Cryptography Do's and Don't in 2021

Back to the list of Speakers and Sessions
Watch the stream
Do you feel unequipped to understand real world crypto attacks? Are you overwhelmed with the over-abundance of choices provided by any modern cryptography API, to make a secure decision while choosing a randomness provider, encryption scheme or digital signature APIs? Are you on top of all the latest happenings in cryptographic communities, to know which cryptographic primitives is deemed broken? Due to sheer lack of documentation of the chosen API, do you feel paralyzed on where and how to start designing or analyzing any cryptographic systems?

If any of these answers are "yes", come join me in this talk. I will be going over each cryptographic primitive like Random Number Generators, Encryption/Decryption algorithms, message authentication codes, digital signatures, password storage etc. We will be discussing common crypto insecure patterns observed in real world applications, best secure practices and what to be wary of. All this based on evaluating bunch of leading cryptographic implementations while not loosing sight of future-proofing applications. This should help security architects/developers while designing their crypto applications and security practitioners while auditing these system.