# Best Practices * [Key Management - OWASP Cheat Sheet Series](https://cheatsheetseries.owasp.org/cheatsheets/Key_Management_Cheat_Sheet.html) # Education * [Crypto 101](https://www.crypto101.io/) book (free) * [Practical Cryptography for Developers](https://cryptobook.nakov.com/) * [“YOLO” is not a valid hash construction | Trail of Bits Blog](https://blog.trailofbits.com/2024/08/21/yolo-is-not-a-valid-hash-construction/) # Implementations * [Discord's DAVE: Discord Audio/Video Encryption](https://discord.com/blog/meet-dave-e2ee-for-audio-video) * [Protocol](https://github.com/discord/dave-protocol) * Group key exchange * E2E for all participants * Adds on to WebRTC * Signal: * [Signal Protocol and Post-Quantum Ratchets](https://signal.org/blog/spqr/) * [Signal’s PQXDH Key Agreement Protocol](https://signal.org/docs/specifications/pqxdh/ * Apple: * [Apple's PQ3 in iMessage](https://security.apple.com/blog/imessage-pq3/)