Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
The State of Encryption
Search
Cristiano Betta
June 08, 2017
Technology
0
380
The State of Encryption
My talk from DevTalks Bucharest 2017
Cristiano Betta
June 08, 2017
Tweet
Share
More Decks by Cristiano Betta
See All by Cristiano Betta
Docs as Engineering - DevRelCon London 2019
cbetta
0
150
DevRelCon London 2019 - Developer Experience Workshop
cbetta
0
140
DevRelCon London 2019 - Developer Experience Workshop
cbetta
0
340
The 7 Deadly Sins of Developer Experience (DevRelCon Tokyo)
cbetta
0
4.1k
Developer Experience Workshop
cbetta
1
600
The 7 Deadly Sins of Developer Onboarding
cbetta
0
190
A brick by brick guide to developer experience
cbetta
2
650
Hackathons Workshop
cbetta
0
310
This strange planet earth
cbetta
0
390
Other Decks in Technology
See All in Technology
大規模サーバーレスAPIの堅牢性・信頼性設計 〜AWSのベストプラクティスから始まる現実的制約との向き合い方〜
maimyyym
9
4.4k
【Kaigi on Rails 事後勉強会LT】MeはどうしてGirlsに? 私とRubyを繋いだRail(s)
joyfrommasara
0
240
CoRL 2025 Survey
harukiabe
0
170
AIツールでどこまでデザインを忠実に実装できるのか
oikon48
6
3.3k
リセラー企業のテクサポ担当が考える、生成 AI 時代のトラブルシュート 2025
kazzpapa3
1
160
オープンソースでどこまでできる?フォーマル検証チャレンジ
msyksphinz
0
130
Performance Insights 廃止から Database Insights 利用へ/transition-from-performance-insights-to-database-insights
emiki
0
240
これがLambdaレス時代のChatOpsだ!実例で学ぶAmazon Q Developerカスタムアクション活用法
iwamot
PRO
6
1k
神回のメカニズムと再現方法/Mechanisms and Playbook for Kamikai scrumat2025
moriyuya
4
730
後進育成のしくじり〜任せるスキルとリーダーシップの両立〜
matsu0228
7
3.3k
AWS Control Tower に学ぶ! IAM Identity Center 権限設計の第一歩 / IAM Identity Center with Control Tower
y___u
0
150
"プロポーザルってなんか怖そう"という境界を超えてみた@TSUDOI by giftee Tech #1
shilo113
0
180
Featured
See All Featured
ReactJS: Keep Simple. Everything can be a component!
pedronauck
667
120k
Mobile First: as difficult as doing things right
swwweet
224
10k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
140
34k
It's Worth the Effort
3n
187
28k
StorybookのUI Testing Handbookを読んだ
zakiyama
31
6.2k
Fantastic passwords and where to find them - at NoRuKo
philnash
52
3.4k
How to Think Like a Performance Engineer
csswizardry
27
2k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
35
3.2k
Java REST API Framework Comparison - PWX 2021
mraible
33
8.9k
Documentation Writing (for coders)
carmenintech
75
5.1k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
32
2.3k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
48
9.7k
Transcript
Qeb Pqxqb lc Bkzovmqflk Rfc Qryrc md Clapwnrgml Sgd Rszsd
ne Dmbqxoshnm The State of Encryption Uif Tubuf pg Fodszqujpo Vjg Uvcvg qh Gpetarvkqp Wkh Vwdwh ri Hqfubswlrq ! Cristiano Betta | @cbetta
Qeb Pqxqb lc Bkzovmqflk Rfc Qryrc md Clapwnrgml Sgd Rszsd
ne Dmbqxoshnm The State of Encryption Uif Tubuf pg Fodszqujpo Vjg Uvcvg qh Gpetarvkqp Wkh Vwdwh ri Hqfubswlrq
1987
None
The living Daylights "
The living Daylights "
None
None
The Real Spies #
None
None
None
None
Hide
Hide%
Microdot
None
1mm 1mm 1mm
MA-4450 '
MA-4450 '
Rotation Sheets (
Jackpot )))
Cristiano Betta @cbetta
♥ security + virgilsecurity.com + betta.io
, security expert + virgilsecurity.com + betta.io
Encryption 101 %
Entropy -
None
11111111111111111111 11111111111111111111 11111111111111111111 11111111111111111111 11111111111111111111 H = 0
11111111111111111111 11111111111111111111 11111111110000000000 00000000000000000000 00000000000000000000 H = 1
RAR(50x1+50x0) H ~= 5
TrueCrypt(RAR) H ~= 7.8
RC4 .
! ! /1 /1
1984 .
Certified Security 0
Diffie- Hellman 1
Color Exchange 2
A B
A B Common Common
A B Common Common Secret Secret
A B Public Mix Public Mix
Public Mix A B Public Mix
Public Mix A B Public Mix
Public Mix A B Public Mix Secret Secret
A B Common Secret Common Secret
1-way functions 3
X*Y = 143 X > 1 Y > 1 3
3 X*Y = 143 X = 11 Y = 13
X*Y = 10,967,535,067 X = 104723 Y = 104729
Public Key Encryption 1
Asymmetric Encryption 1
! / / Pub1 Priv1 ! / / Pub2 Priv2
1 2
! ! 4 1 2
! ! 4+/pub2 1 2
! ! 4 1 2 /
! ! 4 1 2 /
! ! 4+/priv2 1 2 /
! ! 1 2 4
Signatures 5
! ! 4+/priv1 1 2
! ! 1 2 4 0
! ! 1 2 4 0
! ! 4+/pub1 1 2 0
! ! 1 2 ◦
Public Key Encryption 1
PGP SSH SSL TLS BitCoin …. 1
/ Pub1? / Pub2?
Digital Certificates International 0
Verisign
Certificate Authorities 0
0 0 / Pub1? / Pub2? 0 Root
LetsEncrypt 7
letsencrypt.org
Crypto Wars 8
Ammunition
Netscape 9
2000 MTOPS !
None
None
2017 :
Crypto Wars Round 2 ;
Snowden Manning Assange <
“…the N.S.A. has been deliberately weakening the international encryption standards
adopted by developers. One goal … was to ‘influence policies, standards and specifications for commercial public key technologies’…” 76 - New York Times, 6 Sept 2013
Increased Law Enforcement =
http://www.dailymail.co.uk/wires/reuters/article-4350416/UK-minister-says- encryption-messaging-services-unacceptable.html
Chat Apps :
https://www.eff.org/node/82654
Virgil Security
Create private key & public Virgil Card
Push Virgil Card to server
Publish card to Virgil
Encrypt data
Decrypt data
Demo %
Virgil Security >
demo-ip-messaging.virgilsecurity.com
virgilsecurity.com %
Encryption 201 ?
2047 ?
Total Security @
Total Privacy %
Human Error A
Slingshot Security B
Quantum Entanglement -
Large Integer Factorization! ÷
Post-QC Encryption 7
Quantum Key Exchange -
Quantum Key Exchange -
2047 ?
2117 ?
Thank you! @cbetta betta.io Cristiano Betta @virgilsecurity virgilsecurity.com Virgil Security