SlideShare une entreprise Scribd logo

Cryptographic Future

Télécharger en tant que PPTX, PDF
David Evans
David Evans

Day 4 (of 4) of mini-course on Engineering Cryptographic Applications held at AMC Theater Tyson's Corner for Microstrategy, Inc. See http://www.mightbeevil.com/crypto for details October 25, 2013

TechnologieFormation
1  sur  75
Engineering Cryptographic Applications Day 4: Cryptographic Future David Evans University of Virginia www.cs.virginia.edu/evans Microstrategy Course 25 October 2013
Story So Far Day 1: Symmetric Ciphers Plaintext Ciphertext Encrypt Decrypt Plaintext Insecure Channel Key Key Kerckhoffs’ Principle, Cryptanalysis, AES Nonce 00000000 00000001 block 1 Engineering Crypto Applications k AES k block 2 block 1 evans@virginia.edu Nonce Counter AES Day 2: Using Symmetric Encryption Generating Keys (Dual-EC PRNG) Cipher Modes (CTR) Storing Passwords block 2 1
E Digital Signatures KRB Signed Message H D KUB = E Message D H Message KRB KUB Certificates TLS/SSL evans@virginia.edu Plaintext Key Agreement Asymmetric Ciphers RSA, ECC Plaintext Day 3: Public Key Protocols petitions.gov Engineering Crypto Applications 2
Recap Day 1: Symmetric Ciphers AES Sending Secret Messages Day 2: Using Symmetric Encryption PRNG, CTR Encrypting Long Messages Day 3: Public-Key Protocols D-H, RSA, ECC Key Agreement, Signatures TLS/SSL Establishing Secure Connect Things everyone in the developed and semi-developed world is using hundreds of times a day! evans@virginia.edu Engineering Crypto Applications 3
Today: Glimpses Into “Future” Biometrics Secure Multi-Party Computation Automated Protocol Testing Things that are only starting to be used outside of research labs (other than biometrics). evans@virginia.edu Engineering Crypto Applications 4
Biometrics evans@virginia.edu Engineering Crypto Applications 5
Appeal of Biometrics Convenient and Easy: nothing to remember or lose Humans like to feel unique Seems cool and futuristic evans@virginia.edu Engineering Crypto Applications 6
“iPhone 5s introduces Touch ID, an innovative way to simply and securely unlock your iPhone with just the touch of a finger. Built into the home button, Touch ID uses a laser cut sapphire crystal, together with the capacitive touch sensor, to take a high-resolution image of your fingerprint and intelligently analyze it to provide accurate readings from any angle.” evans@virginia.edu Engineering Crypto Applications 7
“iPhone 5s introduces Touch ID, an innovative way to simply and securely unlock your iPhone with just the touch of a finger. Built into the home button, Touch ID uses a laser cut sapphire crystal, together with the capacitive touch sensor, to take a high-resolution image of your fingerprint and intelligently analyze it to provide accurate readings from any angle.” evans@virginia.edu Engineering Crypto Applications 8
evans@virginia.edu Engineering Crypto Applications 9
evans@virginia.edu Engineering Crypto Applications 10
Voiceprints? evans@virginia.edu Engineering Crypto Applications 11
“My Voice is My Passport” evans@virginia.edu Engineering Crypto Applications 12
Meaningful Security Requires Secrets Biometrics may be okay for identification “Touch ID” (not “Touch Password”) Biometrics cannot be secret (and may not even be that unique) evans@virginia.edu Engineering Crypto Applications 13
“Secure-Against-Your-Spouse” Security vs. vs. Breakable by sophisticated adversary in a few hours evans@virginia.edu Engineering Crypto Applications Breakable by anyone in second 14
“Secure-Against-Your-Spouse” Security Biometrics are fine for identification and security against weak, unmotivated vs. vs. adversaries. Danger is that they give users a false sense of security. Breakable by sophisticated adversary in a few hours evans@virginia.edu Engineering Crypto Applications Breakable by anyone in second 15
Private Biometrics flickr cc: didbygraham evans@virginia.edu Engineering Crypto Applications 16
evans@virginia.edu Engineering Crypto Applications 17
(De)Motivating Application: “Genetic Dating” Alice Bob Genome Compatibility Protocol Your offspring will have WARNING! good immune systems! Don’t Reproduce Your offspring will have WARNING! good immune systems! Don’t Reproduce evans@virginia.edu Engineering Crypto Applications 18
Link evans@virginia.edu Engineering Crypto Applications 19
evans@virginia.edu Engineering Crypto Applications 20
$100,000,000 Cost to sequence human genome Moore’s Law prediction (halve every 18 months) $10,000,000 $1,000,000 $100,000 $10,000 Engineering Crypto Applications 21 Feb 2013 Aug 2012 Feb 2012 Aug 2011 Feb 2011 Aug 2010 Feb 2010 Aug 2009 Feb 2009 Aug 2008 Feb 2008 Aug 2007 Feb 2007 Aug 2006 Feb 2006 Aug 2005 Feb 2005 Aug 2004 Feb 2004 Aug 2003 Feb 2003 Aug 2002 Aug 2001 evans@virginia.edu Feb 2002 Ion torrent Personal Genome Machine $1,000
Human Genome Sequencing Using Unchained Base Reads on Self-Assembling DNA Nanoarrays. Radoje Drmanac, Andrew B. Sparks, Matthew J. Callow, Aaron L. Halpern, Norman L. Burns, Bahram G. Kermani, Paolo Carnevali, Igor Nazarenko, Geoffrey B. Nilsen, George Yeung, Fredrik Dahl, Andres Fernandez, Bryan Staker, Krishna P. Pant, Jonathan Baccash, Adam P. Borcherding, Anushka Brownley, Ryan Cedeno, Linsu Chen, Dan Chernikoff, Alex Cheung, Razvan Chirita, Benjamin Curson, Jessica C. Ebert, Coleen R. Hacker, Robert Hartlage, Brian Hauser, Steve Huang, Yuan Jiang, Vitali Karpinchyk, Mark Koenig, Calvin Kong, Tom Landers, Catherine Le, Jia Liu, Celeste E. McBride, Matt Morenzoni, Robert E. Morey, Karl Mutch, Helena Perazich, Kimberly Perry, Brock A. Peters, Joe Peterson, Charit L. Pethiyagoda, Kaliprasad Pothuraju, Claudia Richter, Abraham M. Rosenbaum, Shaunak Roy, Jay Shafto, Uladzislau Sharanhovich, Karen W. Shannon, Conrad G. Sheppy, Michel Sun, Joseph V. Thakuria, Anne Tran, Dylan Vu, Alexander Wait Zaranek, Xiaodi Wu, Snezana Drmanac, Arnold R. Oliphant, William C. Banyai, Bruce Martin, Dennis G. Ballinger, George M. Church, Clifford A. Reid. Science, January 2010. evans@virginia.edu Engineering Crypto Applications 22
Dystopia Personalized Medicine evans@virginia.edu Engineering Crypto Applications 23
Secure Multi-Party Computation evans@virginia.edu Engineering Crypto Applications 24
Secure Two-Party Computation Bob’s Genome: ACTG… Markers (~1000): *0,1, …, 0+ Alice’s Genome: ACTG… Markers (~1000): *0, 0, …, 1+ Alice Bob Can Alice and Bob compute a function on their private data, without exposing anything besides the result? evans@virginia.edu Engineering Crypto Applications 25
Secure Function Evaluation Alice (circuit generator) Bob (circuit evaluator) Garbled Circuit Protocol Andrew Yao, 1980s evans@virginia.edu Engineering Crypto Applications 26
Regular Logic Inputs Output a b x 0 0 1 0 1 0 0 0 0 1 1 1 a b AND x evans@virginia.edu Engineering Crypto Applications 27
Computing with Meaningless Values? Inputs Output a b x a0 a0 a1 b0 b1 b0 x0 x0 x0 a1 b1 x1 ai, bi, xi are random values, chosen by the circuit generator but meaningless to the circuit evaluator. evans@virginia.edu a0 or a1 b0 or b1 AND x0 or x Engineering Crypto1Applications 28
Computing with Garbled Tables Inputs Output x a0 a0 a1 b0 b1 b0 Enca0,b0(x0) Enca0,b1(x0) Enca1,b0(x0) a1 a0 or a1 b b1 Enca1,b1(x1) b0 or b1 Garbled And Gate AND x0 evans@virginia.edu or x1 Enca0, b1(x0) Enca1,b1(x1) Enca1,b0(x0) Enca0,b Applications Engineering Crypto0(x0) Bob can only decrypt one of these! a Random Permutation 29
Garbled Circuit Protocol Alice (circuit generator) Bob (circuit evaluator) Garbled Gate Enca0, b1(x0) Enca1,b1(x1) Enca1,b0(x0) Enca0,b0(x0) Sends ai to Bob based on her input value How does the Bob learn his own input wires? evans@virginia.edu Engineering Crypto Applications 30
Primitive: Oblivious Transfer Alice Bob Oblivious Transfer Protocol Oblivious: Alice doesn’t learn which secret Bob obtains Transfer: Bob learns one of Alice’s secrets Rabin, 1981; Even, Goldreich, and Lempel, 1985; many subsequent papers evans@virginia.edu Engineering Crypto Applications 31
Chaining Garbled Circuits And Gate 1 a0 a1 b0 AND AND Or Gate 2 b1 x1 x0 Enca10, b11(x10) Enca11,b11(x11) Enca11,b10(x10) Enca10,b10(x10) Encx00, x11(x21) Encx01,x11(x21) OR Encx01,x10(x21) Encx00,x10(x20) x2 … We can do any computation privately this way! evans@virginia.edu Engineering Crypto Applications 32
Building Computing Systems Encx00, x11(x21) Encx01,x11(x21) Encx01,x10(x21) Encx00,x10(x20) Digital Electronic Circuits Garbled Circuits Operate on known data Operate on encrypted wire labels One-bit logical operation requires moving a few electrons a few nanometers (hundreds of Billions per second) One-bit logical operation requires performing (up to) 4 encryption operations: very slow execution Reuse is great! Reuse is not allowed for privacy: huge circuits needed evans@virginia.edu Engineering Crypto Applications 33
