Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Speaker Deck
PRO
Sign in
Sign up for free
The State of Encryption
Cristiano Betta
June 08, 2017
Technology
0
180
The State of Encryption
My talk from DevTalks Bucharest 2017
Cristiano Betta
June 08, 2017
Tweet
Share
More Decks by Cristiano Betta
See All by Cristiano Betta
Docs as Engineering - DevRelCon London 2019
cbetta
0
110
DevRelCon London 2019 - Developer Experience Workshop
cbetta
0
77
DevRelCon London 2019 - Developer Experience Workshop
cbetta
0
94
The 7 Deadly Sins of Developer Experience (DevRelCon Tokyo)
cbetta
0
3.3k
Developer Experience Workshop
cbetta
1
380
The 7 Deadly Sins of Developer Onboarding
cbetta
0
160
A brick by brick guide to developer experience
cbetta
2
460
Hackathons Workshop
cbetta
0
140
This strange planet earth
cbetta
0
180
Other Decks in Technology
See All in Technology
Raspberry Pi Camera 3 介紹
piepie_tw
PRO
0
160
SPA・SSGでSSRのようなOGP対応!
simo123
2
160
03_ユーザビリティテスト
kouzoukaikaku
0
620
開発者と協働できるメトリクスダッシュボードを作ろう!/SRE Lounge 2023
lmi
3
520
Google Cloud Workflows: API automation, patterns and best practices
glaforge
0
100
MoT/コネヒト/Kanmu が語るプロダクト開発xデータ分析 - 分析から機械学習システムの開発まで一人で複数ロールを担う大変さ
masatakashiwagi
3
770
re:Inventの完全招待制イベント Building a Roadmap to SaaSについて / Building a Roadmap to SaaS an invitation only event at reinvent
yayoi_dd
0
150
「一通りできるようになった」その先の話
hitomi___kt
0
140
230125 古いタブレットの活用 かーでぃさん
comucal
PRO
0
16k
Deep Neural Networkの共同学習
hf149
0
330
OpenShiftのリリースノートを整理してみた
loftkun
2
440
イ良い日ンマを作る(USBストレージ容量偽装の手法) / USB Storage Capacity Faking Techniques
shutingrz
0
540
Featured
See All Featured
The Power of CSS Pseudo Elements
geoffreycrofte
52
4.3k
5 minutes of I Can Smell Your CMS
philhawksworth
198
18k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
109
16k
StorybookのUI Testing Handbookを読んだ
zakiyama
8
3.2k
Navigating Team Friction
lara
177
12k
Agile that works and the tools we love
rasmusluckow
320
20k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
15
1.2k
Building Flexible Design Systems
yeseniaperezcruz
314
35k
Teambox: Starting and Learning
jrom
124
7.9k
Rails Girls Zürich Keynote
gr2m
87
12k
It's Worth the Effort
3n
177
26k
Code Review Best Practice
trishagee
50
11k
Transcript
Qeb Pqxqb lc Bkzovmqflk Rfc Qryrc md Clapwnrgml Sgd Rszsd
ne Dmbqxoshnm The State of Encryption Uif Tubuf pg Fodszqujpo Vjg Uvcvg qh Gpetarvkqp Wkh Vwdwh ri Hqfubswlrq ! Cristiano Betta | @cbetta
Qeb Pqxqb lc Bkzovmqflk Rfc Qryrc md Clapwnrgml Sgd Rszsd
ne Dmbqxoshnm The State of Encryption Uif Tubuf pg Fodszqujpo Vjg Uvcvg qh Gpetarvkqp Wkh Vwdwh ri Hqfubswlrq
1987
None
The living Daylights "
The living Daylights "
None
None
The Real Spies #
None
None
None
None
Hide
Hide%
Microdot
None
1mm 1mm 1mm
MA-4450 '
MA-4450 '
Rotation Sheets (
Jackpot )))
Cristiano Betta @cbetta
♥ security + virgilsecurity.com + betta.io
, security expert + virgilsecurity.com + betta.io
Encryption 101 %
Entropy -
None
11111111111111111111 11111111111111111111 11111111111111111111 11111111111111111111 11111111111111111111 H = 0
11111111111111111111 11111111111111111111 11111111110000000000 00000000000000000000 00000000000000000000 H = 1
RAR(50x1+50x0) H ~= 5
TrueCrypt(RAR) H ~= 7.8
RC4 .
! ! /1 /1
1984 .
Certified Security 0
Diffie- Hellman 1
Color Exchange 2
A B
A B Common Common
A B Common Common Secret Secret
A B Public Mix Public Mix
Public Mix A B Public Mix
Public Mix A B Public Mix
Public Mix A B Public Mix Secret Secret
A B Common Secret Common Secret
1-way functions 3
X*Y = 143 X > 1 Y > 1 3
3 X*Y = 143 X = 11 Y = 13
X*Y = 10,967,535,067 X = 104723 Y = 104729
Public Key Encryption 1
Asymmetric Encryption 1
! / / Pub1 Priv1 ! / / Pub2 Priv2
1 2
! ! 4 1 2
! ! 4+/pub2 1 2
! ! 4 1 2 /
! ! 4 1 2 /
! ! 4+/priv2 1 2 /
! ! 1 2 4
Signatures 5
! ! 4+/priv1 1 2
! ! 1 2 4 0
! ! 1 2 4 0
! ! 4+/pub1 1 2 0
! ! 1 2 ◦
Public Key Encryption 1
PGP SSH SSL TLS BitCoin …. 1
/ Pub1? / Pub2?
Digital Certificates International 0
Verisign
Certificate Authorities 0
0 0 / Pub1? / Pub2? 0 Root
LetsEncrypt 7
letsencrypt.org
Crypto Wars 8
Ammunition
Netscape 9
2000 MTOPS !
None
None
2017 :
Crypto Wars Round 2 ;
Snowden Manning Assange <
“…the N.S.A. has been deliberately weakening the international encryption standards
adopted by developers. One goal … was to ‘influence policies, standards and specifications for commercial public key technologies’…” 76 - New York Times, 6 Sept 2013
Increased Law Enforcement =
http://www.dailymail.co.uk/wires/reuters/article-4350416/UK-minister-says- encryption-messaging-services-unacceptable.html
Chat Apps :
https://www.eff.org/node/82654
Virgil Security
Create private key & public Virgil Card
Push Virgil Card to server
Publish card to Virgil
Encrypt data
Decrypt data
Demo %
Virgil Security >
demo-ip-messaging.virgilsecurity.com
virgilsecurity.com %
Encryption 201 ?
2047 ?
Total Security @
Total Privacy %
Human Error A
Slingshot Security B
Quantum Entanglement -
Large Integer Factorization! ÷
Post-QC Encryption 7
Quantum Key Exchange -
Quantum Key Exchange -
2047 ?
2117 ?
Thank you! @cbetta betta.io Cristiano Betta @virgilsecurity virgilsecurity.com Virgil Security