Cryptography Best Practices by Bart Preneel π: Essential Insights for Application Architects
Discover key strategies and considerations for effective cryptography implementation, including the pros and cons of various key architectures and PKI systems, to enhance your application's security.
secappdev.org
3.3K views β’ Jul 27, 2013
About this video
Application architects need to make informed choices to use cryptography well:
+ Alternative key architectures have their merits and drawbacks. PKIs, in particular, should be contrasted with symmetric key architectures such as Kerberos.
+ Network protocol characteristics are pivotal in ensuring distributed applications meet security requirements. Key strength choices impact on security guarantees offered, as do cryptographic algorithm modes.
+ While strong keys and wise use of cryptographic algorithms may thwart cryptanalytic attack, applications are insecure without prudent key management. In this context, key generation and key storage require particular attention.
+ The selection of crypto-libraries requires awareness of inherent library qualities and failures. Application developers are advised not to implement their own.
Learning objectives
+ decide if and when cryptography should be used.
+ make informed key architecture and management decisions.
+ use appropriate algorithms and parameters.
+ select an appropriate cryptographic library.
+ choose network protocols for distributed applications.
This lecture was delivered by Bart Preneel at SecAppDev 2013 in Leuven, Belgium.
Professor Bart Preneel of KU Leuven heads the COSIC (COmputer Security and Industrial Cryptography) research group. His main research area is information security with a focus on cryptographic algorithms and protocols as well as their applications to both computer and network security, and mobile communications.
He teaches cryptology, network security and coding theory at the KU Leuven and was visiting professor at the Ruhr Universitaet Bochum (Germany), the T.U.Graz (Austria), the University of Bergen (Norway), and the Universiteit Gent (Belgium). In '93-'94 he was a research fellow at the University of California at Berkeley. He has taught intensive courses around the world.
He undertakes industrial consulting (Mastercard International, S.W.I.F.T., Proton World International,...), and participates in the work of ISO/IEC JTC1/SC27/WG2.
Professor Preneel is Vice President of the International Association for Cryptologic Research (IACR) and co-founder and chairman of LSEC vzw (Leuven Security Excellence Consortium).
+ Alternative key architectures have their merits and drawbacks. PKIs, in particular, should be contrasted with symmetric key architectures such as Kerberos.
+ Network protocol characteristics are pivotal in ensuring distributed applications meet security requirements. Key strength choices impact on security guarantees offered, as do cryptographic algorithm modes.
+ While strong keys and wise use of cryptographic algorithms may thwart cryptanalytic attack, applications are insecure without prudent key management. In this context, key generation and key storage require particular attention.
+ The selection of crypto-libraries requires awareness of inherent library qualities and failures. Application developers are advised not to implement their own.
Learning objectives
+ decide if and when cryptography should be used.
+ make informed key architecture and management decisions.
+ use appropriate algorithms and parameters.
+ select an appropriate cryptographic library.
+ choose network protocols for distributed applications.
This lecture was delivered by Bart Preneel at SecAppDev 2013 in Leuven, Belgium.
Professor Bart Preneel of KU Leuven heads the COSIC (COmputer Security and Industrial Cryptography) research group. His main research area is information security with a focus on cryptographic algorithms and protocols as well as their applications to both computer and network security, and mobile communications.
He teaches cryptology, network security and coding theory at the KU Leuven and was visiting professor at the Ruhr Universitaet Bochum (Germany), the T.U.Graz (Austria), the University of Bergen (Norway), and the Universiteit Gent (Belgium). In '93-'94 he was a research fellow at the University of California at Berkeley. He has taught intensive courses around the world.
He undertakes industrial consulting (Mastercard International, S.W.I.F.T., Proton World International,...), and participates in the work of ISO/IEC JTC1/SC27/WG2.
Professor Preneel is Vice President of the International Association for Cryptologic Research (IACR) and co-founder and chairman of LSEC vzw (Leuven Security Excellence Consortium).
Tags and Topics
Browse our collection to discover more content in these categories.
Video Information
Views
3.3K
Likes
14
Duration
01:41:25
Published
Jul 27, 2013
User Reviews
4.0
(3) Related Trending Topics
LIVE TRENDSRelated trending topics. Click any trend to explore more videos.