Skip to content

Latest commit

 

History

History
27 lines (20 loc) · 1.63 KB

README.md

File metadata and controls

27 lines (20 loc) · 1.63 KB

crypto-go

Code examples and slides for the talk: "Crypto Fails and How to Tackle Them in Go" at go get -u community conference in May 2020.

Try out the two code examples

$ go run main.go aes 
$ go run main.go random

You can find the template usage in the corresponding go-file in the cmd package, e.g., cmd/aes.go to see the example to encrypt and decrypt a message.

Further Resources

  • Check out the cryptopasta repo by George Tankersley

  • The Gopher slack has a crypto channel which provides further information

  • Gosec can check for some crypto misuses like a usage of MD5.

  • Egele, M., Brumley, D., Fratantonio, Y., & Kruegel, C. (2013, November). An empirical study of cryptographic misuse in android applications. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security (pp. 73-84). Paper

  • Krüger, S., Späth, J., Ali, K., Bodden, E., & Mezini, M. (2019). Crysl: An extensible approach to validating the correct usage of cryptographic apis. IEEE Transactions on Software Engineering. Paper

  • Veracode report: "The State of Software Security Today". Wepage