Completed
(HMAC) Hashing combined with key SHA-256 or better is preferred to ensure uniqueness
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Tales from the Crypt - A Cryptography Primer
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 What To Expect 0 • Gain a working understanding of common terms used in cryptography. Understand the key drivers for choosing cryptography methodologies, algorithms and strengths. Know which PHP modu…
- 3 How Secret is Secret? Asymmetric Encryption is more secret than Symmetric Encryption. No shared secrets. How predictable is your secret? Who has access to your secrets? Secrets encrypted at rest? Tho…
- 4 Computational Cost Complexity of algorithm increases cost. • Key length increases cost. Some algorithms specifically target memory and thread utilization to increase cost. Feedback loops increase cos…
- 5 Achieving Maximum Entropy • Use Cryptographically Secure Pseudo-Random Number Generators (CSPANG). Salts add global randomness to hashing. Feedback loops add local randomness to block ciphers. • Init…
- 6 Symmetric Key Cryptography uses shared secrets Asymmetric Key Cryptography uses private/ public key pairs
- 7 Symmetric Key Cryptography Shared secrets • Lower computation costs than most asymmetric algorithms for same key size Uses algorithms against blocks or streams of data Most implementations will use b…
- 8 (HMAC) Hashing combined with key SHA-256 or better is preferred to ensure uniqueness
- 9 Asymmetric Key Cryptography RSA and DSA are available in PHP. Use RSA Uses very large prime integers Very computationally expensive • Uses key pairs to protect secret
- 10 length of the key size Signatures use hashing Crypto often mixed with symmetric key cryptography
- 11 Padding is how RSA creates additional entropy • Use Optimal Asymmetric Encryption Padding (OAEP) Do not use PKCS1-V1_5 as it is no longer considered cryptographically secure
- 12 Always use Key Derivation Functions like bcrypt and PBKDF2 If you are currently using MD5 or SHA for hashing, use a random salted with your hash now and a key derivation function soon.
- 13 argon2i is the new hotness scrypt is preferred bcrypt is acceptable
- 14 Disclaimers 0 Although every app is different, commonalities exist across most applications I am only recommending what I know and have vetted directly or indirectly via my work experience If you thi…