do… Web Application Development and Security

Archive for May, 2009

Selected for php|tek Unconference Session

Wednesday, May 27th, 2009

I delivered my updated talk – Crypto Your PHP – at the php|tek Unconference in Chicago on Thursday, May 21st. It was selected by a voting process from a field that included many well-known community leaders. In other words I was lucky to have the opportunity. Kudos to everyone who submitted talks and thanks to those who voted, attended and organized!


If you’d like a refresher on crypto capabilities and practices in PHP, or if you’d like some tips on the topic from a former security engineer, this talk is for you. We’ll discuss a few common scenarios such as data transit, data storage, and password authentication. We’ll explore the rich variety of crypto-enabled functions available to PHP. We’ll see why some crypto algorithms are better than others. And we’ll discuss the practices of good crypto implementation and the clues that indicate when it’s not a good idea to build it alone.