crypto-reviewlisted

Use when reviewing cryptographic implementations for algorithm choice correctness, key management soundness, side-channel resistance, and crypto agility readiness. Covers symmetric and asymmetric operations, key lifecycle, and construction safety. Do not use for protocol-level analysis (use protocol-analysis) or post-quantum migration planning (use pqc-readiness).
dtsong/my-claude-setup · ★ 5 · AI & Automation · score 76

Install: claude install-skill dtsong/my-claude-setup

# Crypto Review ## Purpose Review cryptographic implementations for algorithm choice correctness, key management soundness, side-channel resistance, and crypto agility readiness. ## Scope Constraints Reads source code, configuration files, and documentation for cryptographic implementation analysis. Does not modify files or execute code. Does not access key material, HSMs, or cryptographic secrets directly. ## Inputs - System or component using cryptographic operations - Cryptographic algorithms and modes in use - Key management architecture (generation, storage, rotation, destruction) - Data sensitivity classification and compliance requirements - Performance constraints and target platforms ## Input Sanitization No user-provided values are used in commands or file paths. All inputs are treated as read-only analysis targets. ## Procedure ### Step 1: Inventory Crypto Operations Enumerate all cryptographic operations in the system: - Symmetric encryption (algorithm, mode, key size) - Asymmetric operations (signing, key exchange, encryption) - Hashing (algorithm, usage context — integrity, commitment, password) - Key derivation (KDF, parameters, input entropy) - Random number generation (source, seeding, reseeding) ### Step 2: Check Algorithm Choices For each crypto operation, verify: - Algorithm is current and not deprecated (no MD5, SHA-1 for security, DES, RC4) - Mode is appropriate (AEAD preferred: AES-GCM, ChaCha20-Poly1305; no ECB, no unauthenticated CBC) - Key s