Upgrade to PRO for Only $50/Year—Limited-Time Offer! 🔥

Crypto 101 by Laurens Van Houtven

Avatar for PyCon 2013 PyCon 2013
March 16, 2013
Programming
10
1.6k

Crypto 101 by Laurens Van Houtven

Avatar for PyCon 2013

PyCon 2013

March 16, 2013
Tweet

More Decks by PyCon 2013

See All by PyCon 2013
Bayesian statistics made simple by Allen Downey
Avatar for PyCon 2013 pyconslides
32
6.5k
Python for Humans
Avatar for PyCon 2013 pyconslides
40
6.8k
Contribute with me! Getting started with the tools of free software development by Jessica McKellar
Avatar for PyCon 2013 pyconslides
11
2.1k
ApplePy: An Apple ][ emulator in Python by James Tauber
Avatar for PyCon 2013 pyconslides
3
1.7k
Use curses, don't swear by Sean Zicari
Avatar for PyCon 2013 pyconslides
2
1.5k
Namespaces in Python by Eric Snow
Avatar for PyCon 2013 pyconslides
9
2k
Internationalization and Localization Done Right by Ruchi Varshney
Avatar for PyCon 2013 pyconslides
9
1.2k
"Good Enough" is good enough! by Alex Martelli
Avatar for PyCon 2013 pyconslides
13
2.6k
Plover: Thought to Text at 240 WPM by Mirabai Knight
Avatar for PyCon 2013 pyconslides
1
1.3k

Other Decks in Programming

See All in Programming
안드로이드 9년차 개발자, 프론트엔드 주니어로 커리어 리셋하기
Avatar for Seungmin 마량 maryang
1
130
AI時代を生き抜く 新卒エンジニアの生きる道
Avatar for coconala_engineer coconala_engineer
1
420
開発に寄りそう自動テストの実現
Avatar for Hiroki Iseri goyoki
2
1.4k
PC-6001でPSG曲を鳴らすまでを全部NetBSD上の Makefile に押し込んでみた / osc2025hiroshima
Avatar for Izumi Tsutsui tsutsui
0
170
「コードは上から下へ読むのが一番」と思った時に、思い出してほしい話
Avatar for HideyukiKitao panda728
PRO
39
26k
ZJIT: The Ruby 4 JIT Compiler / Ruby Release 30th Anniversary Party
Avatar for Takashi Kokubun k0kubun
1
270
リリース時」テストから「デイリー実行」へ!開発マネージャが取り組んだ、レガシー自動テストのモダン化戦略
Avatar for goataka (GOAMI Takaaki) goataka
0
140
Flutter On-device AI로 완성하는 오프라인 앱, 박제창 @DevFest INCHEON 2025
Avatar for JaiChangPark itsmedreamwalker
1
150
SwiftUIで本格音ゲー実装してみた
Avatar for 蛋白(たんぱく・TANPACT) hypebeans
0
490
AIコーディングエージェント(Manus)
Avatar for kondai kondai24
0
210
マスタデータ問題、マイクロサービスでどう解くか
Avatar for Kato Keisuke kts
0
120
re:Invent 2025 のイケてるサービスを紹介する
Avatar for maroon1st maroon1st
0
150

Featured

See All Featured
Measuring & Analyzing Core Web Vitals
Avatar for Philip Tellis bluesmoon
9
710
Music & Morning Musume
Avatar for Bryan Veloso bryan
46
7k
Fireside Chat
Avatar for paigeccino paigeccino
41
3.8k
Producing Creativity
Avatar for Steve Smith orderedlist
PRO
348
40k
Testing 201, or: Great Expectations
Avatar for Joseph Mastey jmmastey
46
7.8k
Effective software design: The role of men in debugging patriarchy in IT @ Voxxed Days AMS
Avatar for Kenny Baas-Schwegler baasie
0
170
Max Prin - Stacking Signals: How International SEO Comes Together (And Falls Apart)
Avatar for Tech SEO Connect techseoconnect
PRO
0
49
The Cost Of JavaScript in 2023
Avatar for Addy Osmani addyosmani
55
9.4k
Docker and Python
Avatar for Tania Allard trallard
47
3.7k
Building Experiences: Design Systems, User Experience, and Full Site Editing
Avatar for Michelle Schulp Hunt marktimemedia
0
330
Claude Code どこまでも/ Claude Code Everywhere
Avatar for nwiizo nwiizo
61
47k
Become a Pro
Avatar for Speaker Deck speakerdeck
PRO
31
5.7k

Transcript

  1. Crypto 101 @lvh

  2. @lvh [email protected]

  3. None
  4. None
  5. None

  6. POST /quantum HTTP/1.1

  7. None

  8. Lightning Talk Version

  9. In motion: TLS

  10. At rest: GPG

  11. (Py)NaCl KeyCzar cryptlib

  12. If you are typing the letters A-E-S into your code,

    you’re doing it wrong.

