We can't find the internet
Attempting to reconnect
Something went wrong!
Hang in there while we get back on track
Replacing Cipher with Plug.Crypto for Secure Data Encryption in Elixir
99
clicks
Source: shyr.io
In this article, Sheharyar Naseer describes the process and rationale behind switching from the Cipher library to Plug.Crypto for data encryption in Elixir applications. Due to Cipher's maintenance issues and security vulnerabilities (e.g., using a static initialization vector), Sheharyar sought advice from the Dashbit team, who recommended waiting for the release of Phoenix v1.5, which includes Plug.Crypto. The transition to Plug.Crypto was straightforward, and they leveraged a small wrapper to adopt best practices. Additional benefits of Plug.Crypto include using `:erlang.term_to_binary` for easier encryption of Erlang terms and structs. Sheharyar advises other Elixir developers to prefer well-maintained libraries like Plug.Crypto to avoid security pitfalls.
Related posts
© HashMerge 2024