The State of Encryption

E0ee803f10db4d5fb85f8288a421850b?s=47 Cristiano Betta
June 08, 2017
Technology
0
64

The State of Encryption

My talk from DevTalks Bucharest 2017

E0ee803f10db4d5fb85f8288a421850b?s=128

Cristiano Betta

June 08, 2017
Tweet

Want more?

E0ee803f10db4d5fb85f8288a421850b?s=48 cbetta
0
80
E0ee803f10db4d5fb85f8288a421850b?s=48 cbetta
0
49
E0ee803f10db4d5fb85f8288a421850b?s=48 cbetta
0
16
3ab1249be442027903e1180025340b3f?s=48 reverentgeek
1
130
A9a491b0fcbe0fbce3d64063a37add99?s=48 rmw
1
67
766b9746b59e6f09e280cd33cf4ed419?s=48 skipperchong
0
65
61857dafbd287b3027c4dcea9008ad3c?s=48 carmenhchung
4
130
06f8b41980eb4c577fa40c41d5030c19?s=48 keathley
3
150
C0390e8b11079f8761c0cd3274ed61cb?s=48 productmarketing
2
220
C35e01544a0dd94a2cf1619ee8a42ebb?s=48 clairelew
2
410
6bb82b13cda86d3b821fa44100335ddf?s=48 thoeni
1
110
B3ace07412a5178ea778e7eec161fc0a?s=48 jcasabona
4
200

Transcript

  1. 1.

    Qeb Pqxqb lc Bkzovmqflk Rfc Qryrc md Clapwnrgml Sgd Rszsd

    ne Dmbqxoshnm The State of Encryption Uif Tubuf pg Fodszqujpo Vjg Uvcvg qh Gpetarvkqp Wkh Vwdwh ri Hqfubswlrq ! Cristiano Betta | @cbetta
  2. 2.

    Qeb Pqxqb lc Bkzovmqflk Rfc Qryrc md Clapwnrgml Sgd Rszsd

    ne Dmbqxoshnm The State of Encryption Uif Tubuf pg Fodszqujpo Vjg Uvcvg qh Gpetarvkqp Wkh Vwdwh ri Hqfubswlrq
  3. 3.

    1987

  4. 4.
    None
  5. 5.

    The living Daylights "

  6. 6.

    The living Daylights "

  7. 7.
    None
  8. 8.
    None
  9. 9.

    The Real Spies #

  10. 10.
    None
  11. 11.
    None
  12. 12.
    None
  13. 13.
    None
  14. 14.

     Hide

  15. 15.

     Hide%

  16. 16.

    Microdot 

  17. 17.
    None
  18. 18.

    1mm 1mm 1mm

  19. 19.

    MA-4450 '

  20. 20.

    MA-4450 '

  21. 21.

    Rotation Sheets (

  22. 22.

    Jackpot )))

  23. 23.

    Cristiano 
 Betta @cbetta

  24. 24.

    ♥ security + virgilsecurity.com + betta.io

  25. 25.

    , security expert + virgilsecurity.com + betta.io

  26. 26.

    Encryption 101 %

  27. 27.

    Entropy -

  28. 28.
    None
  29. 29.

    11111111111111111111 11111111111111111111 11111111111111111111 11111111111111111111 11111111111111111111 H = 0

  30. 30.

    11111111111111111111 11111111111111111111 11111111110000000000 00000000000000000000 00000000000000000000 H = 1

  31. 31.

    RAR(50x1+50x0) H ~= 5

  32. 32.

    TrueCrypt(RAR) H ~= 7.8

  33. 33.

    RC4 .

  34. 34.

    ! ! /1 /1

  35. 35.

    1984 .

  36. 36.

    Certified Security 0

  37. 37.

    Diffie- Hellman 1

  38. 38.

    Color Exchange 2

  39. 39.

    A B

  40. 40.

    A B Common Common

  41. 41.

    A B Common Common Secret Secret

  42. 42.

