Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
The State of Encryption
Search
Cristiano Betta
June 08, 2017
Technology
0
370
The State of Encryption
My talk from DevTalks Bucharest 2017
Cristiano Betta
June 08, 2017
Tweet
Share
More Decks by Cristiano Betta
See All by Cristiano Betta
Docs as Engineering - DevRelCon London 2019
cbetta
0
150
DevRelCon London 2019 - Developer Experience Workshop
cbetta
0
140
DevRelCon London 2019 - Developer Experience Workshop
cbetta
0
330
The 7 Deadly Sins of Developer Experience (DevRelCon Tokyo)
cbetta
0
4.1k
Developer Experience Workshop
cbetta
1
590
The 7 Deadly Sins of Developer Onboarding
cbetta
0
190
A brick by brick guide to developer experience
cbetta
2
640
Hackathons Workshop
cbetta
0
310
This strange planet earth
cbetta
0
380
Other Decks in Technology
See All in Technology
完璧を目指さない小さく始める信頼性向上
kakehashi
PRO
0
120
私とAWSとの関わりの歩み~意志あるところに道は開けるかも?~
nagisa53
1
140
メモ整理が苦手な者による頑張らないObsidian活用術
optim
0
150
増え続ける脆弱性に立ち向かう: 事前対策と優先度づけによる 持続可能な脆弱性管理 / Confronting the Rise of Vulnerabilities: Sustainable Management Through Proactive Measures and Prioritization
nttcom
1
220
VLMサービスを用いた請求書データ化検証 / SaaSxML_Session_1
sansan_randd
0
140
ファインディにおける Dataform ブランチ戦略
hiracky16
0
220
経理出身PdMがAIプロダクト開発を_ハンズオンで学んだ話.pdf
shunsukenarita
1
240
TypeScript 上達の道
ysknsid25
23
4.9k
Recoil脱却の現状と挑戦
kirik
3
480
[MIRU25] NaiLIA: Multimodal Retrieval of Nail Designs Based on Dense Intent Descriptions
keio_smilab
PRO
1
150
AI工学特論: MLOps・継続的評価
asei
10
2.1k
M365アカウント侵害時の初動対応
lhazy
7
5.2k
Featured
See All Featured
Fashionably flexible responsive web design (full day workshop)
malarkey
407
66k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
18
1k
Done Done
chrislema
184
16k
Facilitating Awesome Meetings
lara
54
6.5k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
507
140k
The Straight Up "How To Draw Better" Workshop
denniskardys
235
140k
The World Runs on Bad Software
bkeepers
PRO
70
11k
Large-scale JavaScript Application Architecture
addyosmani
512
110k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
44
2.4k
Speed Design
sergeychernyshev
32
1k
jQuery: Nuts, Bolts and Bling
dougneiner
63
7.8k
The Illustrated Children's Guide to Kubernetes
chrisshort
48
50k
Transcript
Qeb Pqxqb lc Bkzovmqflk Rfc Qryrc md Clapwnrgml Sgd Rszsd
ne Dmbqxoshnm The State of Encryption Uif Tubuf pg Fodszqujpo Vjg Uvcvg qh Gpetarvkqp Wkh Vwdwh ri Hqfubswlrq ! Cristiano Betta | @cbetta
Qeb Pqxqb lc Bkzovmqflk Rfc Qryrc md Clapwnrgml Sgd Rszsd
ne Dmbqxoshnm The State of Encryption Uif Tubuf pg Fodszqujpo Vjg Uvcvg qh Gpetarvkqp Wkh Vwdwh ri Hqfubswlrq
1987
None
The living Daylights "
The living Daylights "
None
None
The Real Spies #
None
None
None
None
Hide
Hide%
Microdot
None
1mm 1mm 1mm
MA-4450 '
MA-4450 '
Rotation Sheets (
Jackpot )))
Cristiano Betta @cbetta
♥ security + virgilsecurity.com + betta.io
, security expert + virgilsecurity.com + betta.io
Encryption 101 %
Entropy -
None
11111111111111111111 11111111111111111111 11111111111111111111 11111111111111111111 11111111111111111111 H = 0
11111111111111111111 11111111111111111111 11111111110000000000 00000000000000000000 00000000000000000000 H = 1
RAR(50x1+50x0) H ~= 5
TrueCrypt(RAR) H ~= 7.8
RC4 .
! ! /1 /1
1984 .
Certified Security 0
Diffie- Hellman 1
Color Exchange 2
A B
A B Common Common
A B Common Common Secret Secret
A B Public Mix Public Mix
Public Mix A B Public Mix
Public Mix A B Public Mix
Public Mix A B Public Mix Secret Secret
A B Common Secret Common Secret
1-way functions 3
X*Y = 143 X > 1 Y > 1 3
3 X*Y = 143 X = 11 Y = 13
X*Y = 10,967,535,067 X = 104723 Y = 104729
Public Key Encryption 1
Asymmetric Encryption 1
! / / Pub1 Priv1 ! / / Pub2 Priv2
1 2
! ! 4 1 2
! ! 4+/pub2 1 2
! ! 4 1 2 /
! ! 4 1 2 /
! ! 4+/priv2 1 2 /
! ! 1 2 4
Signatures 5
! ! 4+/priv1 1 2
! ! 1 2 4 0
! ! 1 2 4 0
! ! 4+/pub1 1 2 0
! ! 1 2 ◦
Public Key Encryption 1
PGP SSH SSL TLS BitCoin …. 1
/ Pub1? / Pub2?
Digital Certificates International 0
Verisign
Certificate Authorities 0
0 0 / Pub1? / Pub2? 0 Root
LetsEncrypt 7
letsencrypt.org
Crypto Wars 8
Ammunition
Netscape 9
2000 MTOPS !
None
None
2017 :
Crypto Wars Round 2 ;
Snowden Manning Assange <
“…the N.S.A. has been deliberately weakening the international encryption standards
adopted by developers. One goal … was to ‘influence policies, standards and specifications for commercial public key technologies’…” 76 - New York Times, 6 Sept 2013
Increased Law Enforcement =
http://www.dailymail.co.uk/wires/reuters/article-4350416/UK-minister-says- encryption-messaging-services-unacceptable.html
Chat Apps :
https://www.eff.org/node/82654
Virgil Security
Create private key & public Virgil Card
Push Virgil Card to server
Publish card to Virgil
Encrypt data
Decrypt data
Demo %
Virgil Security >
demo-ip-messaging.virgilsecurity.com
virgilsecurity.com %
Encryption 201 ?
2047 ?
Total Security @
Total Privacy %
Human Error A
Slingshot Security B
Quantum Entanglement -
Large Integer Factorization! ÷
Post-QC Encryption 7
Quantum Key Exchange -
Quantum Key Exchange -
2047 ?
2117 ?
Thank you! @cbetta betta.io Cristiano Betta @virgilsecurity virgilsecurity.com Virgil Security