How to Implement Crypto Poorly

Explore the common pitfalls and mistakes in implementing cryptography through this conference talk from GrrCon 2016. Delve into the world of custom single sign-on systems and their vulnerabilities, examining real-world examples of poor cryptographic implementations. Learn about length extension attacks, preimage attacks, and the importance of HMAC. Discover the prevalence of obsolete crypto primitives, short keys, and static initialization vectors in custom SSO solutions. Analyze the implications of these errors for application security and understand why rolling your own crypto is generally discouraged. Gain insights into proper cryptographic implementation techniques, explore resources for learning cryptography, and understand why cryptography poses unique challenges for developers.

Intro
Who am I?
Don't roll your own crypto!
What's single sign-on?
What's custom single sign-on?
I found this emergency fix
The Freshdesk Flaw
The Custom Single Sign-on Survey
Basic Stats
No HMAC: Length Extension Attacks
No HMAC: Preimage Attacks
HMAC: Explained
What percent actually used an HMAC?
Uses Obsolete Crypto Primitives
What percent used a best practice cipher? Best Practice Cipher
Short Keys
Java getBytes
Let's do the math
What percent made that silly error?
Replay Attacks
What percent kept their hash the same each time?
Static Initialization Vector
What percent used a static IV?
One implementation wrote their own cipher!
What went wrong?
Implications for the application
Should you roll your own crypto?
Overall Results
Vendor Response
Custom SSO: The Right Way
Dumb ideas for your crypto
Why did these companies make these mistakes?
Cryptography is different
Cryptography is awesome!
Resources for learning cryptography