Faster Circuit Execution Pipelined Execution Optimized Circuit Library Partial Evaluation Yan Huang (UVa PhD 2012) evans@virginia.edu Yan Huang, David Evans, Jonathan Katz, and Lior Malka. Faster Secure Two-Party Computation Using Garbled Circuits. USENIX Security 2011. Engineering Crypto Applications 34
Pipelined Execution Circuit Structure Circuit-Level Application GC Framework (Generator) Circuit Structure GC Framework (Evaluator) Encx00, x11(x21) Encx20, x21(x30) Encx20,(x2(x41) 1 Encx01,x1x4x3x3 )(x51) Enc 1 0,(x3 Encx21,x2x4 ,1x5 )(x61) Enc 1 0 1 01 Encx21(x2(x46 )(x71) Enc Encx01,x1x4 ,x310) x 11 0) Enc0 ,x31 ) 1 Encx21,x2x4x31,(x5 0) Enc0(x311(x6 1,x5 Encx21,x3x3 ,x60) 0) Enc0(x4 1 ) 1 Encx41,x30(x5(x7 0 Encx41,x50(x60) Encx31,x60(x71) x21 x31 x41 x51 x60 x71 Saves memory: never need to keep whole circuit in memory evans@virginia.edu Engineering Crypto Applications 35
Pipelining Circuit Generation Circuit Transmission Circuit Evaluation Waiting Circuit Generation Saves time: reduces latency and improves throughput Circuit Transmission Waiting evans@virginia.edu I d l i Circuit Evaluation n g Engineering Crypto Applications time 36
Results 1 10 Billions 0.8 8 0.6 6 0.4 4 0.2 2 0 100 000 gates/second x 10000 1.2 0 Fairplay [PSSW09] TASTY [HEKM11] Here Fairplay [PSSW09] TASTY Here [HEKM11] Scalability Performance (billions of gates) (10,000x non-free gates per second) evans@virginia.edu Engineering Crypto Applications 37
Passive Threat Model Ciphertext Plaintext Encrypt Decrypt Plaintext Insecure Channel Alice Bob Eve (passive attacker) evans@virginia.edu Engineering Crypto Applications 38
“Semi-Honest” Threat Model Circuits Generator Alice evans@virginia.edu Generate Evaluate Output Both parties follow the rules – but may try to learn more from execution transcript! Engineering Crypto Applications Bob 39
Active Attacker Insecure Channel (e.g., the Internet) Ciphertext Plaintext Encrypt Decrypt Alice Plaintext Bob Mallory (active attacker) evans@virginia.edu Engineering Crypto Applications 40
Active Threat Model Circuits Generator Generate Evaluate Output Either party do whatever they want Bob Alice evans@virginia.edu Engineering Crypto Applications 41
Garbled Circuits Are Half-Way! Privacy Nothing is revealed other than the output Generator Correctness The output of the protocol is indeed f(x,y) Evaluator As long as evaluator doesn’t send result back, privacy for evaluator is guaranteed. How can we get both correctness, and maintain privacy while giving both parties result? evans@virginia.edu Engineering Crypto Applications 42
Dual Execution Protocols Yan Huang, Jonathan Katz, and David Evans. Quid-Pro-Quo-tocols: Strengthening Semievans@virginia.edu Engineering Crypto Applications Honest Protocols with Dual Execution. IEEE Security and Privacy (Oakland) 2012. 43
Dual Execution Protocol Alice generator Bob first round execution (semi-honest) evaluator z=f(x, y) evaluator second round execution (semi-honest) generator z'=f(x, y) z’, learned output wire labels evans@virginia.edu fully-secure, authenticated equality test Pass if z = z’ and correct wire labels Engineering Crypto Applications z, learned output wire labels 44 [Mohassel and Franklin, PKC’06+
Security Properties Correctness: guaranteed by authenticated, secure equality test Privacy: Leaks one (extra) bit on average adversarial circuit generator provides a circuit that fails on ½ of inputs Malicious generator can decrease likelihood of being caught, and increase information leaked when caught (but decreases average information leaked): at extreme, circuit fails on just one input evans@virginia.edu Engineering Crypto Applications 45
1-bit Leak Cheating detected evans@virginia.edu Engineering Crypto Applications 46
Proving Security: Malicious Show equivalence Ideal World A y' x' Trusted Party in Ideal World Adversary receives: f (x‘, y‘) Real World A B B x' y' Secure Computation Protocol Corrupted party behaves arbitrarily Standard Active Security Model: can’t prove this for Dual Execution evans@virginia.edu Engineering Crypto Applications 47
Proof of Security: One-Bit Leakage Ideal World A Controlled by malicious A y' Adversary receives: f (x‘, y') and g(x‘, y‘) Trusted Party in Ideal World x' B g R {0, 1} g is an arbitrary Boolean function selected by adversary Can prove equivalence to this for Dual Execution protocols evans@virginia.edu Engineering Crypto Applications 48
Implementation Alice generator Bob first round execution (semi-honest) Recall: work to generate is 3x work to evaluate! evaluator second round execution (semi-honest) evaluator z=f(x, y) generator z'=f(x, y) z’, learned output wire labels evans@virginia.edu fully-secure, authenticated equality test Pass if z = z’ and correct wire labels Engineering Crypto Applications z, learned output wire labels 49
FairPlay (2004) [10k*10k alignment] $100,000,000 Free XOR $10,000,000 $1,000,000 $100,000 HEKM $10,000 Schneider & Zhoner 2013 evans@virginia.edu Engineering Crypto Applications Apr 2013 Sep 2012 Feb 2012 Jul 2011 Dec 2010 May 2010 Oct 2009 Mar 2009 Aug 2008 Jan 2008 Jun 2007 Nov 2006 Apr 2006 Sep 2005 Feb 2005 Jul 2004 Dec 2003 May 2003 Oct 2002 Mar 2002 Aug 2001 $1,000 50
$100,000,000,000 Active Security $10,000,000,000 $1,000,000,000 Semi-Honest $100,000,000 KSS 2011 $10,000,000 $1,000,000 HKE 2013 $100,000 1-bit leak $10,000 evans@virginia.edu Engineering Crypto Applications Apr 2013 Sep 2012 Feb 2012 Jul 2011 Dec 2010 May 2010 Oct 2009 Mar 2009 Aug 2008 Jan 2008 Jun 2007 Nov 2006 Apr 2006 Sep 2005 Feb 2005 Jul 2004 Dec 2003 May 2003 Oct 2002 Mar 2002 Aug 2001 $1,000 51
Opportunities for Encrypted Computation Secure Multi-Party Computation Practical (or nearly practical) today for some applications…and improving rapidly! Verifiable Computation Outsourced Computation (e.g., AdWords auctions) (Homomorphic Encryption) These applications are 10-1Mx away from being practical…but improving very rapidly! evans@virginia.edu Engineering Crypto Applications 52
Yuchen Zhou (UVa Computer Engineering PhD Student) evans@virginia.edu Engineering Crypto Applications 54
Single Sign-On evans@virginia.edu Engineering Crypto Applications 55
Will developers who follow the directions end up building a secure application? The requested response type, one of code or token. Defaults to code… evans@virginia.edu Facebook documentation Engineering Crypto Applications example 56
Modeling SSO System Mallory Client SDK MalAppC FooAppC FooAppS Service SDK Client runtime Service runtime Identity Provider (IdP) Reason about all possible applications that can be built using the SDK evans@virginia.edu Engineering Crypto Applications 57
Credential Misuse Vulnerability access_token Facebook back end Welcome, Alice! Foo App Client Foo App Server evans@virginia.edu Engineering Crypto Applications 58
Credential Misuse Vulnerability access_token Facebook back end Welcome, Alice! Foo App Malicious Client App Client Foo App Server evans@virginia.edu Engineering Crypto Applications 59
Credential Leakage Vulnerability OAuth Credentials evans@virginia.edu Engineering Crypto Applications 60
How Common Are These Vulnerabilities? evans@virginia.edu Engineering Crypto Applications 61
Simulating Users evans@virginia.edu Engineering Crypto Applications 62
Enrolling Test Accounts evans@virginia.edu Engineering Crypto Applications 63
Oracle Automatically test if site is vulnerable by looking at visual clues and traffic. evans@virginia.edu Engineering Crypto Applications 64
Dataset Test the top-ranked 20,000 websites (from quantcast.com) for 5 vulnerabilites 3 machines for 3 days evans@virginia.edu Engineering Crypto Applications google.com youtube.com facebook.com msn.com amazon.com twitter.com ebay.com pinterest.com yahoo.com bing.com microsoft.com … 65
45% 1700 of top-20000 sites use Facebook SSO % supporting FB SSO 40% 35% 30% 25% 20% 15% 10% 5% 0% Top-Ranked Sites evans@virginia.edu Site rank percentile (20K) Engineering Crypto Applications 20,000th-ranked site 66
20% 50 sites Percent of Sites Vulnerable 30% 10% 20% of sites (in top 20,000) that integrate Facebook SSO have at least one serious vulnerability detected by SSOScan 0% 20,000th-ranked site Top-Ranked Sites evans@virginia.edu Engineering Crypto Applications 67
Responses from Sites 20 vendors contacted normally 12: no response 6: auto-generated response 2: manual responses 0: fixed evans@virginia.edu Engineering Crypto Applications 68
ssoscan.org evans@virginia.edu Engineering Crypto Applications 69
Next Friday’s Talk! Rice Hall 85 Engineer’s Way University of Virginia Charlottesville, Va evans@virginia.edu Engineering Crypto Applications 70
Home of Famous Cryptographer! evans@virginia.edu Engineering Crypto Applications 71
evans@virginia.edu MightBeEvil.com/crypto evans@virginia.edu Engineering Crypto Applications 72
evans@virginia.edu Engineering Crypto Applications 73
evans@virginia.edu Engineering Crypto Applications 74

