My name is Philipp C. Heckel and I write about nerdy things.

Snippet 0x0A: Cryptography DOs and DON’Ts


  • Mar 23 / 2015
  • Comments Off on Snippet 0x0A: Cryptography DOs and DON’Ts
Uncategorized

Snippet 0x0A: Cryptography DOs and DON’Ts


This tiny post is meant as a loose collection of DOs and DON’Ts I’ve come across when I implemented the cryptography concept for Syncany, my open source file sync software. I’m not a cryptography expert, so take my advice with caution — and correct me if you know more than I do.

Cryptography DOs and DON’Ts

  1. Most importantly: Don’t believe you know things better. You don’t. Don’t invent stuff. Ask people for help!
  2. Don’t use ECB mode
  3. Don’t re-use your IVs
  4. Don’t encrypt your IVs (IVs are meant to be public)
  5. Authenticate cipher configuration (algorithm, salts and IVs)
  6. Use authenticated/AEAD ciphers where possible (GCM, EAX)
  7. Don’t use unauthenticated data (e.g don’t use IVs before authenticating it)
  8. Never ever re-use a nonce
  9. Don’t use fixed IVs in CBC (never, ever!)
  10. Always choose your IVs at random
  11. Don’t invent your own encryption
  12. Don’t use any data before the verifying it
  13. Don’t use password based encryption unless you have to
  14. If you must use a password, use password-based key derivation functions such as PBKDF2
  15. PBKDF2 with SHA1 is okay, even though SHA1 is not
  16. Don’t store passwords in plaintext, store them as a salted hash
  17. If your passwords are short (e.g. PINs), don’t hash them; encrypt them instead
  18. Use a key derivation function to derive keys from keys (such as HKDF)
  19. Don’t use DES, or 3DES; use AES
  20. Don’t use MD5 or SHA1; use SHA2 (e.g. SHA256)
  21. Don’t abstract your crypto code: Keep it simple!
  22. Don’t blindly trust the defaults (Java uses ECB mode as default!)
  23. Specify the ciphers, key lengths and crypto providers in detail
  24. Do not use OpenJDK’s GCM before Java 8, see here
  25. Using /dev/urandom is as secure as /dev/random, because they are seeded by the same PRNG

A. About this post

I’m trying a new section for my blog. I call it Code Snippets. It’ll be very short, code-focused posts of things I recently discovered or find fascinating or helpful. I hope this helps.

Comments are closed.