Cryptography is a mathematical science and an engineering discipline, devoted to private communications in non-private settings. Cryptography comes from the Greek word kryptos, meaning anything that is hidden, obscured, veiled, secret, or mysterious. While the Merriam-Webster dictionary defines cryptography as the process of writing or reading secret messages or codes, in Information Security cryptography has more applications than simply “writing and reading secret messages.” When it comes to software, crypto is critically important, but also can be intimidating... and easily misapplied.
Modern software development is all about speed, and that means repurposing what others have built. These “things” might be cloud services, pre-compiled libraries from Github, or guidance in a stack overflow knowledge-base article. One common challenge with cryptographic code is that even if it seems to be working, it might still be insecure; therefore, it’s important for those defining and implementing crypto to understand the principles. It’s paramount to get crypto right from the start of each project. If you don’t, it can be like trying to change all the plumbing and pipes in your house after it’s fully built. Take the time to learn about hashes, algorithms, keys, and secrets management... it will be well worth the effort.