Recommandé

Public-Key Protocols
Public-Key ProtocolsPublic-Key Protocols
Public-Key ProtocolsDavid Evans
 
Engineering Cryptographic Applications: Symmetric Encryption
Engineering Cryptographic Applications: Symmetric EncryptionEngineering Cryptographic Applications: Symmetric Encryption
Engineering Cryptographic Applications: Symmetric EncryptionDavid Evans
 
Engineering Cryptographic Applications: Using (and Misusing) Symmetric Ciphers
Engineering Cryptographic Applications: Using (and Misusing) Symmetric CiphersEngineering Cryptographic Applications: Using (and Misusing) Symmetric Ciphers
Engineering Cryptographic Applications: Using (and Misusing) Symmetric CiphersDavid Evans
 
Crack Wep Wifi Under100seconds
Crack Wep Wifi Under100secondsCrack Wep Wifi Under100seconds
Crack Wep Wifi Under100secondsmvde3000
 
Presentacion diapositiva 40
Presentacion diapositiva 40Presentacion diapositiva 40
Presentacion diapositiva 40FUCS - Fundación Universitaria de Ciencias de la Salud
 
Cybersecurity Research Paper
Cybersecurity Research PaperCybersecurity Research Paper
Cybersecurity Research PaperShubham Gupta
 
Lecture 10 - Multi-Party Computation Protocols
Lecture 10 - Multi-Party Computation ProtocolsLecture 10 - Multi-Party Computation Protocols
Lecture 10 - Multi-Party Computation ProtocolsUniversity of Rome "La Sapienza"
 
