Security and Cryptography Gems

I find cryptography and security fascinating. My current knowledge is limited to some math reading on cryptography years ago and some journal articles in IEEE, ACM, and USENIX publications. As a side project for the next year, I want to build my understanding of practical security out in the real world, especially mobile security.

Returning from AdaCamp Portland and OSBridge, I was inspired to dig into some resources. Here are a few that I believe to be accessible for experienced developers looking to learn more about security:

  • Dr. Terri Oda’s PhD thesis, “Simple Security Policy for the Web“, has highly readable background on web security and attacks. The paper shines when it discusses developing simple security policies that can be easily implemented and therefore used in practice.
  • Laurens Van Houten’s “Crypto 101” talk from PyCon 2013 covers a lot of ground in 45 minutes. I highly recommend watching the entire video (perhaps even several times). The Crypto 101 website would be a logical next stop to dive a little deeper into the many concepts that are covered in the video.
  • Alex Gaynor mentioned a project where he is a contributor that is doing good work in cryptography for the Python community. Check out the docs for cryptography.

I enjoyed AdaCamp Portland and OSBridge, and I’m grateful to be have learned about these resources while attending both events.