Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Cryptography for lovers 💖

Avatar for Eva Ferreira Eva Ferreira
June 19, 2025
Programming
0
6

Cryptography for lovers 💖

DevSum - June 2025
Avatar for Eva Ferreira

Eva Ferreira

June 19, 2025
Tweet

More Decks by Eva Ferreira

See All by Eva Ferreira
Bulletproof your Design system
Avatar for Eva Ferreira evaferreira
0
23
Good intentions gone bad
Avatar for Eva Ferreira evaferreira
0
240
Bulletproof your Design System
Avatar for Eva Ferreira evaferreira
0
120
Tales of Accessibility Failures
Avatar for Eva Ferreira evaferreira
0
47
Tales of Accessibility Failures
Avatar for Eva Ferreira evaferreira
0
200
La accesibilidad de todos los días - HackAcademy
Avatar for Eva Ferreira evaferreira
0
130
Rescue the Dead Horse
Avatar for Eva Ferreira evaferreira
0
130
De 45 a 85
Avatar for Eva Ferreira evaferreira
0
95
Oda a la década++
Avatar for Eva Ferreira evaferreira
1
130

Other Decks in Programming

See All in Programming
Javaに鉄道指向プログラミング (Railway Oriented Pro gramming) のエッセンスを取り入れる/Bringing the Essence of Railway-Oriented Programming to Java
Avatar for takumi.okamoto cocet33000
2
540
iOSアプリ開発で 関数型プログラミングを実現する The Composable Architectureの紹介
Avatar for yimajo yimajo
2
210
UPDATEがシステムを複雑にする? イミュータブルデータモデルのすすめ
Avatar for a.shimomura shimomura
1
530
コード書くの好きな人向けAIコーディング活用tips #orestudy
Avatar for Hiromi Hishida 77web
3
300
Team topologies and the microservice architecture: a synergistic relationship
Avatar for Chris Richardson cer
PRO
0
130
Passkeys for Java Developers
Avatar for Yoshikazu Nojima ynojima
3
850
PT AI без купюр
Avatar for Vladimir Kochetkov v0lka
0
230
業務自動化をJavaとSeleniumとAWS Lambdaで実現した方法
Avatar for GreenFlagProject greenflagproject
1
100
Java on Azure で LangGraph!
Avatar for Kohei Saito kohei3110
0
110
社内での開発コミュニティ活動とモジュラーモノリス標準化事例のご紹介/xPalette and Introduction of Modular monolith standardization
Avatar for Mitsuharu Maruyama m4maruyama
1
120
Development of an App for Intuitive AI Learning - Blockly Summit 2025
Avatar for Teba_eleven teba_eleven
0
110
複数アプリケーションを育てていくための共通化戦略
Avatar for irof irof
10
3.8k

Featured

See All Featured
Let's Do A Bunch of Simple Stuff to Make Websites Faster
Avatar for Chris Coyier chriscoyier
507
140k
Writing Fast Ruby
Avatar for Erik Berlin sferik
628
61k
Designing Dashboards & Data Visualisations in Web Apps
Avatar for Des Traynor destraynor
231
53k
XXLCSS - How to scale CSS and keep your sanity
Avatar for Zaharenia Atzitzikaki sugarenia
248
1.3M
For a Future-Friendly Web
Avatar for Brad Frost brad_frost
179
9.8k
The Invisible Side of Design
Avatar for Vitaly Friedman smashingmag
299
51k
Why Our Code Smells
Avatar for Brandon Keepers bkeepers
PRO
337
57k
The Pragmatic Product Professional
Avatar for Laura Van Doore lauravandoore
35
6.7k
Distributed Sagas: A Protocol for Coordinating Microservices
Avatar for Caitie McCaffrey caitiem20
331
22k
Improving Core Web Vitals using Speculation Rules API
Avatar for Sergey Chernyshev sergeychernyshev
16
920
It's Worth the Effort
Avatar for 3n 3n
184
28k
Fireside Chat
Avatar for paigeccino paigeccino
37
3.5k

Transcript

  1. Cryptography for lovers Eva Ferreira

  2. Hi, I’m Eva! Front-end Engineer @ mabl Google Developer Expert

    & CSSConf Argentina organizer @evaferreira92

  3. Eva’s cipher Let’s travel back to 2002 @evaferreira92

  4. None

  5. “New alphabet” @evaferreira92

  6. Ñ

  7. None

  8. Machete

  9. None

  10. E S T O Y E N A M O

    R A D A D E P E D R O

  11. Two things I did not know @evaferreira92

  12. 1. Pedro would grow up to become an asshole. @evaferreira92

  13. 2. I had created an Eva’s version cipher. @evaferreira92

  14. Cipher @evaferreira92

  15. Cypher Algorithm to encrypt and decrypt data @evaferreira92

  16. Cypher A private alphabet between me and my best friend

    to talk about which boy we liked in primary school @evaferreira92

  17. The magic of good encryption Keys, secrecy of the keys

    and randomness

  18. Key - The tiny paper • Not just a system

    • It’s a code • It’s, ideally, random @evaferreira92

  19. Randomness High quality and unpredictable @evaferreira92

  20. asdfasdfasdfasdfs

  21. asdfasdfasdfasdfs Predictable gibberish.

