SecAppDev 2024 lecture details
Practical cryptography with Tink
Learn how to translate cryptography know-how into robust working code that is easy to review. Avoid common implementation pitfalls by learning how to use the modern Tink cryptographic library.
Monday June 3rd, 16:00 - 17:30
Room West Wing
Abstract
There are many textbooks and courses to learn the theoretical foundations of cryptography, and particular constructions, but fewer dive into the details of how to translate that into working production code.
In this session we will describe the challenges presented by traditional cryptography libraries, and the security vulnerabilities that can result from misuse. We will then examine modern hard-to-misuse libraries, focusing on Google’s Tink library. Particular attention is paid to key storage and management.
Key takeaway
Learn how to use Tink to implement cryptographic features and protocols in a robust manner.
Content level
Deep-dive
Target audience
Anyone working with practical cryptography
Prerequisites
A good working knowledge of cryptographic primitives and how they are used in theory.
Join us for SecAppDev. You will not regret it!
Grab your seat now
Neil Madden
Founder and CEO, Illuminated Security Ltd
Expertise: Application security and applied cryptography
Join us for SecAppDev. You will not regret it!
Grab your seat nowRelated lectures
Cryptographic algorithms update
Deep-dive lecture by Bart Preneel in room Lemaire
Monday June 3rd, 11:00 - 12:30
An update on the most important cryptographic algorithms and a status on the migration towards post-quantum security.
Key takeaway: Which cryptographic algorithms to use for which tasks.
A gentle intro to Ethereum and "smart contracts"
Introductory lecture by Tom Van Cutsem in room West Wing
Wednesday June 5th, 14:00 - 15:30
Ethereum is a programmable blockchain, a "world computer" powering decentralized applications. Find out how software for this "world computer" - smart contracts - are written using the Solidity language.
Key takeaway: Learn what programmable blockchains like Ethereum are all about, what kinds of applications they enable and what common pitfalls developers face.
An open source WAF in a high security setting
Introductory lecture by Christian Folini in room West Wing
Wednesday June 5th, 09:00 - 10:30
Introduction to WAFs, a highly commercial market with a dominant open source offering, crazy incentives of WAF vendors, the history of online voting in Switzerland, the 2019 disaster and ray of hope cast by the WAF.
Key takeaway: Basic understanding of web application firewalls, their use cases and their limits.