[failbuffer]

Looks good, but I wish there was a practicioner-oriented resource for how to use cryptographic libraries that didn't start by focusing on the math. I don't need to know the intricacies of RSA, I need to know how to securely compose it with other primitives to engineer a system with the desired properties.

[Vegenoid]

I wanted to have a better understanding of crypto, simply to feel more confident in writing programs that use existing protocols, and started 'Real-World Cryptography' by David Wong. I'm about 3/4 through, and I've been happy with it. It is light on math, but does go into it a little bit - it seems designed for the kind of person who isn't comfortable using something until they understand how it works under-the-hood, but doesn't actually need to do any under-the-hood work.

It has taught me enough that I think I could compose a protocol out of primitives that on the surface appears to do what I've intended it to do. It has also taught me that there are many subtleties that can completely break a protocol, combining primitives can lead to unexpected weaknesses, and many people who understand crypto far better than I ever will have created broken protocols out of secure primitives.

I'm not sure it's the book you're looking for, but I think it's a good book if you want to understand crypto, but not design your own.

[tptacek]

I want to put a word in here for being cautious about the capabilities you can achieve in novel systems --- software developers are often working with multiple whole sieverts of novelty without realizing it --- without having a lot of the boring theory stuff nailed down.

If you're using (say) libsodium to do exactly the kind of thing 100 other developers have successfully used libsodium to do in the past, you're fine. But it takes a deceptively small and subtle set of steps to end up synthesizing a new cryptosystem (see: attempts to build secure messaging systems out of libsodium primitives) without realizing that's what you're doing.

Learn a bunch of the theory! It's important.

[schoen]

> sieverts of novelty

Yikes!

Is this clever metaphor original with you?

[tptacek]

I'm a little proud of it.

[splix]

Google "Cryptographic Right Answers". There are a couple of different posts, but they agree on the most of the things you would look for.

Ex.: https://gist.github.com/tqbf/be58d2d39690c3b366ad or https://www.latacora.com/blog/2018/04/03/cryptographic-right...

[miketery]

This is great, finding NaCl (libsodium) has been a godsend, specifically the JS lib.

1 - https://nacl.cr.yp.to/

2 - https://github.com/dchest/tweetnacl-js

[foma-roje]

Perhaps what you need is something like „Cryptography Engineering: Design Principles and Practical Applications“

Book by Bruce Schneier, Niels Ferguson, and Tadayoshi Kohno.

[tptacek]

Pretty outdated. For awhile, it was the best book available, but in 2024 it's probably harmful.

Today, I'd read Serious Cryptography or Real World Cryptography.

[Ar-Curunir]

"Secure composition" is definitely covered in the course. It doesn't talk only about the details of RSA (though there are some lectures about that), but also about what security properties different primitives satisfy, how to compose them safely, etc.

A large part of modern cryptography is figuring out secure composition.