  13. DES: extra wrong MD5, SHA: maybe wrong

  14. Why stay?

  15. Recognizing wrong stuff still matters

  16. Understanding stuff still matters

  17. None
  18. None

  19. xor

  20. 1 ^ 0 == 1 0 ^ 1 == 1

  21. 1 ^ 1 == 0 0 ^ 0 == 0

  22. Invert? Input Output

  23. Invert: yes (1) Input: 1 Output: 0

  24. Invert: no (0) Input: 1 Output: 1

  25. One-time Pad

  26. 1110010101010110 1010100000111101 0100101010101010 ...

  27. OTP crypto XWCVPR

  28. Perfect secrecy

  29. 0? 1? 1

  30. 1? 0? 1

  31. None
  32. None
  33. None

  34. Victory!

  35. len(one_time_pad)

  36. == len(all_data_ever)

  37. == very_big_number

  38. Exchange?

  39. Ciphers

  40. Block Ciphers

  41. Block Cipher Key abc XYZ Ciphertext Same fixed size Plaintext

    Fixed size

  42. P C

  43. Random permutation

  44. 000: 001 001: 010 010: 111 011: 000 100: 110

    101: 011 110: 100 111: 101

  45. x, C(k, x) vs y, C(k, y)

  46. P C

  47. AES

  48. Blowfish/Twofish

  49. DES/3DES

  50. Victory!

  51. “Hello”

  52. with open(“x.jpg”) as f: send(f, you)

  53. Block Cipher

  54. len(message) > block_size

  55. aes.block_size == 128 (16 bytes)

  56. Stream Ciphers

  57. Native stream ciphers

  58. RC4

  59. Salsa20 ChaCha20

  60. Implemented as construction with block ciphers

  61. abcdefghijklmnopqrstuvw C k C k C k C k C

    k C k C k { { { { { { { { C k padding KEGASVTPCFDRUWBOJNMHXQIL { { { { { { { {

  62. ECB

  63. plaintext chunk ciphertext chunk

  64. None
  65. None
  66. None
  67. None

  68. Replay Attacks

  69. None
  70. None

  71. Block Cipher Modes of Operation

  72. ECB, (P)CBC, CFB, OFB, CTR

  73. ECB, (P)CBC, CFB, OFB, CTR

  74. CBC

  75. Most common in the wild

  76. BEAST

  77. CTR

  78. {nonce}{count:08d}

  79. D501320200000000 D501320200000001 D501320200000002 Nonce Count . . .

  80. C k C k D501320200000000, D501320200000001, ... D1DC4D1FE3679212, 0FD25C7B1CF46485, ...

  81. D1DC4D1FE3679212 0FD25C7B1CF46485 ...

  82. Keystream

  83. Pseudo-OTP

  84. GCM, EAX, OCB, IAPM, CCM, CWC

  85. GCM, EAX, OCB, IAPM, CCM, CWC

  86. PATENT PENDING

  87. Victory!

  88. None

  89. Key exchange?

  90. In person?

  91. None

  92. O(n2)

  93. Diffie-Hellman Key Exchange

  94. None

  95. = +

  96. = + +

  97. - =

  98. Internet Me You

  99. None

  100. + = + =

  101. None
  102. None

  103. + = + =

  104. = + + + +

  105. Victory!

  106. None

  107. Cease fire! ZSTAMUTJMEFFILH Cease fire!

  108. Attack at dawn! HUWKEMMQTXMR Attack at dawn!

  109. Authenticity

  110. sender == expected_sender

  111. message == expected_message

  112. Encryption without authentication

  113. Almost certainly wrong

  114. Attackers don’t need to decrypt to modify

  115. Cryptographic hash functions

  116. lorem ipsum 358d846c39 digest (state) fixed size message arbitrary size

    Hash Function

  117. lorem ipsum 358d846c39 Hash Function

  118. lorem ipsum 358d846c39 Hash Function

  119. lorem python 358d846c39 lorem ipsum 358d846c39 Hash Function Hash Function

  120. lorem python 358d846c39 lorem ipsum 358d846c39 Hash Function Hash Function

  121. That’s it.

  122. H(x) can be used to compute H(f(x))

  123. Extension attacks

  124. hf = HF(“hello pycon\n”) hf.update(“how are you”) hf.hexdigest()

