications, which tends to result in code with dangerous and subtle weaknesses. Some of this can be addressed through training, but should we expect all developers to be cryptography experts? Many developers only know to avoid writing their own ciphers, and rely on one of the many incomplete or incorrect code examples that exist on the internet. To make things worse, most cryptographic libraries in use today are designed to be used by experts and often result in misunderstandings by the average application developer. In this talk we will look at some common cryptography usage errors and why popular libraries often fall short. We will also discuss nuances such as backwards compatibility, FIPS 140-2 validation, and weak standards such as JOSE/JWT that contribute to the overall confusion. Brice will share some advice that you can provide to the development/engineering teams in your organization to not only make their job easier, but also ensure more secure cryptographic implementations. Thank you for watching, subscribing and your support.
Directed : Unknown
Written : Unknown
Stars : Michael Goetzman J. Wolfgang Goerlich John Platais Lesley Carhart
Genres : Documentary
Release date : Aug 16, 2018
Countries of origin : United States
Official sites : CypherCon is a hacker conference emphasizing creativity and ingenuity.
Language : English
Filming locations : 400 W Wisconsin Ave, Milwaukee, Wisconsin, USA
Production companies : Video Workbench Productions
Summary Software developers often make mistakes when using cryptography in applications, which tends to result in code with dangerous and subtle weaknesses. Some of this can be addressed through training, but should we expect all developers to be cryptography experts? Many developers only know to avoid writing their own ciphers, and rely on one of the many incomplete or incorrect code examples that exist on the internet. To make things worse, most cryptographic libraries in use today are designed to be used by experts and often result in misunderstandings by the average application developer. In this talk we will look at some common cryptography usage errors and why popular libraries often fall short. We will also discuss nuances such as backwards compatibility, FIPS 140-2 validation, and weak standards such as JOSE/JWT that contribute to the overall confusion. Brice will share some advice that you can provide to the development/engineering teams in your organization to not only make their job easier, but also ensure more secure cryptographic implementations. Thank you for watching, subscribing and your support.
Genres : Documentary
Release date : Aug 16, 2018
Countries of origin : United States
Official sites : CypherCon is a hacker conference emphasizing creativity and ingenuity.
Language : English
Filming locations : 400 W Wisconsin Ave, Milwaukee, Wisconsin, USA
Production companies : Video Workbench Productions
