$30 off During Our Annual Pro Sale. View Details »

The State of Encryption

Cristiano Betta
June 08, 2017
Technology
0
230

The State of Encryption

My talk from DevTalks Bucharest 2017

Cristiano Betta

June 08, 2017
Tweet

More Decks by Cristiano Betta

See All by Cristiano Betta
Docs as Engineering - DevRelCon London 2019
cbetta
0
120
DevRelCon London 2019 - Developer Experience Workshop
cbetta
0
85
DevRelCon London 2019 - Developer Experience Workshop
cbetta
0
110
The 7 Deadly Sins of Developer Experience (DevRelCon Tokyo)
cbetta
0
3.7k
Developer Experience Workshop
cbetta
1
460
The 7 Deadly Sins of Developer Onboarding
cbetta
0
170
A brick by brick guide to developer experience
cbetta
2
500
Hackathons Workshop
cbetta
0
180
This strange planet earth
cbetta
0
240

Other Decks in Technology

See All in Technology
APIテスト導入から2年。アジャイルな組織で見えてきたmabl活用の道
bengo4com
0
1.9k
ソフトウェアの内部品質に生じる様々な問題は組織設計にその原因があることも多い / Internal Quality Issues Caused by Organizational Design
mtx2s
107
43k
Java Language Future
chiroito
4
1.2k
Vertex AI Feature Store に 機械学習エンジニアが涙した 理由
asei
3
1.2k
Kotlin製のGraphQLサーバーをNode.jsでモジュラモノリス化している話
hokaccha
1
2.1k
Railsアプリをコスパよく読むための環境整備
ikumatadokoro
1
130
CSSパフォーマンスに関する計測結果
poteboy
3
1k
第21回Ques シフトレフトにおけるシナリオテストの適用事例
moritamasami
1
420
CTO of the year 2023ピッチ資料(オーディエンス賞)チューリングCTO青木
aoshun7
0
130
お客様、そこは秘孔です!突かないでください! HTTP/2 Rapid reset の概要と対策
murachiakira
0
140
Oracle Cloud Infrastructure データベース・クラウド:各バージョンのサポート期間
oracle4engineer
PRO
6
5.1k
「極意本」サンプルコードをクラウド上で動かそう
upura
0
200

Featured

See All Featured
GraphQLの誤解/rethinking-graphql
sonatard
45
8.7k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
24
2k
10 Git Anti Patterns You Should be Aware of
lemiorhan
644
57k
Streamline your AJAX requests with AmplifyJS and jQuery
dougneiner
130
9.8k
Automating Front-end Workflow
addyosmani
1354
200k
Music & Morning Musume
bryan
38
5.2k
Web development in the modern age
philhawksworth
201
9.9k
ParisWeb 2013: Learning to Love: Crash Course in Emotional UX Design
dotmariusz
101
6.4k
Faster Mobile Websites
deanohume
296
29k
For a Future-Friendly Web
brad_frost
168
8.4k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
26
5.7k
Statistics for Hackers
jakevdp
787
220k

Transcript

  1. Qeb Pqxqb lc Bkzovmqflk
    Rfc Qryrc md Clapwnrgml
    Sgd Rszsd ne Dmbqxoshnm
    The State of Encryption
    Uif Tubuf pg Fodszqujpo
    Vjg Uvcvg qh Gpetarvkqp
    Wkh Vwdwh ri Hqfubswlrq
    !
    Cristiano Betta | @cbetta

    View Slide

  2. Qeb Pqxqb lc Bkzovmqflk
    Rfc Qryrc md Clapwnrgml
    Sgd Rszsd ne Dmbqxoshnm
    The State of Encryption
    Uif Tubuf pg Fodszqujpo
    Vjg Uvcvg qh Gpetarvkqp
    Wkh Vwdwh ri Hqfubswlrq

    View Slide

  3. 1987

    View Slide

  4. View Slide

  5. The living
    Daylights
    "

    View Slide

  6. The living
    Daylights
    "

    View Slide

  7. View Slide

  8. View Slide

  9. The Real
    Spies
    #

    View Slide

  10. View Slide

  11. View Slide

  12. View Slide

  13. View Slide

  14.  Hide

    View Slide

  15.  Hide%

    View Slide

  16. Microdot

    View Slide

  17. View Slide

  18. 1mm
    1mm
    1mm

    View Slide

  19. MA-4450
    '

    View Slide

  20. MA-4450
    '

    View Slide

  21. Rotation
    Sheets
    (

    View Slide

  22. Jackpot
    )))

    View Slide

  23. Cristiano 

    Betta
    @cbetta

    View Slide

  24. ♥ security
    + virgilsecurity.com
    + betta.io

    View Slide

  25. , security expert
    + virgilsecurity.com
    + betta.io

    View Slide

  26. Encryption
    101
    %

    View Slide

  27. Entropy
    -

    View Slide

  28. View Slide

  29. 11111111111111111111
    11111111111111111111
    11111111111111111111
    11111111111111111111
    11111111111111111111
    H = 0

    View Slide

  30. 11111111111111111111
    11111111111111111111
    11111111110000000000
    00000000000000000000
    00000000000000000000
    H = 1

    View Slide

  31. RAR(50x1+50x0)
    H ~= 5

    View Slide

  32. TrueCrypt(RAR)
    H ~= 7.8

    View Slide

  33. RC4
    .

    View Slide

  34. ! !
    /1
    /1

    View Slide

  35. 1984
    .