  125. hf = HF(state=your_hash) hf.update(my_string) hf.hexdigest()

  126. my_string = “\nI am not attending, because I have switched

    to PHP”

  127. Payment processor

  128. MD5(secret + amount)

  129. $12.00: “1200”

  130. hf = HF(state=your_hash) hf.update(“0” * 12) hf.hexdigest()

  131. bwall/HashPump

  132. SHA-3 era: fixed (SHA-3, BLAKE2)

  133. SHA-256, SHA-3 (both are fine)

  134. BLAKE2

  135. MAC

  136. H(x) can be used to compute H(f(x))

  137. MAC(k, x) says nothing about MAC(k, f(x))

  138. MAC(k, x) says nothing about MAC(k, y)

  139. HMAC

  140. hmac(k, hf, msg)

  141. import hmac

  142. Password storage

  143. CHFs are WRONG

  144. password 45ed8f8c31 Hash Function

  145. Brute force?

  146. None

  147. ATI HD 5970, 2GB 5.6e9 MD5/s 2.3e9 SHA2/s

  148. None

  149. SHA-3?

  150. lorem ipsum 358d846c39 Hash Function

  151. SHA-2-256: 14 cpb SHA-3-256: 11 cpb (Intel Ivy Bridge/Sandy Bridge)

  152. Salts?

  153. Dictionary attacks

  154. KDFs should be hard to compute

  155. bcrypt (tunably) time-hard

  156. scrypt time- and space-hard

  157. Sender authentication?

  158. None

  159. Public key Cryptography

  160. None
  161. None
  162. None

  163. Key generation

  164. me me you you

  165. me you

  166. Encryption

  167. PK Enc you hello world BXUWD VWQEF

  168. Decryption

  169. PK Dec you hello world BXUWD VWQEF you

  170. Signing

  171. Anyone can use my public key

  172. How do I know you’re you?

  173. PK Dec you Signature HF(m) you

  174. PK Enc you Signature HF(m)

  175. RSA

  176. Victory!

  177. “me” == actually me?

  178. Chains of signatures

  179. I don’t trust you.

  180. But X trusts you.

  181. And I trust X.

  182. So I trust you.

  183. GPG key signing

  184. SSL

  185. TLS

  186. None

  187. version, ciphersuites, ...

  188. Key exchange method (RSA, DH, ...)

  189. Signing algorithm (RSA, DSA, ECDSA)

  190. Bulk encryption algorithm (AES-CBC, RC4...)

  191. MAC algorithm (HMAC-{MD5, SHA2})

  192. version, ciphersuites, ...

  194. RSA Enc srvr random secret OUTDX BHXUS

  195. OUTDXBHXUS

  196. RSA Dec srvr random secret OUTDX BHXUS srvr

  197. random secret AES MAC random secret AES MAC

  198. MAC

  199. None

  200. Encrypted + Authenticated

  202. None

  203. CAs

  204. ...

  205. None

  206. valid vs trustworthy?

  207. valid vs trustworthy?

  208. What if I plant a root cert?

  209. sslbump

  210. ICAP/eCAP

  211. lvh/minitrue

  212. Questions?

  213. Timing attacks

  214. Side-channel

  215. Implementation, not theory

  216. None
  217. None
  218. None
  219. None
  220. None

  221. provided == password

  222. compare length

  223. compare byte by byte

  224. “abc” == “xyz”

  225. “abc” == “ayz”

  226. “abc” == “abz”

  227. len(alpha) ** len(pw)

  228. X * X * X * .... len(alpha) possibilities len(pwd)

    times

  229. k * len(alpha) * len(pw) possibilities measurements characters

  230. More TLS

  231. Client certificates

  232. Ephemeral Diffie-Hellman

  233. Elliptic Curves ECDH/ECDSA