Cryptography Best Practices - Bart Preneel

Application architects need to make informed choices to use cryptography well: + Alternative key architectures have their merits and drawbacks. PKIs, in particular, should be contrasted with symmetric key architectures such as Kerberos. + Network protocol characteristics are pivotal in ensuring distributed applications meet security requirements. Key strength choices impact on security guarantees offered, as do cryptographic algorithm modes. + While strong keys and wise use of cryptographic algorithms may thwart cryptanalytic attack, applications are insecure without prudent key management. In this context, key generation and key storage require particular attention. + The selection of crypto-libraries requires awareness of inherent library qualities and failures. Application developers are advised not to implement their own. Learning objectives + decide if and when cryptography should be used. + make informed key architecture and management decisions. + use appropriate algorithms and parameters. + select an appropriate cryptographic library. + choose network protocols for distributed applications. This lecture was delivered by Bart Preneel at SecAppDev 2013 in Leuven, Belgium. Professor Bart Preneel of KU Leuven heads the COSIC (COmputer Security and Industrial Cryptography) research group. His main research area is information security with a focus on cryptographic algorithms and protocols as well as their applications to both computer and network security, and mobile communications. He teaches cryptology, network security and coding theory at the KU Leuven and was visiting professor at the Ruhr Universitaet Bochum (Germany), the T.U.Graz (Austria), the University of Bergen (Norway), and the Universiteit Gent (Belgium). In '93-'94 he was a research fellow at the University of California at Berkeley. He has taught intensive courses around the world. He undertakes industrial consulting (Mastercard International, S.W.I.F.T., Proton World International,...), and participates in the work of ISO/IEC JTC1/SC27/WG2. Professor Preneel is Vice President of the International Association for Cryptologic Research (IACR) and co-founder and chairman of LSEC vzw (Leuven Security Excellence Consortium).