So it seems like that in 2009, Colin Percival (yes, that guy — he’s everywhere!) wrote an article called “Cryptographic Right Answers” which basically want “okay, cryptography is hard. it is more secure for you to not worry about it. here’s all the common uses and the best, standard, solutions to them”.
A lot of this is just technical stuff I don’t need to know. Nice to see Tarsnap holds up as the best online backup thing however many years later.
It’s slightly shocking/impressive how much the standard best practices have changed in the 16 years since this was first written. But for higher-level stuff, a lot of the “boring” answers are very old libraries, which have kept up with the best practices, so those recommendations haven’t changed.
Stay boring. High-level libraries have made all the decisions, twiddled all the knobs, and just give you a good, secure solution (hopefully).
RSA is out. Elliptic curves are in.
Cryptography seems very sexy and cool, and it probably shouldn’t be. I guess because it lets you play at mathematician and computer programmer. I think you can just be sexy and cool, and independently, let your cryptography be really boring and good.