About #cryptography

We create APIs all the time - and I don’t have only libraries and frameworks in mind. Every piece of code that’s intended to be called by another piece of code is an API, in some sense. It’s our job to define an interface, which will be used to achieve whatever is expected.

While discussing various API designs, we often focus on “how it’s gonna look” first. Does it allow fluent calls? Does it rely on annotations? Is the naming accurate? Don’t get me wrong - these are all valid questions. Yet, these “visuals” often distract us from the actual usability.

A combination of 3 digits - this is the level of protection offered by the vast majority of luggage cases on the market. 3 digits secret code, that should keep all your personal belongings safe at the aircraft, lobby and hotel room. Lots to expect for just 3 digits…

The cryptographic world changed a lot since 2008 when Google’s Keyczar library showed up. However, one thing is still the same - effective cryptography is really hard to implement. Keyczar library was a quite successful attempt to provide easy to use crypto solutions based on current security standards to Java, Python and C++. Now, after 9 years of its development, the future doesn’t look so bright.

Ain’t no sunshine when it’s old

In the late 2016 Keyczar’s maintainers announced that: