I have the feeling that's because crypto primitives and APIs are so ubiquitous that there seems to be the assumption everyone know them.
-
-
Replying to @Argorak
that's part of the issue: if you're familiar enough with the algo to use it safely, you kinda understand the API at a glance
1 reply 0 retweets 0 likes -
two issues: people use them without knowing crypto, and the APIs are often shitty enough that even cryptographers make mistakes
1 reply 0 retweets 0 likes -
Replying to @gcouprie
Oh, sure. But how come there's rarely efforts to change that?
1 reply 0 retweets 0 likes -
I think at the core is a feeling of "if you don't know my X, you shouldn't do it" :/
1 reply 0 retweets 0 likes -
Replying to @Argorak
cryptographers write crypto libraries, they don’t use it :p
1 reply 0 retweets 0 likes -
the issue is that there are so many details to handle that you have to know what you’re doing. See for example nonce usage
1 reply 0 retweets 0 likes -
so there are libs that provide basic tools safely, like libsodium. But when you must implement some ugly IoT protocol, out of luck
1 reply 0 retweets 0 likes -
That’s the gap https://github.com/jedisct1/libhydrogen … tries to fill.
1 reply 0 retweets 0 likes -
great!
1 reply 0 retweets 0 likes
Even when you have to implement a new protocol, it can help a lot: https://github.com/jedisct1/libhydrogen/wiki/Key-exchange …
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.