More Secrets of Cryptography

Transcript

1. More Secrets of Cryptography Chris Riley ConFoo 2018 1

2. Introduction

3. Why do we need cryptography? 1

4. Modern cryptography • Confidentiality 2

5. Modern cryptography • Confidentiality • Key exchange 2

6. Modern cryptography • Confidentiality • Key exchange • Identity 2

7. Modern cryptography • Confidentiality • Key exchange • Identity •

   Authentication 2

8. Symetric vs Asymetric Cryptography

9. Eliptic Curve Cryptography

10. Eliptic Curve Equation • y2 = x3 + ax2 +

    b 3

11. Eliptic Curve Equation • y2 = x3 + ax2 +

    b • y2 = x3 + 486662x2 + x 3

12. An Eliptic Curve 4

13. Eliptic curve dot function 5

14. Eliptic curve multiplication function 6

15. Eliptic curve for Cryptography 7

16. Eliptic Curve Key Exchange • Agree a curve, modulus and

    generator point (G) 8

17. Eliptic Curve Key Exchange • Agree a curve, modulus and

    generator point (G) • Select random integer d and compute P = dG 8

18. Eliptic Curve Key Exchange • Agree a curve, modulus and

    generator point (G) • Select random integer d and compute P = dG • Exchange public keys (PA and PB) 8

19. Eliptic Curve Key Exchange • Agree a curve, modulus and

    generator point (G) • Select random integer d and compute P = dG • Exchange public keys (PA and PB) • Compute a shared secret dBPA and dAPB 8

20. Eliptic Curve Key Exchange • Agree a curve, modulus and

    generator point (G) • Select random integer d and compute P = dG • Exchange public keys (PA and PB) • Compute a shared secret dBPA and dAPB • Both parties have now computed dAdBG 8

21. Key Exchange protocol 9

22. Man in the middle 10

23. The Web of Trust

24. Trent, the trusted third party 11

25. Can you trust a web of trust? 11

26. Cryptographic Hash functions

27. Ideal hash function properties • It should be quick and

    easy to compute a hash for any given data. 12

28. Ideal hash function properties • It should be quick and

    easy to compute a hash for any given data. • It should be difficult to compute data that has a given hash. 12

29. Ideal hash function properties • It should be quick and

    easy to compute a hash for any given data. • It should be difficult to compute data that has a given hash. • It should be unlikely that two different messages will have the same hash. 12

30. SHA-2

31. Setup phase • Append a single ’1’ bit to the

    data • Pad the data with ’0’ so that the data + 64 bits is a multiple of 512 • Append the data length as a 64 bit integer 13

32. Expansion phase • Split message into 512 bit blocks •

    Expand each block to 2048 bits • Expansion is done using shifts and rotates of the original block xor’d together 14

33. Compression phase 1By User:kockmeyer (Own work) CC-BY-SA-3.0, via Wikimedia Commons

    15

34. Merkel Trees

35. A Merkel Tree 16

36. A Merkel Tree 17

37. Bitcoin

38. What is a blockchain? • A Merkle tree 18

39. What is a blockchain? • A Merkle tree • No

    central authority 18

40. What is a blockchain? • A Merkle tree • No

    central authority • Multiple ’forks’ may exist 18

41. What is a blockchain? • A Merkle tree • No

    central authority • Multiple ’forks’ may exist • There exists a consensus algorithm to determine the correct fork 18

42. What is a blockchain? • A Merkle tree • No

    central authority • Multiple ’forks’ may exist • There exists a consensus algorithm to determine the correct fork • The consensus algorithm only requires data contained on the blockchain to run 18

43. Mining a bitcoin 19

44. Why do bitcoins have value? 19

45. Should I use a block chain for ... ? 19

46. Thanks • @giveupalready • https://github.com/carnage • https://carnage.github.io 20