Encryption, authentication and data integrity in PHP

Comments

Comments are closed.

Van Belle Jonathan (Grummfy) at 19:11 on 29 Jan 2016

very high level. but very intresting

Tijs Verkoyen at 21:54 on 29 Jan 2016

I bit high level, but definitely a good talk. I think it is an eye-opener, as you tell that encryption alone is not enough.
If I must have a point of critic, I would say: explain it bit more on why encryption alone is not enough.

Sandra at 23:17 on 29 Jan 2016

Clear, interesting slides, good use of bullet points, thanks for summary/intro, well defined sections/parts, bit longwinded in places but friendly tone, interesting subject, thank you for planning to publish the slides, rounded information (pros/cons/tips), good to understand (some familiarity with terms needed - AES, CBC), up to date content and background info, usable tips and practical advice, maybe include visual representation of aes encrypt/decrypt code (different elements used and their source - like for hybrid crypto), using slides to explain and answer questions effectively (without disrupting the flow of the presentation), maybe keep answers more concise/include the room more, clear code samples, well done on being critical of your own library, good timing and thanks for the references/resources

Robert Broen at 00:04 on 30 Jan 2016

Dude knows his stuff and builds the bridge between academic science and practical php, way to go Enrico!

Peter Nijssen at 22:51 on 30 Jan 2016

High level talk, but if you tried some things with mcrypt and public/private keys in the past it was nice to follow. Nice to see some parts from the PHP perspective.

Great talk, which may have gone even more high level if you ask me.

A very good talk, but it felt a bit like a bummer when you told us, "do not try this your self, use a library like zend-crypt." I would have started with that and explained more about the way the encryption works. To many developers do not have any clue how public and private certificates work for example. But that might be to advanced for a 45 min talk?

Sjoerd Linders at 10:12 on 1 Feb 2016

If security is what you need? Then this is the best session, to get a good inside about what security is and how you should use it to store and transfer your data secure!

Jimmy Comack at 10:23 on 1 Feb 2016

I felt that the level was pretty steep right out the gates, BUT the information presented was highly interesting and I can see how Enrico's approach to these encryption and authentication challenges could help out.

Thank you for this information!

Definitely got me interested to make a small experimental project to toy around with this information, despite the end conclusion being in the direction of "Just use zend-crypt. Don't bother doing this yourself".

Omar Reiss at 12:37 on 1 Feb 2016

Great talk. Very clearly structured, very clearly delivered. I learned a lot.

Just one point of feedback: You could do with a little less disclaimers (regarding being the last talk of the day and stuff) Everyone in that room is there voluntarily. Your talk is more than enough reward.

Jeroen Boersma at 12:38 on 1 Feb 2016

Definitely a great talk, the only problem was, my brain already took so much information to the day that is was hard to absorb this too. I think it will land in a few days if my brain processed a lot of other information :)

Nice insights though about choices one can make for speed and security.
Love to read the slides later on to easily catch and read up in my own time.

Sjoerd Linders at 15:47 on 1 Feb 2016

Very good talk if you want to know about security.

Speaker clearly knows his what he is talking about. I thought the level of detail was just right.