09-09, 11:00–11:20 (Asia/Jerusalem), Main Hall (30)
Language: English
Securing application is often done using cryptography, but if you don't do it right, it may be broken and you wouldn't even know it. Learn the common cryptographic mistakes in Python and how to fix them using safe practices.
Implementing cryptography is like handling a loaded weapon — powerful, but dangerous in the wrong hands. In this talk, we’ll explore how to properly implement cryptography in Python, using real-world examples of code that led to serious security vulnerabilities. From insecure random number generation and broken key management to misusing cryptographic primitives and rolling your own protocols, we’ll walk through the most common (and often subtle) mistakes developers make. We’ll also cover the correct approaches using modern Python libraries. If you need to use cryptography in your code for secure communication, encrypting data at rest, or just curious to understand the meaning of the inputs to the cryptographic function, this session will equip you with the knowledge to do cryptography right — or at least know when to call in an expert.
Basic
Target audience –Developers, R&D, DevOps, Security Experts, Testers/QA, Integrators
Dr. Erez Waisbard - Principal Technology Researcher at CyberArk
Erez Waisbard received his Ph.D. degrees in computer science from Bar-Ilan University and his M.Sc. from The Weizmann Institute of Science.
He has over 25 years of industry experience in security and networks, designing and implementing systems at Lucent, Cisco, NDS and Nokia Bell Labs.
He is currently a Principal Technology Researcher at CyberArk and a faculty member at the Open University, Israel in the Dept. of Mathematics and Computer Science.
His research interests include cryptography, security, privacy, networked systems, and algorithms.