It has been a wild ride this last year.
I’ve gone from someone who pays attention to cryptography and cyber-security to developing network cybersecurity architecture.
I’m always up for a challenge and this one has been a big one. So far things have gone well though.
It certainly has kept me busy as the lack of blog posts or significant GitHub commits will show.
I’m not far more deeply aware of the inner details of:
- TLS 1.2 and TLS 1.3
- TLS pre-shared key algorithms
- TLS 1.3 session resumption
- AES implementation choices.
- Cryptographic random number generation and primary entripy source selection (this last a work in progress)
- Elliptic curve cipher suites for TLS
- SSH/SFTP protocol details and security implications in there.
- Modern password hashing algorithms (BCrypt, SCrypt and PBKDF2)
- Lots and lots of trade-offs between security, performance, implementation time and cost.
- X.509 certificate details and ways of creating, managing and distributing certificates. PKI both big and small.
- Some fun with trusted platform modules.
A wild ride indeed and not over yet. If this all keeps coming together though it should lead to a very satisfying conclusion.
This has certainly added a lot of tools to my toolbox. I’m now much better equipped to deal with secure networking issues and implementation. Once thing with network cyber-security work is that there’s always one more detail that needs to be addressed.
I am hoping to free up some time on the home front to get back to some of my home VR software projects this fall. Still dithering on whether to buy a resharper license. I’ll probably pick up ‘cluster’ again and try to move that to a more complete state. Might also play with some smaller VR toy programs…tempted to put together a very small gravitational system simulator in room scale. We’ll see how all that goes. I really need to get back in touch with Malcolm and Sam and see how they’re doing.