Don't Roll Your Own Crypto

Comments repeatedly emphasize the advice against implementing custom cryptography, highlighting risks, pitfalls, and the need for established, audited libraries by experts. Discussions include nuances like learning exceptions, production use warnings, and distinctions between algorithms and implementations.

📉 Falling 0.5x Security

4,208

Comments

Years Active

Top Authors

#906

Topic ID

Activity Over Time

2007

2008

2009

2010

2011

109

2012

177

2013

525

2014

330

2015

317

2016

323

2017

329

2018

223

2019

206

2020

325

2021

255

2022

295

2023

176

2024

185

2025

223

2026

Top Contributors

tptacek (412) loup-vaillant (46) cperciva (35) api (27) sarciszewski (24)

Keywords

IOTA e.g TL IMO SPHINCS OK CCSS CTR datavibe.net umshade.it crypto cryptography cryptographic roll algorithms implementing security implement algorithm rolling

Sample Comments

wildmusings • Aug 3, 2017 • View on HN

Sorry, but this is not good advice. Widely-used crypto implementations have had the benefit of years of analysis by dozens of high-expertise stakeholders who have a lot to lose should the crypto fail. Even that isn't always enough to catch all weaknesses and vulnerabilities.This cowboy-programming attitude being extended to security is no small part of why we are so vulnerable as a society to attacks on our computer systems that can compromise our core infrastructure[1], our secrets[2],

ChrisSD • Jul 8, 2019 • View on HN

Indeed. If you're not a cryptographer then you shouldn't be rolling your own crypto. That includes selecting low level libraries, etc. You want a whole crypto system that's made by experts. Preferably one that's open to auditing.

denton-scratch • Jul 6, 2021 • View on HN

Unless you're a cryptographer, don't even think about rolling your own crypto (I'm not one, I did, and I'm ashamed of myself).

JetSpiegel • Apr 9, 2014 • View on HN

"But crypto is hard! Don't roll your own", say everyone, ever.

mnw21cam • Apr 14, 2015 • View on HN

I think there's a more fundamental cryptographic principle. Don't implement cryptography, unless you are an absolute top expert. Even then, think twice, and get another absolute top cryptography expert to check your working. Use a pre-existing cryptography package that has been written properly instead.

Eliezer • Nov 21, 2018 • View on HN

Don't roll your own crypto. If that was much better encryption, everyone would be using it.

kaba0 • Oct 5, 2021 • View on HN

Do not roll your own crypto is meant for software engineers, not a team of professional cryptologists.

elsjaako • Aug 3, 2017 • View on HN

Isn't this the point of the usual advice, "don't write your own crypto"? There are a million gotchas, and most of these you've just gotta know.

elsjaako • Aug 3, 2017 • View on HN

Isn't this the point of the usual advice, "don't write your own crypto"? There are a million gotchas, and most of these you've just gotta know.

Kalium • Aug 3, 2017 • View on HN

You're right! That's perfectly normal and extremely common.People are skittish about this in the realm of cryptography because the costs of getting it wrong can be very high. Further, programmers have a culture where experimenting by writing something yourself is perfectly reasonable and extremely common.When these two meet in the context of crypto, I know just enough to get worried that someone's going to get overconfident from a primer and do something they believe to be v