[lbriner]

My experience is that a lot of people could learn what they need from a few pages of crib sheets. Symmetrical, hashing, asymmetrical, key lengths etc. As soon as you need to know more about the nuts and bolts of different systems, you are already straying into the territory of needing the really deep and mathematical treaties that some of these books represent.

How many Developers need to know much more than choosing between bcrypt/scrypt/argon2/pbkdf2/etc. for password hashing and the relative merits of each?

[xpe]

Crib sheets (i.e. listing various flavors of encryption algorithms) IMO work reasonably well when people have a decent conceptual mindset to start with.

I strive to assume very little when it comes to the knowledge of I meet. With cryptography, even less so. For example, given some developers you interact with, to what degree do they understand encryption versus digesting? I'm not even talking about the details; I'm talking about the big picture of when each is applicable.

So, even before something like a crib sheet of techniques, some people would benefit from something even simpler: an "IF-THEN" flowchart helping them recognize when they want, say, encryption versus digesting versus something else.