Dr. Matthew Green
Dr. Seth James Nielson
Johns Hopkins University Information Security Institute
Debra Baker, Principal Security Engineer at Cygnacom Solutions
David McGrew, Fellow at Cisco
Thanks to the graduate students who are making the knowldege base a reality with building the site and populating the pertinent cryptographic information.
- Prashanth Venkateswaran
- Venkata Aditya
The Crypto Done Right cryptographic knowldege base is a repository of practical cryptographic information. The intent is for it to be a resource for developers, administrators, and managers to quickly and easily take action on the information. Was that latest break in an algorithm one I should worry about, or is it a nation state level attack? What is the best practice for TLS and SSH? These are the type of questions we want to answer. The knowledge base is a resource for network administrators and developers to successfully configure and implement cryptography.
If you are interested in submitting content, please send us an email. All information submitted will be reviewed prior to be being posted on the web site.
To help improve the overall understanding of how cryptography is deployed, implemented, maintained and configured in different environments.
Security is only as strong as your weakest link. Security is complicated and of paramount importance for any organization and there are very little room for errors. Security needs to be a part of everyone's responsibility. Now more than ever, earning customer's satisfaction translates to un-complicated and foolproof security.
2. Cryptography Has its weaknesses too:
Like anything else in this world, cryptography is not perfect. There are multiple reasons why this is the case. But there are still various flavours of cryptographic algorithms that are proven to be secure against a wide range of attacks. Through this knowledge base, we aim to ensure that any professional who wants to implement cryptography is up-to-date and is aware of which flavors to avoid, which configuration to setup, how to move to stronger cryptography etc.
3. Change is the only constant:
Security is adaptive and is based on context. Different organizational values lead to different security measures. Cryptography in particluar is an ever-changing landscape. Security (including cryptography) can never be achieved by a one-time setup. Like a well oiled machines, it needs to be maintained and tweaked from time to time.
1. Demystifying Cryptography:
Cryptography is a complicated subject. What makes it complicated are the plethora of options (in terms of configuration and deploying) that exist to achieve security. Everday use of cryptography for the majority of professionals does not necissitate understanding the intricate details of the various flavors available. Through cryptodoneright, we aim to deliver content to our audience in the a clear and coherent fashion.
2. Organized, easy-to-navigate Content:
One way to further complicate cryprography is poor, unorganized documentation. cryptodoneright aims to set a standard template around which content will be published. After a few click around, you should find the website very easy to navigate through and search.
3. Community Driven:
The website will be using a centralized databased where anyone can come in and contribute content. The content will automatically render according to the standard templates to maintain the overall feel of the website consistent.
Ultimately, we are looking to move towards to create a comprehensive database that aims to educate the working population the complexities and intricacies of "Security" in a simple and easy manner.