COVID-19 Antibody Test+Vaccination Certificates: There's an app for that
COVID-19 Antibody Test+Vaccination Certificates: There's an app for thatCOVID-19 Antibody Test+Vaccination Certificates: There's an app for that
COVID-19 Antibody Test+Vaccination Certificates: There's an app for thatmeisenstadt
 

Recommandé

Public-Key Protocols
Public-Key ProtocolsPublic-Key Protocols
Public-Key ProtocolsDavid Evans
 
Engineering Cryptographic Applications: Symmetric Encryption
Engineering Cryptographic Applications: Symmetric EncryptionEngineering Cryptographic Applications: Symmetric Encryption
Engineering Cryptographic Applications: Symmetric EncryptionDavid Evans
 
Engineering Cryptographic Applications: Using (and Misusing) Symmetric Ciphers
Engineering Cryptographic Applications: Using (and Misusing) Symmetric CiphersEngineering Cryptographic Applications: Using (and Misusing) Symmetric Ciphers
Engineering Cryptographic Applications: Using (and Misusing) Symmetric CiphersDavid Evans
 
Crack Wep Wifi Under100seconds
Crack Wep Wifi Under100secondsCrack Wep Wifi Under100seconds
Crack Wep Wifi Under100secondsmvde3000
 
Presentacion diapositiva 40
Presentacion diapositiva 40Presentacion diapositiva 40
Presentacion diapositiva 40FUCS - Fundación Universitaria de Ciencias de la Salud
 
Cybersecurity Research Paper
Cybersecurity Research PaperCybersecurity Research Paper
Cybersecurity Research PaperShubham Gupta
 
Lecture 10 - Multi-Party Computation Protocols
Lecture 10 - Multi-Party Computation ProtocolsLecture 10 - Multi-Party Computation Protocols
Lecture 10 - Multi-Party Computation ProtocolsUniversity of Rome "La Sapienza"
 
COVID-19 Antibody Test+Vaccination Certificates: There's an app for that
COVID-19 Antibody Test+Vaccination Certificates: There's an app for thatCOVID-19 Antibody Test+Vaccination Certificates: There's an app for that
COVID-19 Antibody Test+Vaccination Certificates: There's an app for thatmeisenstadt
 
BooT-IoT: A Privacy-Aware Authentication Scheme for Secure Bootstrapping of I...
BooT-IoT: A Privacy-Aware Authentication Scheme for Secure Bootstrapping of I...BooT-IoT: A Privacy-Aware Authentication Scheme for Secure Bootstrapping of I...
BooT-IoT: A Privacy-Aware Authentication Scheme for Secure Bootstrapping of I...Mahmud Hossain
 
Designing Quality-Driven Blockchain Networks
Designing Quality-Driven Blockchain NetworksDesigning Quality-Driven Blockchain Networks
Designing Quality-Driven Blockchain NetworksCREST @ University of Adelaide
 
Network security
Network securityNetwork security
Network securityRamasubbu .P
 
Tdffffffffffffffffffffffffffffffffffffffehranipoor.pdf
Tdffffffffffffffffffffffffffffffffffffffehranipoor.pdfTdffffffffffffffffffffffffffffffffffffffehranipoor.pdf
Tdffffffffffffffffffffffffffffffffffffffehranipoor.pdfRamithaDevi
 
01 Slide_Oscar
01 Slide_Oscar01 Slide_Oscar
01 Slide_OscarOscar Chan
 
Towards a Holistic Framework for Secure, Privacy-aware, and Trustworthy Inter...
Towards a Holistic Framework for Secure, Privacy-aware, and Trustworthy Inter...Towards a Holistic Framework for Secure, Privacy-aware, and Trustworthy Inter...
Towards a Holistic Framework for Secure, Privacy-aware, and Trustworthy Inter...Mahmud Hossain
 
Mathematics Towards Elliptic Curve Cryptography-by Dr. R.Srinivasan
Mathematics Towards Elliptic Curve Cryptography-by Dr. R.SrinivasanMathematics Towards Elliptic Curve Cryptography-by Dr. R.Srinivasan
Mathematics Towards Elliptic Curve Cryptography-by Dr. R.Srinivasanmunicsaa
 
Multi-Party Computation for the Masses
Multi-Party Computation for the MassesMulti-Party Computation for the Masses
Multi-Party Computation for the MassesDavid Evans
 
Introduction to smpc
Introduction to smpc Introduction to smpc
Introduction to smpc Cysinfo Cyber Security Community
 
Introduction to SMPC
Introduction to SMPCIntroduction to SMPC
Introduction to SMPCsecurityxploded
 
Pki Training V1.5
Pki Training V1.5Pki Training V1.5
Pki Training V1.5Sylvain Maret
 
VLDB 2015 Tutorial: On Uncertain Graph Modeling and Queries
VLDB 2015 Tutorial: On Uncertain Graph Modeling and QueriesVLDB 2015 Tutorial: On Uncertain Graph Modeling and Queries
VLDB 2015 Tutorial: On Uncertain Graph Modeling and QueriesArijit Khan
 
Slide Deck CISSP Class Session 6
Slide Deck CISSP Class Session 6Slide Deck CISSP Class Session 6
Slide Deck CISSP Class Session 6FRSecure
 
전력 계통망에 있어서 보안일반 및 이슈와 기술 그리고 정책 방향-소셜 네트워크 서비스 등 차세대 기술 환경 맥락으로-
전력 계통망에 있어서 보안일반 및 이슈와 기술 그리고 정책 방향-소셜 네트워크 서비스 등 차세대 기술 환경 맥락으로-전력 계통망에 있어서 보안일반 및 이슈와 기술 그리고 정책 방향-소셜 네트워크 서비스 등 차세대 기술 환경 맥락으로-
전력 계통망에 있어서 보안일반 및 이슈와 기술 그리고 정책 방향-소셜 네트워크 서비스 등 차세대 기술 환경 맥락으로-JM code group
 
Research Overview
Research OverviewResearch Overview
Research Overviewavinashvarna
 
Security.ppt
Security.pptSecurity.ppt
Security.pptSherefHesham
 
IoT Attack Surfaces -- DEFCON 2015
IoT Attack Surfaces -- DEFCON 2015IoT Attack Surfaces -- DEFCON 2015
IoT Attack Surfaces -- DEFCON 2015Daniel Miessler
 
Innovative field of cryptography: DNA cryptography
Innovative field of cryptography: DNA cryptography Innovative field of cryptography: DNA cryptography
Innovative field of cryptography: DNA cryptography cscpconf
 
Basics of Coding Theory
Basics of Coding TheoryBasics of Coding Theory
Basics of Coding TheoryPiyush Mittal
 
Chapter8 27 nov_2010
Chapter8 27 nov_2010Chapter8 27 nov_2010
Chapter8 27 nov_2010Umang Gupta
 
Cryptocurrency Jeopardy!
Cryptocurrency Jeopardy!Cryptocurrency Jeopardy!
Cryptocurrency Jeopardy!David Evans
 
Trick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for Cypherpunks
Trick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for CypherpunksTrick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for Cypherpunks
Trick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for CypherpunksDavid Evans
 

