Presentation: Tweet"How I Learned to Stop Worrying and Trust Crypto Again"
Making secure use of cryptographic APIs has become a core competence in software development. But how secure are the standard APIs, in particular in the light of recent revelations regarding activities of some national security agencies in weakening cryptographic standards?
In this talk we will first look at some of the cryptographic standards whose security is the subject of speculation and try to separate rumour from fact. Then we'll examine some of most widely encountered crypto APIs, evaluating them on two important axes: facilities for flexible, secure key management and provision of modern cryptographic primitives. We'll look at strategies for using cryptographic APIs securely and testing the security of third party cryptographic equipment.
Download slides