How to Think about Cryptography: Common Crypto Flaws and How to Avoid Them - IEEE SecDev 2016
Cryptography offers strong guarantees, even promising things like provable security. Yet in practice, time and again, systems are deployed with crypto flaws of various types. How can we explain this disconnect?
In this recording from the 2016 IEEE Cybersecurity Development Conference (SecDev), Jonathan Katz discusses what provable security means and how it can be usefully interpreted by developers, covers some common crypto errors, and offers suggestions for how to improve current practice.
Cryptography offers strong guarantees, even promising things like provable security. Yet in practice, time and again, systems are deployed with crypto flaws of various types. How can we explain this disconnect?
In this recording from the 2016 IEEE Cybersecurity Development Conference (SecDev), Jonathan Katz discusses what provable security means and how it can be usefully interpreted by developers, covers some common crypto errors, and offers suggestions for how to improve current practice.