David Wong

David Wong is a senior cryptography engineer at O(1) Labs working on the Mina cryptocurrency. Prior to that, he was the security lead for the Diem (formally known as Libra) cryptocurrency at Novi, Facebook, and before that, a security consultant at the Cryptography Services practice of NCC Group. David is also the author of the book Real-World Cryptography.

During his career, David has taken part in several publicly funded open source audits, such as OpenSSL and Let’s Encrypt. He has spoken at various conferences, including Black Hat and DEF CON, and has taught a recurring cryptography course at Black Hat. He has contributed to standards like TLS 1.3 and the Noise Protocol Framework. He has found vulnerabilities in many systems, including CVE-2016-3959 in the Golang standard library, CVE-2018-12404, CVE-2018-19608, CVE-2018-16868, CVE-2018-16869, and CVE-2018-16870 in various TLS libraries.

Among others, he is the author of the Disco protocol (www.discocrypto.com and www.embeddeddisco.com) and the Decentralized Application Security Project for smart contracts (www.dasp.co). His research includes cache attacks on RSA (http://cat.eyalro.net/), protocol based on QUIC (https://eprint.iacr.org/2019/028), timing attacks on ECDSA (https://eprint.iacr.org/2015/839), or backdoors in Diffie-Hellman (https://eprint.iacr.org/2016/644). You can see and read about him these days on his blog at www.cryptologie.net.

books by David Wong

Exploring Modern Cryptography

  • ISBN 9781617299346
  • 49 pages

Exploring Modern Cryptography features two chapters from Manning's Real-World Cryptography written by well-known cryptography expert David Wong. You'll start by delving into the hash function, ubiquitous in cryptography and one of the most important pieces of its foundation. You’ll see how it works, its input and output, and some of the most widely adopted hash functions in use today. Then, you’ll examine Message Authentication Codes and how they protect the integrity of data, as well as the MAC standards that are most widely used in our modern world. This fast, focused—and free!—sampler is an excellent starting point for "decrypting" some of the most commonly applied cryptographic techniques we rely on to protect our online activity every day!

Real-World Cryptography

  • September 2021
  • ISBN 9781617296710
  • 400 pages
  • printed in black & white
  • Available translations: German, Japanese, Korean, Polish, Russian, Simplified Chinese

Real-World Cryptography teaches practical techniques for day-to-day work as a developer, sysadmin, or security practitioner. There’s no complex math or jargon: Modern cryptography methods are explored through clever graphics and real-world use cases. You’ll learn building blocks like hash functions and signatures; cryptographic protocols like HTTPS and secure messaging; and cutting-edge advances like post-quantum cryptography and cryptocurrencies. This book is a joy to read—and it might just save your bacon the next time you’re targeted by an adversary after your data.