Upgrade to Pro — share decks privately, control downloads, hide ads and more …

The secrets of cryptography

carnage
June 24, 2016
Programming
0
130

The secrets of cryptography

Alice and Bob have secrets they want to talk about without Eve being able to listen in. Worse yet, the mischievous Mallory delights in changing messages sent between parties. In such a hostile environment how can Alice talk to Bob without their messages being overheard and how can she be sure that it was Bob that sent the message in the first place?

This talk will take a brief look at historic codes and ciphers before taking a look at modern day Cryptography. If you want to be able to know the difference between a block cipher and a stream cipher or get a glimpse into the mathematics behind public key Cryptography this talk is for you.

Cipher challenge here: http://tiny.cc/0qq6by

carnage

June 24, 2016
Tweet

More Decks by carnage

See All by carnage
Object re-orientation
carnage
2
390
Event Driven Development
carnage
0
490
More Secrets of Cryptography
carnage
0
310
Nuclear powered software securty
carnage
0
320
Microservices vs The distributed monolith
carnage
1
2k
Passwords and how to handle them
carnage
0
260
A storm is brewing
carnage
0
75
The secrets of cryptography
carnage
0
130
You attended talk: An introduction to event sourcing (short)
carnage
0
480

Other Decks in Programming

See All in Programming
Folding Cheat Sheet #3
philipschwarz
PRO
0
110
せっかくモデル図描くのなら、 嬉しいことが多い方がいいよね!
kuboaki
1
3k
StreamlitとTerraformでデータカタログを作った話
gussan0223
0
270
デザインシステムで Tailwind CSSとCSS in JSに分散投資をしたら良かった話
fsubal
18
4.8k
Building a Smaller App Binary
kateinoigakukun
2
320
ログラスを支える設計標準について / loglass-design-standards
urmot
10
2.1k
Front-end application development, Symfony-style(s)
dunglas
2
1.8k
実践!RDRAを活用した既存システムの仕様変更 / Specification Changes in Existing Systems Utilizing RDRA
imamotohikaru
1
4.6k
From Spring Boot 2 to Spring Boot 3 with Java 22 and Jakarta EE
ivargrimstad
0
700
今、知っておきたい! 生成AIエージェントの世界
elith
3
330
From Spring Boot 2 to Spring Boot 3 with Java 21 and Jakarta EE
ivargrimstad
0
940
CircleCIを活用して AWSへの継続的デリバリーを 実践する
coconala_engineer
1
230

Featured

See All Featured
How GitHub (no longer) Works
holman
302
140k
GraphQLとの向き合い方2022年版
quramy
29
12k
Keith and Marios Guide to Fast Websites
keithpitt
408
22k
Product Roadmaps are Hard
iamctodd
43
9.7k
Six Lessons from altMBA
skipperchong
19
3k
The Language of Interfaces
destraynor
151
23k
4 Signs Your Business is Dying
shpigford
175
21k
Learning to Love Humans: Emotional Interface Design
aarron
266
39k
No one is an island. Learnings from fostering a developers community.
thoeni
14
2.1k
Fashionably flexible responsive web design (full day workshop)
malarkey
397
65k
Producing Creativity
orderedlist
PRO
336
39k
VelocityConf: Rendering Performance Case Studies
addyosmani
319
23k

Transcript

  1. The Secrets of Cryptography Christopher Riley Dutch PHP Conference, 2016

    1

  2. Introduction

  3. Cryptography is HARD 2

  4. Historic ciphers

  5. The ceasar shift

  6. The ceasar shift 3

  7. The substitution cipher

  8. The substitution cipher 4

  9. The substitution cipher: possible keys 403,291,461,126,605,635,584,000,000 5

  10. The substitution cipher: statistics 6

  11. The substitution cipher: frequency analysis 7

  12. Vigenère cipher

  13. The Vigenère cipher 8

  14. The Vigenère cipher 9

  15. The Vigenère cipher 10

  16. Breaking the Vigenère cipher

  17. Breaking The Vigenère cipher 11

  18. Breaking The Vigenère cipher 12

  19. Enigma

  20. Enigma 13

  21. Enigma 14

  22. Breaking Enigma 15

  23. Modern ciphers

  24. Modern cryptography • Confidentiality 16

  25. Modern cryptography • Confidentiality • Key exchange 17

  26. Modern cryptography • Confidentiality • Key exchange • Identity 18

  27. Modern cryptography • Confidentiality • Key exchange • Identity •

    Authentication 19

  28. Modern cryptography • Confidentiality • Key exchange • Identity •

    Authentication • Random number generation 20

  29. Symmetric ciphers

  30. Stream ciphers

  31. A5/1

  32. A5/1: implementation diagram 21

  33. A5/1: register clocking 22

  34. Stream cipher weaknesses • Keys must not be reused 23

  35. Stream cipher weaknesses • Keys must not be reused •

    Easy for an attacker to modify a message 24

  36. Stream cipher weaknesses • Keys must not be reused •

    Easy for an attacker to modify a message • Hard to partially decrypt messages 25

  37. Block ciphers

  38. Advanced encryption standard (AES)

  39. AES: 1 round • Substitute Bytes • Shift Rows •

    Mix Columns • Add Round Key 26

  40. AES: Substitute Bytes 27

  41. AES: Shift Rows 28

  42. AES: Mix Columns 29

  43. AES: Add Round Key 30

  44. Modes of operation

  45. Electronic code book (ECB)

  46. ECB 31

  47. ECB: the ECB penguin 1By Larry Ewing [email protected] with The

    GIMP 32

  48. Cipher block chaining (CBC)

  49. CBC 33

  50. Counter (CTR)

  51. CTR 34

  52. Galoris Counter mode (GCM)

  53. GCM 35

  54. Asymetric ciphers

  55. Public key cryptography

  56. Rivest, Shamir, Adleman (RSA)

  57. RSA • (me)d ≡ m (mod n) 36

  58. RSA • (me)d ≡ m (mod n) • c ≡

    me (mod n) 37

  59. RSA • (me)d ≡ m (mod n) • c ≡

    me (mod n) • cd ≡ (me)d ≡ m (mod n) 38

  60. Identity verification

  61. RSA: Message signatures • (md)e ≡ m (mod n) •

    s ≡ md (mod n) • se ≡ (md)e ≡ m (mod n) 39

  62. Implementing Cryptography

  63. Implementing Cryptography • Don’t 40

  64. Implementing Cryptography • Don’t • Use existing implementations 41

  65. Implementing Cryptography • Don’t • Use existing implementations • Bring

    in an expert 42

  66. Implementing Cryptography in PHP

  67. Implementing Cryptography in PHP • Halite + libsodium • https://github.com/paragonie/halite

    43

  68. Implementing Cryptography in PHP • Halite + libsodium • https://github.com/paragonie/halite

    • Defuse PHP encryption • https://github.com/defuse/php-encryption 44

  69. Further reading • Simon Singh - The code book •

    http://simonsingh.net/The_Black_Chamber 45

  70. Further reading • Simon Singh - The code book •

    http://simonsingh.net/The_Black_Chamber • Bruce Schneier • https://www.schneier.com 46

  71. Further reading • Simon Singh - The code book •

    http://simonsingh.net/The_Black_Chamber • Bruce Schneier • https://www.schneier.com • https://github.com/gilfether/phpcrypt 47

  72. Thanks • @giveupalready • https://github.com/carnage • https://joind.in/talk/b0b4d 48

  73. Cipher Challenge • http://tiny.cc/0qq6by 49