    View Slide

  36. Certified
    Security
    0

    View Slide

  37. Diffie-
    Hellman
    1

    View Slide

  38. Color
    Exchange
    2

    View Slide

  39. A B

    View Slide

  40. A B
    Common Common

    View Slide

  41. A B
    Common Common
    Secret Secret

    View Slide

  42. A B
    Public Mix Public Mix

    View Slide

  43. Public Mix
    A B
    Public Mix

    View Slide

  44. Public Mix
    A B
    Public Mix

    View Slide

  45. Public Mix
    A B
    Public Mix
    Secret Secret

    View Slide

  46. A B
    Common Secret Common Secret

    View Slide

  47. 1-way
    functions
    3

    View Slide

  48. X*Y = 143
    X > 1
    Y > 1
    3

    View Slide

  49. 3 X*Y = 143
    X = 11
    Y = 13

    View Slide

  50. X*Y = 10,967,535,067
    X = 104723
    Y = 104729

    View Slide

  51. Public Key
    Encryption
    1

    View Slide

  52. Asymmetric
    Encryption
    1

    View Slide

  53. !
    /
    /
    Pub1
    Priv1
    !
    /
    /
    Pub2
    Priv2
    1 2

    View Slide

  54. ! !
    4
    1 2

    View Slide

  55. ! !
    4+/pub2
    1 2

    View Slide

  56. ! !
    4
    1 2
    /

    View Slide

  57. ! !
    4
    1 2
    /

    View Slide

  58. ! !
    4+/priv2
    1 2
    /

    View Slide

  59. ! !
    1 2
    4

    View Slide

  60. Signatures
    5

    View Slide

  61. ! !
    4+/priv1
    1 2

    View Slide

  62. ! !
    1 2
    4
    0

    View Slide

  63. ! !
    1 2
    4
    0

    View Slide

  64. ! !
    4+/pub1
    1 2
    0

    View Slide

  65. ! !
    1 2

    View Slide

  66. Public Key
    Encryption
    1

    View Slide

  67. PGP
    SSH
    SSL
    TLS
    BitCoin
    ….
    1

    View Slide

  68. /
    Pub1?
    /
    Pub2?

    View Slide

  69. Digital
    Certificates
    International
    0

    View Slide

  70. Verisign

    View Slide

  71. Certificate
    Authorities
    0

    View Slide

  72. 0
    0
    /
    Pub1?
    /
    Pub2?
    0
    Root

    View Slide

  73. LetsEncrypt
    7

    View Slide

  74. letsencrypt.org

    View Slide

  75. Crypto
    Wars
    8

    View Slide

  76. Ammunition

    View Slide

  77. Netscape
    9

    View Slide

  78. 2000 MTOPS
    !

    View Slide

  79. View Slide

  80. View Slide

  81. 2017
    :

    View Slide

  82. Crypto Wars
    Round 2
    ;

    View Slide

  83. Snowden
    Manning
    Assange
    <

    View Slide

  84. “…the N.S.A. has been deliberately
    weakening the international
    encryption standards adopted by
    developers. One goal … was to
    ‘influence policies, standards and
    specifications for commercial
    public key technologies’…”
    76
    - New York Times, 6 Sept 2013

    View Slide

  85. Increased Law
    Enforcement
    =

    View Slide

  86. http://www.dailymail.co.uk/wires/reuters/article-4350416/UK-minister-says-
    encryption-messaging-services-unacceptable.html

    View Slide

  87. Chat Apps
    :

    View Slide

  88. https://www.eff.org/node/82654

    View Slide

  89. Virgil
    Security

    View Slide

  90. Create private key
    & public Virgil Card

    View Slide

  91. Push Virgil Card to server

    View Slide

  92. Publish card to Virgil

    View Slide

  93. Encrypt data

    View Slide

  94. Decrypt data

    View Slide

  95. Demo
    %

    View Slide

  96. Virgil
    Security
    >

    View Slide

  97. demo-ip-messaging.virgilsecurity.com

    View Slide

  98. virgilsecurity.com
    %

    View Slide

  99. Encryption
    201
    ?

    View Slide

  100. 2047
    ?

    View Slide

  101. Total
    Security
    @

    View Slide

  102. Total
    Privacy
    %

    View Slide

  103. Human
    Error
    A

    View Slide

  104. Slingshot
    Security
    B

    View Slide

  105. Quantum
    Entanglement
    -

    View Slide

  106. Large Integer
    Factorization!
    ÷

    View Slide

  107. Post-QC
    Encryption
    7

    View Slide

  108. Quantum
    Key
    Exchange
    -

    View Slide

  109. Quantum
    Key
    Exchange
    -

    View Slide

  110. 2047
    ?

    View Slide

  111. 2117
    ?

    View Slide

  112. Thank you!
    @cbetta betta.io
    Cristiano Betta
    @virgilsecurity virgilsecurity.com
    Virgil Security

    View Slide