O'Reilly logo

Writing Secure Code by Michael Howard and David LeBlanc

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 8. Cryptographic Foibles

Many times I’ve heard statements like, "We’re secure—we use cryptography.." The saying in cryptographic circles is, "If you think crypto can solve the problem, you probably don’t understand the problem." It’s unfortunate that so many developers think crypto, as it’s often abbreviated, is the panacea for all security issues. Well, I hate to say it, but it isn’t! Crypto can help secure data from specific threats, but it does not secure the application from coding errors. Crypto can provide data privacy and integrity, facilitate strong authentication, and much more, but it will not mitigate programming errors such as buffer overruns in your code.

In this chapter, I’ll focus on some of the common mistakes people make ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required