Contenu connexe

Similaire à Cryptographic Future

BooT-IoT: A Privacy-Aware Authentication Scheme for Secure Bootstrapping of I...
BooT-IoT: A Privacy-Aware Authentication Scheme for Secure Bootstrapping of I...BooT-IoT: A Privacy-Aware Authentication Scheme for Secure Bootstrapping of I...
BooT-IoT: A Privacy-Aware Authentication Scheme for Secure Bootstrapping of I...Mahmud Hossain
 
Tdffffffffffffffffffffffffffffffffffffffehranipoor.pdf
Tdffffffffffffffffffffffffffffffffffffffehranipoor.pdfTdffffffffffffffffffffffffffffffffffffffehranipoor.pdf
Tdffffffffffffffffffffffffffffffffffffffehranipoor.pdfRamithaDevi
 
01 Slide_Oscar
01 Slide_Oscar01 Slide_Oscar
01 Slide_OscarOscar Chan
 
Towards a Holistic Framework for Secure, Privacy-aware, and Trustworthy Inter...
Towards a Holistic Framework for Secure, Privacy-aware, and Trustworthy Inter...Towards a Holistic Framework for Secure, Privacy-aware, and Trustworthy Inter...
Towards a Holistic Framework for Secure, Privacy-aware, and Trustworthy Inter...Mahmud Hossain
 
Mathematics Towards Elliptic Curve Cryptography-by Dr. R.Srinivasan
Mathematics Towards Elliptic Curve Cryptography-by Dr. R.SrinivasanMathematics Towards Elliptic Curve Cryptography-by Dr. R.Srinivasan
Mathematics Towards Elliptic Curve Cryptography-by Dr. R.Srinivasanmunicsaa
 
Multi-Party Computation for the Masses
Multi-Party Computation for the MassesMulti-Party Computation for the Masses
Multi-Party Computation for the MassesDavid Evans
 
VLDB 2015 Tutorial: On Uncertain Graph Modeling and Queries
VLDB 2015 Tutorial: On Uncertain Graph Modeling and QueriesVLDB 2015 Tutorial: On Uncertain Graph Modeling and Queries
VLDB 2015 Tutorial: On Uncertain Graph Modeling and QueriesArijit Khan
 
Slide Deck CISSP Class Session 6
Slide Deck CISSP Class Session 6Slide Deck CISSP Class Session 6
Slide Deck CISSP Class Session 6FRSecure
 
전력 계통망에 있어서 보안일반 및 이슈와 기술 그리고 정책 방향-소셜 네트워크 서비스 등 차세대 기술 환경 맥락으로-
전력 계통망에 있어서 보안일반 및 이슈와 기술 그리고 정책 방향-소셜 네트워크 서비스 등 차세대 기술 환경 맥락으로-전력 계통망에 있어서 보안일반 및 이슈와 기술 그리고 정책 방향-소셜 네트워크 서비스 등 차세대 기술 환경 맥락으로-
전력 계통망에 있어서 보안일반 및 이슈와 기술 그리고 정책 방향-소셜 네트워크 서비스 등 차세대 기술 환경 맥락으로-JM code group
 
IoT Attack Surfaces -- DEFCON 2015
IoT Attack Surfaces -- DEFCON 2015IoT Attack Surfaces -- DEFCON 2015
IoT Attack Surfaces -- DEFCON 2015Daniel Miessler
 
Innovative field of cryptography: DNA cryptography
Innovative field of cryptography: DNA cryptography Innovative field of cryptography: DNA cryptography
Innovative field of cryptography: DNA cryptography cscpconf
 
Basics of Coding Theory
Basics of Coding TheoryBasics of Coding Theory
Basics of Coding TheoryPiyush Mittal
 
Chapter8 27 nov_2010
Chapter8 27 nov_2010Chapter8 27 nov_2010
Chapter8 27 nov_2010Umang Gupta
 

Similaire à Cryptographic Future (20)

BooT-IoT: A Privacy-Aware Authentication Scheme for Secure Bootstrapping of I...
BooT-IoT: A Privacy-Aware Authentication Scheme for Secure Bootstrapping of I...BooT-IoT: A Privacy-Aware Authentication Scheme for Secure Bootstrapping of I...
BooT-IoT: A Privacy-Aware Authentication Scheme for Secure Bootstrapping of I...
 
Designing Quality-Driven Blockchain Networks
Designing Quality-Driven Blockchain NetworksDesigning Quality-Driven Blockchain Networks
Designing Quality-Driven Blockchain Networks
 
Network security
Network securityNetwork security
Network security
 
Tdffffffffffffffffffffffffffffffffffffffehranipoor.pdf
Tdffffffffffffffffffffffffffffffffffffffehranipoor.pdfTdffffffffffffffffffffffffffffffffffffffehranipoor.pdf
Tdffffffffffffffffffffffffffffffffffffffehranipoor.pdf
 
01 Slide_Oscar
01 Slide_Oscar01 Slide_Oscar
01 Slide_Oscar
 
Towards a Holistic Framework for Secure, Privacy-aware, and Trustworthy Inter...
Towards a Holistic Framework for Secure, Privacy-aware, and Trustworthy Inter...Towards a Holistic Framework for Secure, Privacy-aware, and Trustworthy Inter...
Towards a Holistic Framework for Secure, Privacy-aware, and Trustworthy Inter...
 
Mathematics Towards Elliptic Curve Cryptography-by Dr. R.Srinivasan
Mathematics Towards Elliptic Curve Cryptography-by Dr. R.SrinivasanMathematics Towards Elliptic Curve Cryptography-by Dr. R.Srinivasan
Mathematics Towards Elliptic Curve Cryptography-by Dr. R.Srinivasan
 
Multi-Party Computation for the Masses
Multi-Party Computation for the MassesMulti-Party Computation for the Masses
Multi-Party Computation for the Masses
 
Introduction to smpc
Introduction to smpc Introduction to smpc
Introduction to smpc
 
Introduction to SMPC
Introduction to SMPCIntroduction to SMPC
Introduction to SMPC
 
Pki Training V1.5
Pki Training V1.5Pki Training V1.5
Pki Training V1.5
 
VLDB 2015 Tutorial: On Uncertain Graph Modeling and Queries
VLDB 2015 Tutorial: On Uncertain Graph Modeling and QueriesVLDB 2015 Tutorial: On Uncertain Graph Modeling and Queries
VLDB 2015 Tutorial: On Uncertain Graph Modeling and Queries
 
Slide Deck CISSP Class Session 6
Slide Deck CISSP Class Session 6Slide Deck CISSP Class Session 6
Slide Deck CISSP Class Session 6
 
전력 계통망에 있어서 보안일반 및 이슈와 기술 그리고 정책 방향-소셜 네트워크 서비스 등 차세대 기술 환경 맥락으로-
전력 계통망에 있어서 보안일반 및 이슈와 기술 그리고 정책 방향-소셜 네트워크 서비스 등 차세대 기술 환경 맥락으로-전력 계통망에 있어서 보안일반 및 이슈와 기술 그리고 정책 방향-소셜 네트워크 서비스 등 차세대 기술 환경 맥락으로-
전력 계통망에 있어서 보안일반 및 이슈와 기술 그리고 정책 방향-소셜 네트워크 서비스 등 차세대 기술 환경 맥락으로-
 
