https://media.ccc.de/v/camp2023-57170-if_it_ain_t_broken_do_fix_it

Building Modern Cryptography

Security is hard. Modern programming languages help us with memory and type safety, but, even with bleeding edge frameworks and libraries, *getting your crypto right remains hard*.

We will take a look at recent cryptographic breaks in **Matrix**, **Threema**, **Bridgefy** and **Mega**, explore the modern cryptographic best practices and why they matter, see what makes **TLS 1.3** special, and discuss how to get to a more secure world together!

This talk is a primer in modern cryptographic best practices, supporting them by examples of recent breaks and vulnerability disclosures.
With cryptographic failures showing up every other day in security news, and placing #2 in the "OWASP top 10" web application security list, we want to show why apparently innocuous mistakes can make things go disastrously wrong.
We plan to dedicate a part of the talk to open discussion, gathering feedback from developers and maintainer of open source cryptography, with the long term plan of building an high-level cryptographic library that should make developing new cryptographic protocols easier and more secure.

Matteo Scarlata
Kien Tuong Truong

https://pretalx.c3voc.de/camp2023/talk/TNUDTX/

#camp2023 #Milliways