What You Don't Know About Cryptography
This session provides a gentle introduction to cryptography then covers the many subtle mistakes that even experienced developers make when writing cryptographic code.
Attendees will learn about proper implementation of the Java Cryptography Extension, Java Secure Sockets Extension, and jarsigner. Special attention is given to the challenges of key management and Public Key Infrastructure. No prior knowledge of cryptography is necessary.
About Dean H. Saxe
Dean H. Saxe is a Managing Consultant at Foundstone, A Division of McAfee, where he is responsible for conducting web application penetration testing, threat modeling, code reviews, secure software development lifecycle (S-SDLC) design and implementation, and project management. Prior to joining Foundstone, Dean spent more than 8 years developing web application in Java and ColdFusion in a variety of industries. While working in the banking sector, Dean's interest in application security was sparked and has grown steadily over the past five years. Dean also provides client education services as a lead instructor of these Foundstone courses: Building Secure Software, Writing Secure Code: Java/J2EE, and Writing Secure Code: ColdFusion. Dean holds the CISSP and Certified Ethical Hacker designations.
When not working, Dean enjoying hiking, cooking, homebrewing and traveling the world.
More About Dean H. »