Research Overview
Research OverviewResearch Overview
Research Overview
 
Security.ppt
Security.pptSecurity.ppt
Security.ppt
 
IoT Attack Surfaces -- DEFCON 2015
IoT Attack Surfaces -- DEFCON 2015IoT Attack Surfaces -- DEFCON 2015
IoT Attack Surfaces -- DEFCON 2015
 
Innovative field of cryptography: DNA cryptography
Innovative field of cryptography: DNA cryptography Innovative field of cryptography: DNA cryptography
Innovative field of cryptography: DNA cryptography
 
Basics of Coding Theory
Basics of Coding TheoryBasics of Coding Theory
Basics of Coding Theory
 
Chapter8 27 nov_2010
Chapter8 27 nov_2010Chapter8 27 nov_2010
Chapter8 27 nov_2010
 

Plus de David Evans

Cryptocurrency Jeopardy!
Cryptocurrency Jeopardy!Cryptocurrency Jeopardy!
Cryptocurrency Jeopardy!David Evans
 
Trick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for Cypherpunks
Trick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for CypherpunksTrick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for Cypherpunks
Trick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for CypherpunksDavid Evans
 
Hidden Services, Zero Knowledge
Hidden Services, Zero KnowledgeHidden Services, Zero Knowledge
Hidden Services, Zero KnowledgeDavid Evans
 
Anonymity in Bitcoin
Anonymity in BitcoinAnonymity in Bitcoin
Anonymity in BitcoinDavid Evans
 
Midterm Confirmations
Midterm ConfirmationsMidterm Confirmations
Midterm ConfirmationsDavid Evans
 
Scripting Transactions
Scripting TransactionsScripting Transactions
Scripting TransactionsDavid Evans
 
How to Live in Paradise
How to Live in ParadiseHow to Live in Paradise
How to Live in ParadiseDavid Evans
 
Mining Economics
Mining EconomicsMining Economics
Mining EconomicsDavid Evans
 
Becoming More Paranoid
Becoming More ParanoidBecoming More Paranoid
Becoming More ParanoidDavid Evans
 
Asymmetric Key Signatures
Asymmetric Key SignaturesAsymmetric Key Signatures
Asymmetric Key SignaturesDavid Evans
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to CryptographyDavid Evans
 
Class 1: What is Money?
Class 1: What is Money?Class 1: What is Money?
Class 1: What is Money?David Evans
 
Proof of Reserve
Proof of ReserveProof of Reserve
Proof of ReserveDavid Evans
 
Blooming Sidechains!
Blooming Sidechains!Blooming Sidechains!
Blooming Sidechains!David Evans
 
Useful Proofs of Work, Permacoin
Useful Proofs of Work, PermacoinUseful Proofs of Work, Permacoin
Useful Proofs of Work, PermacoinDavid Evans
 
Alternate Cryptocurrencies
Alternate CryptocurrenciesAlternate Cryptocurrencies
Alternate CryptocurrenciesDavid Evans
 

Plus de David Evans (20)

Cryptocurrency Jeopardy!
Cryptocurrency Jeopardy!Cryptocurrency Jeopardy!
Cryptocurrency Jeopardy!
 
Trick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for Cypherpunks
Trick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for CypherpunksTrick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for Cypherpunks
Trick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for Cypherpunks
 
Hidden Services, Zero Knowledge
Hidden Services, Zero KnowledgeHidden Services, Zero Knowledge
Hidden Services, Zero Knowledge
 
Anonymity in Bitcoin
Anonymity in BitcoinAnonymity in Bitcoin
Anonymity in Bitcoin
 
Midterm Confirmations
Midterm ConfirmationsMidterm Confirmations
Midterm Confirmations
 
Scripting Transactions
Scripting TransactionsScripting Transactions
Scripting Transactions
 
How to Live in Paradise
How to Live in ParadiseHow to Live in Paradise
How to Live in Paradise
 
Bitcoin Script
Bitcoin ScriptBitcoin Script
Bitcoin Script
 
Mining Economics
Mining EconomicsMining Economics
Mining Economics
 
Mining
MiningMining
Mining
 
The Blockchain
The BlockchainThe Blockchain
The Blockchain
 
Becoming More Paranoid
Becoming More ParanoidBecoming More Paranoid
Becoming More Paranoid
 
Asymmetric Key Signatures
Asymmetric Key SignaturesAsymmetric Key Signatures
Asymmetric Key Signatures
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
 
Class 1: What is Money?
Class 1: What is Money?Class 1: What is Money?
Class 1: What is Money?
 
Proof of Reserve
Proof of ReserveProof of Reserve
Proof of Reserve
 
Silk Road
Silk RoadSilk Road
Silk Road
 
Blooming Sidechains!
Blooming Sidechains!Blooming Sidechains!
Blooming Sidechains!
 
Useful Proofs of Work, Permacoin
Useful Proofs of Work, PermacoinUseful Proofs of Work, Permacoin
Useful Proofs of Work, Permacoin
 
Alternate Cryptocurrencies
Alternate CryptocurrenciesAlternate Cryptocurrencies
Alternate Cryptocurrencies
 

Dernier

The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 

Dernier (20)

