Everything You Know About crypto is Wrong
John Viega, CTO, Secure Software, Inc.
Date: Thursday, 20 October 2005
Time: 13:30 - 14:15
Location: Grand Ballroom
Lots of people read Applied Cryptography and then armed with their new-found knowledge, went on to build massively broken cryptosystems. Similarly, many people use SSL in their apps, but use it insecurely.
Yes, crypto is cool, but it's also easy to assemble a bunch of cool and worthy parts into a system with huge holes in it. At this talk, you'll learn how to avoid the most common crypto problems in your code. We'll look at the most common crypto problems in software systems today, and show how to avoid them using modern techniques.
We'll cover both newbie mistakes such as home-made encryption schemes and poor algorithm choices. However, we'll focus on errors that more forgivable, but potentially just as serious, such as poor PKI integration, key management, and timing attacks.
EuroOSCON Sponsor Opportunities — Email us at
Download the EuroOSCON Sponsor/Exhibitor Prospectus
EuroOSCON Media Sponsor Opportunities — Call Margi Levin at 707-827-7184 or email at
Press and Media
For media-related inquiries, contact Suzanne Axtell at
Want to receive conference news? Sign up for our email newsletter.