  22. Not random, not safe @evaferreira92

  23. Good encryption Keep your key safe Keep it random @evaferreira92

  24. Encryption through history Back to the future past

  25. 1,900 BC – Egypt

  26. 1,500 BC – Mesopotamia

  27. 700 BC – Greeks - Scytale

  28. 100 BC – Cesar’s cipher

  29. 700 AD – al-Khalil

  30. Pre-modern Cryptography • To make tombs more sophisticated • Just

    for fun • Selling goods • War and battles @evaferreira92

  31. Analogic encryption Just paper, you don’t need anything else! @evaferreira92

  32. Classical ciphers • Substitution • Transposition • Concealment / Null

    @evaferreira92

  33. Substitution cipher Change X for Y @evaferreira92

  34. Monoalphabetic ciphers X will always encipher to Y @evaferreira92

  35. Cesar’s cipher A B C D E F G H

    I J K L M N O P Q R S T U V W X Y Z @evaferreira92

  36. Cesar’s cipher A B C D E F G H

    I J K L M N O P Q R S T U V W X Y Z @evaferreira92 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

  37. Cesar’s cipher A B C D E F G H

    I J K L M N O P Q R S T U V W X Y Z @evaferreira92 D E F G H I J K L M N O P Q R S T U V W X Y Z A B C

  38. @evaferreira92

  39. WKH PHVVDJH LV RYHU WKH WUHH THE THE

  40. THE PHVVDJH LV RYHU THE WUHH WKH WKH

  41. THE PEVVDJE LV RYEU THE TUEE WKH H H H

    WKH W HH

  42. THE PEVVDJE LV RYEU THE TREE WKH H H H

    WKH WUHH

  43. THE PEVVDJE LV RYER THE TREE WKH H H HU

    WKH WUHH

  44. THE PEVVDJE IS OVER THE TREE WKH H H LV

    RYHU WKH WUHH

  45. THE PESSDJE IS OVER THE TREE WKH HVV H LV

    RYHU WKH WUHH

  46. THE MESSAGE IS OVER THE TREE WKH PHVVDJH LV RYHU

    WKH WUHH

  47. Or you could just count the letters and realized it’s

    -3 to the right

  48. Relative frequency of letters

  49. Eva Vs. Cesar • Cesar’s cipher  Lacked a key

     Lacked randomness • My 10-year-old cipher was better than Cesar’s • It also had an ñ @evaferreira92

  50. Once you know, you know.

  51. Polyalphabetic ciphers 1,300 AD onwards

  52. Vigenère •Mid XVI Century • Used by The Confederates during

    the American Civil War • “Build on top of” Giovan Battista Bellaso work on polyalphabetic ciphers Trithemius’ Tabula recta @evaferreira92

  53. Vigenère • Multiple Cesars’ ciphers @evaferreira92

  54. Vigenère • Multiple Cesars’ ciphers • Pick a key 

    A word or a phrase  Repeat it until it matches the length of the plaintext  The longer, the better @evaferreira92

  55. Vigenère • DEVSUM • “Karma is a cat” @evaferreira92

  56. Vigenère • karmaisacat • devsumdevsu @evaferreira92

  57. Vigenère Karmaisacat Devsumdevsu @evaferreira92

  58. Vigenère kArmaisacat dEvsumdevsu N @evaferreira92

  59. Vigenère kaRmaisacat deVsumdevsu NE @evaferreira92

  60. Vigenère karmaisacat devsumdevsu NEMEUUVEXSN @evaferreira92

  61. Vigenère karmaisacat devsumdevsu NEMEUUVEXSN @evaferreira92

  62. Vigenère • A letter “X” will not always encipher to

    “Y” • Ideally, the key is as long as the plaintext* • Encrypt twice or more • Play with the alphabet  Add an Ñ, an ẞ, begin with a C, use numbers… @evaferreira92

  63. Transposition cipher Like Scrabble, you scrabble the letters @evaferreira92

  64. Rail Fence H V ! I E S M D

    U @evaferreira92 HV!

