Explore common cryptographic mistakes made by developers through a comprehensive conference talk featuring Java illustrations. Delve into topics such as random number generation weaknesses, misuse of hash functions, inappropriate key management, and vulnerabilities in encryption methods. Learn about secure practices for message digests, frequency analysis, and chosen plaintext attacks. Gain insights into RSA encryption, TLS implementation, database encryption, and Java security providers. Discover practical tips to avoid common pitfalls and strengthen cryptographic implementations in your software development projects.
Overview
Syllabus
Intro
Common developer mistakes
Start your presentation
Dont wave
Good and bad news
Random number generators
Weaknesses in random number generation
SHA1 seed size
Pseudorandom
Message digests
Misusing hash
Lazy toad
Super brain room
Inappropriate weaknesses
Random keys
Inappropriate use of psychic notes
Logged Replay Attack
Skip town
Security cash
Frequency Analysis
Text Size
Not Be discernible
Trust me
Dont do this
Encryptthenmac
Citizen Sector
Encrypted Data
Chosen plaintext attacks
RSA encryption
PCI
TLS
Key Management
Database Encryption
Data Encryption
Security Providers
Scavenger Rider
Default
Insert
Watch
Java Security
Additional References
Crypto Attacks