The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 

Cryptographic Future

  • 1. Engineering Cryptographic Applications Day 4: Cryptographic Future David Evans University of Virginia www.cs.virginia.edu/evans Microstrategy Course 25 October 2013
  • 2. Story So Far Day 1: Symmetric Ciphers Plaintext Ciphertext Encrypt Decrypt Plaintext Insecure Channel Key Key Kerckhoffs’ Principle, Cryptanalysis, AES Nonce 00000000 00000001 block 1 Engineering Crypto Applications k AES k block 2 block 1 evans@virginia.edu Nonce Counter AES Day 2: Using Symmetric Encryption Generating Keys (Dual-EC PRNG) Cipher Modes (CTR) Storing Passwords block 2 1
  • 3. E Digital Signatures KRB Signed Message H D KUB = E Message D H Message KRB KUB Certificates TLS/SSL evans@virginia.edu Plaintext Key Agreement Asymmetric Ciphers RSA, ECC Plaintext Day 3: Public Key Protocols petitions.gov Engineering Crypto Applications 2
  • 4. Recap Day 1: Symmetric Ciphers AES Sending Secret Messages Day 2: Using Symmetric Encryption PRNG, CTR Encrypting Long Messages Day 3: Public-Key Protocols D-H, RSA, ECC Key Agreement, Signatures TLS/SSL Establishing Secure Connect Things everyone in the developed and semi-developed world is using hundreds of times a day! evans@virginia.edu Engineering Crypto Applications 3
  • 5. Today: Glimpses Into “Future” Biometrics Secure Multi-Party Computation Automated Protocol Testing Things that are only starting to be used outside of research labs (other than biometrics). evans@virginia.edu Engineering Crypto Applications 4
  • 7. Appeal of Biometrics Convenient and Easy: nothing to remember or lose Humans like to feel unique Seems cool and futuristic evans@virginia.edu Engineering Crypto Applications 6
  • 8. “iPhone 5s introduces Touch ID, an innovative way to simply and securely unlock your iPhone with just the touch of a finger. Built into the home button, Touch ID uses a laser cut sapphire crystal, together with the capacitive touch sensor, to take a high-resolution image of your fingerprint and intelligently analyze it to provide accurate readings from any angle.” evans@virginia.edu Engineering Crypto Applications 7
  • 9. “iPhone 5s introduces Touch ID, an innovative way to simply and securely unlock your iPhone with just the touch of a finger. Built into the home button, Touch ID uses a laser cut sapphire crystal, together with the capacitive touch sensor, to take a high-resolution image of your fingerprint and intelligently analyze it to provide accurate readings from any angle.” evans@virginia.edu Engineering Crypto Applications 8
  • 13. “My Voice is My Passport” evans@virginia.edu Engineering Crypto Applications 12
  • 14. Meaningful Security Requires Secrets Biometrics may be okay for identification “Touch ID” (not “Touch Password”) Biometrics cannot be secret (and may not even be that unique) evans@virginia.edu Engineering Crypto Applications 13
  • 15. “Secure-Against-Your-Spouse” Security vs. vs. Breakable by sophisticated adversary in a few hours evans@virginia.edu Engineering Crypto Applications Breakable by anyone in second 14
  • 16. “Secure-Against-Your-Spouse” Security Biometrics are fine for identification and security against weak, unmotivated vs. vs. adversaries. Danger is that they give users a false sense of security. Breakable by sophisticated adversary in a few hours evans@virginia.edu Engineering Crypto Applications Breakable by anyone in second 15
  • 17. Private Biometrics flickr cc: didbygraham evans@virginia.edu Engineering Crypto Applications 16
  • 19. (De)Motivating Application: “Genetic Dating” Alice Bob Genome Compatibility Protocol Your offspring will have WARNING! good immune systems! Don’t Reproduce Your offspring will have WARNING! good immune systems! Don’t Reproduce evans@virginia.edu Engineering Crypto Applications 18
  • 22. $100,000,000 Cost to sequence human genome Moore’s Law prediction (halve every 18 months) $10,000,000 $1,000,000 $100,000 $10,000 Engineering Crypto Applications 21 Feb 2013 Aug 2012 Feb 2012 Aug 2011 Feb 2011 Aug 2010 Feb 2010 Aug 2009 Feb 2009 Aug 2008 Feb 2008 Aug 2007 Feb 2007 Aug 2006 Feb 2006 Aug 2005 Feb 2005 Aug 2004 Feb 2004 Aug 2003 Feb 2003 Aug 2002 Aug 2001 evans@virginia.edu Feb 2002 Ion torrent Personal Genome Machine $1,000
  • 23. Human Genome Sequencing Using Unchained Base Reads on Self-Assembling DNA Nanoarrays. Radoje Drmanac, Andrew B. Sparks, Matthew J. Callow, Aaron L. Halpern, Norman L. Burns, Bahram G. Kermani, Paolo Carnevali, Igor Nazarenko, Geoffrey B. Nilsen, George Yeung, Fredrik Dahl, Andres Fernandez, Bryan Staker, Krishna P. Pant, Jonathan Baccash, Adam P. Borcherding, Anushka Brownley, Ryan Cedeno, Linsu Chen, Dan Chernikoff, Alex Cheung, Razvan Chirita, Benjamin Curson, Jessica C. Ebert, Coleen R. Hacker, Robert Hartlage, Brian Hauser, Steve Huang, Yuan Jiang, Vitali Karpinchyk, Mark Koenig, Calvin Kong, Tom Landers, Catherine Le, Jia Liu, Celeste E. McBride, Matt Morenzoni, Robert E. Morey, Karl Mutch, Helena Perazich, Kimberly Perry, Brock A. Peters, Joe Peterson, Charit L. Pethiyagoda, Kaliprasad Pothuraju, Claudia Richter, Abraham M. Rosenbaum, Shaunak Roy, Jay Shafto, Uladzislau Sharanhovich, Karen W. Shannon, Conrad G. Sheppy, Michel Sun, Joseph V. Thakuria, Anne Tran, Dylan Vu, Alexander Wait Zaranek, Xiaodi Wu, Snezana Drmanac, Arnold R. Oliphant, William C. Banyai, Bruce Martin, Dennis G. Ballinger, George M. Church, Clifford A. Reid. Science, January 2010. evans@virginia.edu Engineering Crypto Applications 22
  • 26. Secure Two-Party Computation Bob’s Genome: ACTG… Markers (~1000): *0,1, …, 0+ Alice’s Genome: ACTG… Markers (~1000): *0, 0, …, 1+ Alice Bob Can Alice and Bob compute a function on their private data, without exposing anything besides the result? evans@virginia.edu Engineering Crypto Applications 25
  • 27. Secure Function Evaluation Alice (circuit generator) Bob (circuit evaluator) Garbled Circuit Protocol Andrew Yao, 1980s evans@virginia.edu Engineering Crypto Applications 26
  • 29. Computing with Meaningless Values? Inputs Output a b x a0 a0 a1 b0 b1 b0 x0 x0 x0 a1 b1 x1 ai, bi, xi are random values, chosen by the circuit generator but meaningless to the circuit evaluator. evans@virginia.edu a0 or a1 b0 or b1 AND x0 or x Engineering Crypto1Applications 28
  • 30. Computing with Garbled Tables Inputs Output x a0 a0 a1 b0 b1 b0 Enca0,b0(x0) Enca0,b1(x0) Enca1,b0(x0) a1 a0 or a1 b b1 Enca1,b1(x1) b0 or b1 Garbled And Gate AND x0 evans@virginia.edu or x1 Enca0, b1(x0) Enca1,b1(x1) Enca1,b0(x0) Enca0,b Applications Engineering Crypto0(x0) Bob can only decrypt one of these! a Random Permutation 29
  • 31. Garbled Circuit Protocol Alice (circuit generator) Bob (circuit evaluator) Garbled Gate Enca0, b1(x0) Enca1,b1(x1) Enca1,b0(x0) Enca0,b0(x0) Sends ai to Bob based on her input value How does the Bob learn his own input wires? evans@virginia.edu Engineering Crypto Applications 30
  • 32. Primitive: Oblivious Transfer Alice Bob Oblivious Transfer Protocol Oblivious: Alice doesn’t learn which secret Bob obtains Transfer: Bob learns one of Alice’s secrets Rabin, 1981; Even, Goldreich, and Lempel, 1985; many subsequent papers evans@virginia.edu Engineering Crypto Applications 31
