Cryptography and D

Nick Sabalausky via Digitalmars-d digitalmars-d at puremagic.com
Sun Jun 29 10:45:40 PDT 2014


On 6/29/2014 12:53 PM, Chris Cain wrote:
> On Sunday, 29 June 2014 at 09:24:39 UTC, Tobias Pankrath wrote:
>> The best way to become one of these damned few people is getting
>> started though.
>
> If "getting started" means go to college and get a doctorate for Crypto,
> I agree.
>
> If "getting started" means write some crypto libraries until you get it
> right, I'm running away from this topic in horror.

The crypto algorithms are very well defined and documented. You don't 
need to understand the theory behind them in order to implement them. 
You just need to be able to:

- Read/follow the spec accurately
- NOT invent your own variants/algorithms
- Be pedantic about avoiding the normal sets of potential software 
exploits (as you would with any software that handles sensitive data).
- Write/use sufficiently pedantic tests
- Be up-to-date on what's algos are considered outdated and questionably 
secure.

This is a standard "scientist vs engineer" issue. The crypto experts are 
the scientists who figured it all out. We're the engineers who take 
their information and use it.

Obviously being well-versed in crypto theory *in addition* to everything 
above is even better still, but it isn't essential. The five critica 
above are essential.



More information about the Digitalmars-d mailing list