  65. Rail Fence H V ! I E S M D

    U @evaferreira92 HV!IESM

  66. Rail Fence H V ! I E S M D

    U @evaferreira92 HV!IESMDU

  67. 700 BC – Greeks - Scytale

  68. Concealment or Null cipher @evaferreira92

  69. Null cipher • Hide messages within words • Used during

    WWI @evaferreira92
  70. None
  71. None

  72. The unbreakable cipher One time pad, mathematically unbreakable @evaferreira92

  73. One time pad (OTP) • Created by Frank Miller in

    1882 • Can be done with just paper • Used by… everyone @evaferreira92

  74. One time pad (OTP)

  75. One time pad (OTP)

  76. None

  77. One Time Pad • Must be truly random • Must

    keep the key secret • Must not be reused @evaferreira92

  78. Analogic encryption • Difficult • Time consuming • You mess

    up…  The whole message is lost  The whole security is lost @evaferreira92

  79. Maybe let’s reduce human involvement? @evaferreira92

  80. Mechanical encryption Electromechanical machines using rotors or cipher wheels @evaferreira92

  81. Rotor machines • Polyalphabetic substitution cipher • “Wheel stepping” 

    Wheels are moved on each key press @evaferreira92
  82. None

  83. Enigma machine

  84. Lorenz cipher

  85. Siemens-Halske machine

  86. Geheimschreiber

  87. WWII is over… What happens after?

  88. ¡Computers! And with great power…

  89. Digital encryption You had two problems @evaferreira92

  90. Digital encryption You had two problems, add technology and now

    you have +1,000 @evaferreira92

  91. Solve: Key secrecy & randomization @evaferreira92

  92. Solving digital randomization ‘Cause computers can’t random like we do!

    @evaferreira92

  93. Pseudo random • Computers are deterministic • True randomness is

    unpredictable  Cannot be created by a deterministic process @evaferreira92

  94. A source of randomness and more power

  95. HRNG • Hardware random number generator (HRNG) • True random

    number generator (TRNG) • Non-deterministic random bit generator (NRBG) @evaferreira92

  96. HRNG • Mouse movements • Time between keystrokes* • Atmospheric

    noise • Lava lamps @evaferreira92

  97. “The Wall of Entropy” @evaferreira92

  98. None

  99. Nonce, salts and IV • Introduce uniqueness to avoid predictable

    outputs • Used in hashing and encryption • No need to keep them a secret @evaferreira92

  100. Randomness • Proper random systems • Additional seasoning for true

    uniqueness @evaferreira92

  101. Solving digital key secrecy Just don’t? @evaferreira92

  102. RSA • Dates back to 1977 • Developed by Ron

    Rivest, Adi Shamir and Leonard Adleman (R S A) • Public and private keys • Prime number factorization @evaferreira92

  103. P * Q = 77 * oversimplified Private key Public

    key

  104. 7 * 11 = 77 “Easy” enough with small numbers

    @evaferreira92

  105. Large prime factors, could take million years.

  106. And we lived happily ever after Fin.

  107. @evaferreira92

  108. Shor’s algorithm • Developed in 1994 • Quantum algorithm for

    finding prime factors of an integer @evaferreira92

  109. P * Q = N

  110. Large prime factors, could take million years.

  111. @evaferreira92

  112. Quantum computers @evaferreira92

  113. Bits Vs. Qubits

  114. Bits. Vs. Qubits Bit

  115. Bits. Vs. Qubits Bit

  116. Bits. Vs. Qubits Bit

  117. Bits. Vs. Qubits Bit

  118. Bits 0 xor 1

  119. Bits. Vs. Qubits Qubit Qubit Qubit Qubit

  120. Bits. Vs. Qubits Qubit Qubit Qubit Qubit Qubit Qubit Qubit

    Qubit Qubit Qubit Qubit Qubit

  121. Qubits

  122. Large prime factors, could take million years.

  123. Large prime factors, could take million years. a few seconds

  124. It was 1994.

  125. @evaferreira92

  126. @evaferreira92

  127. @evaferreira92

  128. Store now, decrypt later.

  129. The search for Post-quantum cryptography After Shor’s algorithm @evaferreira92

  130. NIST National Institute of Standards and Technology @evaferreira92

  131. National metric week @evaferreira92

  132. Post-quantum cryptography • NIST opened a call for proposals in

    2015 • Lots of back and forth and community involvement • 3 new standards ready to use  Interoperable with current systems  https://csrc.nist.gov/projects/post-quantum-cryptography @evaferreira92

  133. Recap • Cryptography has been around for ages • Analogic

    Mechanical Digital • Depends, for good and for bad, on humans • It’s a matter of time; quantum computers will break our current standards • Experts have been working on new quantum- resistant standards for the last 10 years

  134. Thank you! @evaferreira92