: Exploring algorithms like AES and ChaCha20, and how they are used to protect data at rest and in transit. Hash Functions and Message Authentication Codes (MACs)
| Mistake | Why it’s bad | Right way | |---------|--------------|------------| | Using ECB mode | Leaks patterns | GCM, ChaCha20-Poly1305 | | Custom password hashing (e.g., md5+salt) | Too fast, no salt iteration | Argon2 or scrypt | | Not authenticating ciphertext | Padding oracles, bit flipping | AEAD (GCM / ChaCha20-Poly1305) | | Reusing nonce with same key | Total loss of confidentiality | Deterministic nonce (counter) or random 96‑bit | | == on MACs / signatures | Timing attack | hmac.compare_digest | | RSA without padding (textbook RSA) | Deterministic + malleable | OAEP or use hybrid encryption | Real-World Cryptography - -BookRAR-
: Real-world applications including user authentication, end-to-end encryption, and identifying common cryptographic failures. O'Reilly Media Purchase & Availability Real-World Cryptography: Wong, David - Amazon.com : Exploring algorithms like AES and ChaCha20, and
Hardware security, Post-Quantum crypto, and why systems fail. Real-World Cryptography - David Wong - Manning Publications Real-World Cryptography - David Wong - Manning Publications
: Concepts are explained through clever graphics and real-world use cases rather than dense equations.
: Designed for developers, sysadmins, and security practitioners to help them make better security decisions in their systems. Modern Topics : Covers contemporary and emerging tech, including: Cryptocurrencies and Blockchain Post-quantum Cryptography to prepare for future quantum threats. Secure Protocols like HTTPS/TLS and secure messaging. Advanced Concepts such as zero-knowledge proofs and hardware cryptography. Amazon.com The book is divided into two primary parts: The Ingredients (Primitives)