O'Reilly European Open Source Convention - October 17-20, 2005 - Amsterdam, The Netherlands
 Convention Coverage

Session

Everything You Know About crypto is Wrong
John Viega, CTO, Secure Software, Inc.

Track: Security
Date: Thursday, 20 October 2005
Time: 13:30 - 14:15
Location: Grand Ballroom

Lots of people read Applied Cryptography and then armed with their new-found knowledge, went on to build massively broken cryptosystems. Similarly, many people use SSL in their apps, but use it insecurely.

Yes, crypto is cool, but it's also easy to assemble a bunch of cool and worthy parts into a system with huge holes in it. At this talk, you'll learn how to avoid the most common crypto problems in your code. We'll look at the most common crypto problems in software systems today, and show how to avoid them using modern techniques.

We'll cover both newbie mistakes such as home-made encryption schemes and poor algorithm choices. However, we'll focus on errors that more forgivable, but potentially just as serious, such as poor PKI integration, key management, and timing attacks.



Diamond Sponsors

Computer Associates International Inc., (CA)
IBM

Gold Sponsors

Microsoft

Silver Sponsors

ActiveState
Alfresco
Intel Corporation
LINAGORA
MySQL
Oracle
Red Hat
Sleepycat Software
SpikeSource
Zimbra

Media Sponsors

boing boing
C/C++ Users Journal
Hakin9
OpenSourceMag
Ping Wales
Ping Wales
Security Horizon
Software Developers Journal
Software Network
WebDevMagazine
Wydawnictwo Software

Sponsors

EuroOSCON Sponsor Opportunities — Email us at

Download the EuroOSCON Sponsor/Exhibitor Prospectus

EuroOSCON Media Sponsor Opportunities — Call Margi Levin at 707-827-7184 or email at

Press and Media

For media-related inquiries, contact Suzanne Axtell at

Conference News

Want to receive conference news? Sign up for our email newsletter.
O'Reilly Home | Privacy Policy

© 2005, O'Reilly Media, Inc.