Why?

[nelsonic]

https://twitter.com/mikeal/status/796237112177659904

[rkrp]

I am a Masters student in Cybersecurity and a regular CTF participant. Can you please elaborate more on this? Perhaps, I could of some help 😄

[nelsonic]

@rkrp firstly welcome to @dwyl! ... https://github.com/dwyl (your invitation is waiting!) 🤗
I've invited you to be a collaborator on this repository. 📝
The objective here is to produce a README.md and related practical exercises similar to what we have for: https://github.com/dwyl/learn-json-web-tokens 💡
It's not meant/going to be comprehensive, rather it's an introduction in "plain english" and then we will point people to https://www.schneier.com/books/applied_cryptography/ if they want to learn more. 📚

If you have time to write out some of your knowledge the 3 areas I would like to focus on are:

• Hashing (on-way/irreversible e.g. for passwords, checksums or blockchain entries.) specifically:
  • History/Background of Hashing
  • Why MD5 is no longer considered "secure"
  • SHA and it's variants.
  • Why Salting password before hashing is important
  • Bcrypt why/what/how?
• Encryption (bi-directional, e.g: for storing sensitive data which needs to be decrypted later)
  • basic demo code using Node.js Core crypto would be ideal but any language you are familiar with is fine cause we (someone else) can always "translate" the examples to JS and elixir later on!
• SSL/TLS for transmission of data and why we should use HTTPS Everywhere
  • Longer term we will cross-link this to our Heroku / AWS / DigitalOcean guides so that people have practical step-by-step guides for setting SSL on their projects. 😉

Question: how/where did you discover DWYL? (thanks!)

[nelsonic]

• HTTPS and SSL in plain english: https://youtu.be/_p-LNLv49Ug

[rkrp]

Firstly, I apologize for the late reply.

As I understand, what I am writing about should be easily understandable - leaning more into applications of cryptography than the math and the working behind it. A developer with no crypto knowledge should be able to make sense of it. Am I summarizing it right?

I think I will start with writing about hashing. So, should I start a pull request and keep committing as I progress?

[nelsonic]

@rkrp absolutely no need to apologize for anything! you're amazing!! ❗️ 😮
Just the fact that you showed interest in helping us write this learning resource is awesome! 😍

(seriously, we really appreciate people remotely helping with
the mission of making technical knowledge freely accessible to everyone!)

Yes your understanding is good.
the resource is targeted at people who want to learn about crypto "from scratch".
we will have a "Further Reading" section at the end of the readme for people to "learn more".
And starting with hashing is perfect.

Please do start a Pull Request and if you have any other questions/ideas please create a new issue forEach one so we can have specific threads to discuss the topic/idea. thanks!! ❤️ ✅

Note: we could also have an "Advanced" or "Bonus" Level similar to:
https://github.com/dwyl/learn-tdd#bonus-level-1-code-coverage-10-mins 🚀