Encryption Without Magic, Risk Management Without Pain

Encryption Without Magic, Risk Management Without Pain

#security #crypto #databases #notmobile #trust #infrastructures #separation-of-duties #echelonization

1. What is attack surface, how cryptography helps to narrow it.
2. Simple crypto-systems, but significant downsides.
3. Middleware-side encryption: protecting data in web-based infrastructures.
4. Client-side encryption: trust to mobile apps and code execution. E2EE. ZKA. ZKP.
5. Echelonization, and traditional techniques.


If you can't tap on the link inside slides, please open as pdf (button on the right).


In-depth technical inquiry about cryptography in a wider context: how it helps to narrow more significant risks to controlled attack surfaces, enables managing the risk efficiently and elegantly, how tools and algorithms sit in a broader context of managing infrastructure-wide risks associated with handling sensitive data.


Links to follow:

12 and 1 ideas how to enhance backend data security

Explain Like I’m 5: Zero Knowledge Proof

DevOps and security: from trenches to command centers

GDPR for engineers



March 04, 2018