## (Very) Basic Intro To Elliptic Curve Cryptography

This is going to be a basic introduction to elliptic curve cryptography. I will assume most of my audience is here to gain an understanding of why ECC is an effective cryptographic tool and the basics of why it works. My goal is to explain it in a general sense, I will be omitting proofs and implementation details and instead …

## (Very) Basic Intro to Key Derivation Functions (Argon2, Scrypt, etc)

A key derivation function, or KDF, derives one or many secret keys from a secret value. If you’ve ever needed to store a password in a database or create a private key from a password, you may have used a KDF. Examples of popular KDFs: Argon2 Scrypt PBKDF2 Are KDFs just hash functions? No, but there is overlap. In order …

## (Very) Basic Shamir’s Secret Sharing

By @wagslane (twitter) Adi Shamir’s secret sharing is an algorithm used to share ownership of a secret among a group of participants. In order to calculate the original secret, a minimum number of shares must be used. Example Problem Let us imagine that a family of four shares a Bitcoin wallet. This Bitcoin wallet contains a single private key that …

## Cryptology, Cryptography, and Cryptanalysis – Get your Vocabulary Straight!

Many new developers are jumping right into coding (usually for those fat paychecks) without learning much about the history of Computer Science. Alan Turing, regarded as the father of Computer Science, was first a cryptologist and mathematician and pioneered the field of CS in order to solve cryptological problems. In this article, I will go over common crypto-related definitions for …

## HMAC and MAC Explained Simply – Building Secure Auth With JWTs

HMACs and MACs are authentication codes and are often the backbone of JWT authentication systems. Let’s take a look at how they work! MAC – Message Authentication Code MACs are exactly what they sound like; small codes that allow receivers of messages to know who the sender was (authentication). A MAC code is calculated by using a message and a …

## Qvault’s Lead Engineer Interviewed on “Running in Production”

Check out the podcast here: https://runninginproduction.com/podcast/6-qvault-is-an-open-source-tool-to-manage-passwords-and-crypto-keys First off, thanks to Nick for having me on the show! In this episode of Running in Production, I talk with Nick about about how we built Qvault, an open-source password manager that specializes in cryptocurrency. Qvault uses Electron and has a Serverless component that uses Golang. It’s all hosted on AWS. If you were …

## How Game Dev and Physics Constants Made Me Think About Religion

I am an atheist and developer, I’ve found it surprising how often these two identities collide. I’m fascinated when something that deals with engineering directly influences my views on theism, or at least makes me consider new ideas. When building a game engine, even the most basic one, it becomes apparent that certain constants must be set. Take a look …

## The Theistic Irreducible Complexity Argument Debunked Using… Computer Science?

Many creationists and theists invoke the argument of irreducible complexity in an attempt to discount the theory of evolution. So… what is irreducible complexity? Irreducible complexity (IC) involves the idea that certain biological systems cannot evolve by successive small modifications to pre-existing functional systems through natural selection.  https://en.wikipedia.org/wiki/Irreducible_complexity According to the theistic argument dealing with irreducible complexity, we couldn’t have …

## Building a Music/Video Streaming Server in Go – Using HLS

In this tutorial, I’m going to walk you through building a streaming API using Golang. Don’t worry, its surprisingly easy to build a robust streaming server, especially if we utilize one of the more modern protocols: HLS. What is HLS? HTTP Live Streaming is an HTTP-Based adaptive bitrate streaming communications protocol developed by Apple. https://en.wikipedia.org/wiki/HTTP_Live_Streaming HLS allows us to serve …

## How Percolate Queries in Elasticsearch Make Alerting a Breeze

Once upon a time, a company I worked for had a problem: We had thousands of messages flowing through our data pipeline each second, and we want to be able to send email and SMS alerts to ours users when messages matching specific criteria were seen. The first attempt at an alerting system utilized PipelineDB. To make a long story …