“Rolling your own Crypto”

Me irl

This blog post is specifically for r/netsec (and a few other security pros I’ve met outside of there). Cryptography is one of the subjects that I would easily say I am most well versed in. I’ve been fascinated by it since I was teenager; probably on account of me being a hyperautist. Crypto makes perfect sense to me. And so, it’s something I work on improving the state of…

But it seems every time I post a blog post that even mentions some form of cryptographic solution, I immediately just get inundated by a swarm of people shouting some sort of variation of the “rolling your own crypto” meme.

I think I need to address that…

I want to ask you, what make and model of robot do you think invented RSA? Better question, what brand of sentient supercomputer was responsible for making the first block cipher? Oh… these things weren’t made by an extra-human intelligence? So then they must have been made by people… human people…

People roll crypto.

I get it, maybe you don’t. Maybe you don’t understand it. (I’ve read a lot of your comments, about 90% of you don’t understand it.) But just because you have a limitation doesn’t mean that I do. Somewhere along the line, someone gave you the advice to not “roll your own crypto.” Congrats…

I wouldn’t necessarily recommend that you do start designing your own solutions as of today. You need to understand a huge amount of things (and be able to implement them successfully) before you can safely do this. But what I’m trying to say, if I’m saying anything at all… is that just because some dude once said “don’t roll your own crypto” doesn’t mean that all humans are immediately *not allowed* to do so.

It was advice, advice for the vast majority of people. Advice for the vast majority of the security community even.

I’ve been generating my own cryptographic algos since I was a teen. The first iterations of such were exceptionally not successful. I came up with some incredibly wild and entirely ineffective ideas. But it was a good time. And like all people involved in the learning process, by continuing to try and fail, I moved forward and grew in skills and knowledge.

I don’t intend on going to Stanford for another degree just to have the word “crypto” next to my name. The only real way to judge a “cryptographer” is on the basis of their work anyway. Which leads us to a rough situation… I’m sorry, I really am… but most of you are not qualified to judge the work I’ve been doing… and yet you still insist on trying.

I know this will just get me more hate… I’m used to it at this point. It’s hard to challenge people’s perceptions. Most people don’t want to change, or accept that they could be wrong. And in our field especially, *nobody* wants to admit someone else is smarter than them.

But if you guys could just stop spamming rude comments at me personally, and instead talk about the content of my blog posts… and if you guys would be willing to try “asking questions” and engaging in constructive dialog to discover the root truth of an issue, instead of shouting assertions that I’m “wrong” followed by a three-ten paragraph comment listing a number of security misconceptions… that would be great.

Look, you won’t change me or my ideas by shouting and being massively rude (bordering on harassment with some of you). If you want to “correct” me (as it seems many of you do). The right way to go about that is to engage with me in a dialog surrounding the issues… I am always open to that. If I’ve made a mistake, I will always admit to it and fix it immediately.

A few of you know that, because you’ve seen it… hilariously (and I guess unfortunately?) I don’t make many tangible mistakes. As such I am often accused of “being wrong; but not admitting it.” Which is funny and kind of sucks because I want to show people how willing I am to correct myself, publicly even; the opportunity to do it is simply rare.

But I digress.

I’ll be rolling crypto.

About the author

Professional hacker & security engineer. Currently at Google, opinions all my own. On Twitter as @zaeyx. Skydiver, snowboarder, writer, weightlifter, runner, energetic to the point of being a bit crazy.


  1. I agree, someone has to do it. Not only that, it needs to get out and be public to truly be tested.

    The reason we still use RSA in a professional context isn’t because it took genius to make it. It’s because it has been hammered by geniuses trying to break it for 40 years. We know it’s limitations very well.

    If we shut down the next Adleman right out of the gate, we all lose.

    The flip side is, if you tell me your personal roll your own is good enough to protect my real world sensitive data, I am going to put the onus on you and it’s going to be an uphill battle.

    Too many people in netsec have run into the developer who thought a variation of repeating key xor using the same 32 bit key everywhere was good enough to protect your credit card number in transit.

    There has to be a middle ground for progress.

Leave a Reply

Your email address will not be published. Required fields are marked *