We’ve done a pretty good job in the software world of propagating an idea: “don’t roll your own crypto.” This phrase has two meanings. The first meaning is that you should not be inventing your own cryptography. Don’t invent encryption algorithms, hashing algorithms, proof of work algorithms, signature algorithms, or really any sort of algorithm that is used to achieve security. And the second is that you should not even implement algorithms which are already known to be secure. Don’t write any code related to cryptography, use a library that was written by an expert and reviewed by several other experts.
Why? Cryptography itself is not too bad. I’ve seen middle schoolers with a strong grasp of RSA, and the code to implement it is just some math, nothing a high school programmer couldn’t figure out in a weekend. So if it’s really not that hard to understand cryptography and create working demonstrations of the cryptography in action, why does the industry stress so aggressively that you absolutely should not do it yourself?
It comes down to the fact that attackers are very clever. The gamut of potential attacks against cryptography is very wide. Some attacks are weird , some feel like the attacker is cheating, and many attacks demonstrate a high degree of creativity and intelligence. The only way to write secure cryptography is to know every single type of attack and to be able to defend against every single attack simultaneously, without making a single mistake. That is what makes cryptography hard, and it’s something that experts regularly struggle with even when working as a team.
If a team of experts regularly has trouble writing secure cryptography, what chance does a non-expert have of writing secure cryptography? None. If you are not an expert, it is unlikely that you will write secure cryptography. People are instructed to leave it to the experts for a very good reason: defending again...