    A B Public Mix Public Mix

  43. 43.

    Public Mix A B Public Mix

  44. 44.

    Public Mix A B Public Mix

  45. 45.

    Public Mix A B Public Mix Secret Secret

  46. 46.

    A B Common Secret Common Secret

  47. 47.

    1-way functions 3

  48. 48.

    X*Y = 143 X > 1 Y > 1 3

  49. 49.

    3 X*Y = 143 X = 11 Y = 13

  50. 50.

    X*Y = 10,967,535,067 X = 104723 Y = 104729

  51. 51.

    Public Key Encryption 1

  52. 52.

    Asymmetric Encryption 1

  53. 53.

    ! / / Pub1 Priv1 ! / / Pub2 Priv2

    1 2
  54. 54.

    ! ! 4 1 2

  55. 55.

    ! ! 4+/pub2 1 2

  56. 56.

    ! ! 4 1 2 /

  57. 57.

    ! ! 4 1 2 /

  58. 58.

    ! ! 4+/priv2 1 2 /

  59. 59.

    ! ! 1 2 4

  60. 60.

    Signatures 5

  61. 61.

    ! ! 4+/priv1 1 2

  62. 62.

    ! ! 1 2 4 0

  63. 63.

    ! ! 1 2 4 0

  64. 64.

    ! ! 4+/pub1 1 2 0

  65. 65.

    ! ! 1 2 ◦

  66. 66.

    Public Key Encryption 1

  67. 67.

    PGP SSH SSL TLS BitCoin …. 1

  68. 68.

    / Pub1? / Pub2?

  69. 69.

    Digital Certificates International 0

  70. 70.

    Verisign

  71. 71.

    Certificate Authorities 0

  72. 72.

    0 0 / Pub1? / Pub2? 0 Root

  73. 73.

    LetsEncrypt 7

  74. 74.

    letsencrypt.org

  75. 75.

    Crypto Wars 8

  76. 76.

    Ammunition

  77. 77.

    Netscape 9

  78. 78.

    2000 MTOPS !

  79. 79.
    None
  80. 80.
    None
  81. 81.

    2017 :

  82. 82.

    Crypto Wars Round 2 ;

  83. 83.

    Snowden Manning Assange <

  84. 84.

    “…the N.S.A. has been deliberately weakening the international encryption standards

    adopted by developers. One goal … was to ‘influence policies, standards and specifications for commercial public key technologies’…” 76 - New York Times, 6 Sept 2013
  85. 85.

    Increased Law Enforcement =

  86. 86.

    http://www.dailymail.co.uk/wires/reuters/article-4350416/UK-minister-says- encryption-messaging-services-unacceptable.html

  87. 87.

    Chat Apps :

  88. 88.

    https://www.eff.org/node/82654

  89. 89.

    Virgil Security

  90. 90.

    Create private key & public Virgil Card

  91. 91.

    Push Virgil Card to server

  92. 92.

    Publish card to Virgil

  93. 93.

    Encrypt data

  94. 94.

    Decrypt data

  95. 95.

    Demo %

  96. 96.

    Virgil Security >

  97. 97.

    demo-ip-messaging.virgilsecurity.com

  98. 98.

    virgilsecurity.com %

  99. 99.

    Encryption 201 ?

  100. 100.

    2047 ?

  101. 101.

    Total Security @

  102. 102.

    Total Privacy %

  103. 103.

    Human Error A

  104. 104.

    Slingshot Security B

  105. 105.

    Quantum Entanglement -

  106. 106.

    Large Integer Factorization! ÷

  107. 107.

    Post-QC Encryption 7

  108. 108.

    Quantum Key Exchange -

  109. 109.

    Quantum Key Exchange -

  110. 110.

    2047 ?

  111. 111.

    2117 ?

  112. 112.

    Thank you! @cbetta betta.io Cristiano Betta @virgilsecurity virgilsecurity.com Virgil Security