Thank you for writing this book! I recently used this book to brush up on crypto fundamentals for some interviews and found it really valuable. I was even able to implement a padding oracle attack after only knowing it in theory for a very long time. I was also wondering if you had any plans to complete. Right now, there are 36 TODO's in the book. Not all of them need further explanation and can be left as an exercise but some of them might be useful to dig into. Regardless, it is still awesome!
Count the instances of "arbitrary code execution" for chrome vs adobe. Its a huge improvement! Granted its not just the pdf reader in the case of adobe.
Thanks for the response. Although not ideal, I am stuck with using crypto at the DB level. Based on what you said; running something like vault (running as a separate user from the DB) and accessing it using the HTTP API + TLS client cert seems like the way to go.
One of the constraints I am working with is that a human is not necessarily in the loop all the time. What is the best way then bootstrap the encryption process?