  • 33. Chaining Garbled Circuits And Gate 1 a0 a1 b0 AND AND Or Gate 2 b1 x1 x0 Enca10, b11(x10) Enca11,b11(x11) Enca11,b10(x10) Enca10,b10(x10) Encx00, x11(x21) Encx01,x11(x21) OR Encx01,x10(x21) Encx00,x10(x20) x2 … We can do any computation privately this way! evans@virginia.edu Engineering Crypto Applications 32
  • 34. Building Computing Systems Encx00, x11(x21) Encx01,x11(x21) Encx01,x10(x21) Encx00,x10(x20) Digital Electronic Circuits Garbled Circuits Operate on known data Operate on encrypted wire labels One-bit logical operation requires moving a few electrons a few nanometers (hundreds of Billions per second) One-bit logical operation requires performing (up to) 4 encryption operations: very slow execution Reuse is great! Reuse is not allowed for privacy: huge circuits needed evans@virginia.edu Engineering Crypto Applications 33
  • 35. Faster Circuit Execution Pipelined Execution Optimized Circuit Library Partial Evaluation Yan Huang (UVa PhD 2012) evans@virginia.edu Yan Huang, David Evans, Jonathan Katz, and Lior Malka. Faster Secure Two-Party Computation Using Garbled Circuits. USENIX Security 2011. Engineering Crypto Applications 34
  • 36. Pipelined Execution Circuit Structure Circuit-Level Application GC Framework (Generator) Circuit Structure GC Framework (Evaluator) Encx00, x11(x21) Encx20, x21(x30) Encx20,(x2(x41) 1 Encx01,x1x4x3x3 )(x51) Enc 1 0,(x3 Encx21,x2x4 ,1x5 )(x61) Enc 1 0 1 01 Encx21(x2(x46 )(x71) Enc Encx01,x1x4 ,x310) x 11 0) Enc0 ,x31 ) 1 Encx21,x2x4x31,(x5 0) Enc0(x311(x6 1,x5 Encx21,x3x3 ,x60) 0) Enc0(x4 1 ) 1 Encx41,x30(x5(x7 0 Encx41,x50(x60) Encx31,x60(x71) x21 x31 x41 x51 x60 x71 Saves memory: never need to keep whole circuit in memory evans@virginia.edu Engineering Crypto Applications 35
  • 37. Pipelining Circuit Generation Circuit Transmission Circuit Evaluation Waiting Circuit Generation Saves time: reduces latency and improves throughput Circuit Transmission Waiting evans@virginia.edu I d l i Circuit Evaluation n g Engineering Crypto Applications time 36
  • 38. Results 1 10 Billions 0.8 8 0.6 6 0.4 4 0.2 2 0 100 000 gates/second x 10000 1.2 0 Fairplay [PSSW09] TASTY [HEKM11] Here Fairplay [PSSW09] TASTY Here [HEKM11] Scalability Performance (billions of gates) (10,000x non-free gates per second) evans@virginia.edu Engineering Crypto Applications 37
  • 39. Passive Threat Model Ciphertext Plaintext Encrypt Decrypt Plaintext Insecure Channel Alice Bob Eve (passive attacker) evans@virginia.edu Engineering Crypto Applications 38
  • 40. “Semi-Honest” Threat Model Circuits Generator Alice evans@virginia.edu Generate Evaluate Output Both parties follow the rules – but may try to learn more from execution transcript! Engineering Crypto Applications Bob 39
  • 41. Active Attacker Insecure Channel (e.g., the Internet) Ciphertext Plaintext Encrypt Decrypt Alice Plaintext Bob Mallory (active attacker) evans@virginia.edu Engineering Crypto Applications 40
  • 42. Active Threat Model Circuits Generator Generate Evaluate Output Either party do whatever they want Bob Alice evans@virginia.edu Engineering Crypto Applications 41
  • 43. Garbled Circuits Are Half-Way! Privacy Nothing is revealed other than the output Generator Correctness The output of the protocol is indeed f(x,y) Evaluator As long as evaluator doesn’t send result back, privacy for evaluator is guaranteed. How can we get both correctness, and maintain privacy while giving both parties result? evans@virginia.edu Engineering Crypto Applications 42
  • 44. Dual Execution Protocols Yan Huang, Jonathan Katz, and David Evans. Quid-Pro-Quo-tocols: Strengthening Semievans@virginia.edu Engineering Crypto Applications Honest Protocols with Dual Execution. IEEE Security and Privacy (Oakland) 2012. 43
  • 45. Dual Execution Protocol Alice generator Bob first round execution (semi-honest) evaluator z=f(x, y) evaluator second round execution (semi-honest) generator z'=f(x, y) z’, learned output wire labels evans@virginia.edu fully-secure, authenticated equality test Pass if z = z’ and correct wire labels Engineering Crypto Applications z, learned output wire labels 44 [Mohassel and Franklin, PKC’06+
  • 46. Security Properties Correctness: guaranteed by authenticated, secure equality test Privacy: Leaks one (extra) bit on average adversarial circuit generator provides a circuit that fails on ½ of inputs Malicious generator can decrease likelihood of being caught, and increase information leaked when caught (but decreases average information leaked): at extreme, circuit fails on just one input evans@virginia.edu Engineering Crypto Applications 45
  • 48. Proving Security: Malicious Show equivalence Ideal World A y' x' Trusted Party in Ideal World Adversary receives: f (x‘, y‘) Real World A B B x' y' Secure Computation Protocol Corrupted party behaves arbitrarily Standard Active Security Model: can’t prove this for Dual Execution evans@virginia.edu Engineering Crypto Applications 47
  • 49. Proof of Security: One-Bit Leakage Ideal World A Controlled by malicious A y' Adversary receives: f (x‘, y') and g(x‘, y‘) Trusted Party in Ideal World x' B g R {0, 1} g is an arbitrary Boolean function selected by adversary Can prove equivalence to this for Dual Execution protocols evans@virginia.edu Engineering Crypto Applications 48
  • 50. Implementation Alice generator Bob first round execution (semi-honest) Recall: work to generate is 3x work to evaluate! evaluator second round execution (semi-honest) evaluator z=f(x, y) generator z'=f(x, y) z’, learned output wire labels evans@virginia.edu fully-secure, authenticated equality test Pass if z = z’ and correct wire labels Engineering Crypto Applications z, learned output wire labels 49
  • 51. FairPlay (2004) [10k*10k alignment] $100,000,000 Free XOR $10,000,000 $1,000,000 $100,000 HEKM $10,000 Schneider & Zhoner 2013 evans@virginia.edu Engineering Crypto Applications Apr 2013 Sep 2012 Feb 2012 Jul 2011 Dec 2010 May 2010 Oct 2009 Mar 2009 Aug 2008 Jan 2008 Jun 2007 Nov 2006 Apr 2006 Sep 2005 Feb 2005 Jul 2004 Dec 2003 May 2003 Oct 2002 Mar 2002 Aug 2001 $1,000 50
  • 52. $100,000,000,000 Active Security $10,000,000,000 $1,000,000,000 Semi-Honest $100,000,000 KSS 2011 $10,000,000 $1,000,000 HKE 2013 $100,000 1-bit leak $10,000 evans@virginia.edu Engineering Crypto Applications Apr 2013 Sep 2012 Feb 2012 Jul 2011 Dec 2010 May 2010 Oct 2009 Mar 2009 Aug 2008 Jan 2008 Jun 2007 Nov 2006 Apr 2006 Sep 2005 Feb 2005 Jul 2004 Dec 2003 May 2003 Oct 2002 Mar 2002 Aug 2001 $1,000 51
  • 53. Opportunities for Encrypted Computation Secure Multi-Party Computation Practical (or nearly practical) today for some applications…and improving rapidly! Verifiable Computation Outsourced Computation (e.g., AdWords auctions) (Homomorphic Encryption) These applications are 10-1Mx away from being practical…but improving very rapidly! evans@virginia.edu Engineering Crypto Applications 52
  • 54.
  • 55. Yuchen Zhou (UVa Computer Engineering PhD Student) evans@virginia.edu Engineering Crypto Applications 54
  • 57. Will developers who follow the directions end up building a secure application? The requested response type, one of code or token. Defaults to code… evans@virginia.edu Facebook documentation Engineering Crypto Applications example 56
  • 58. Modeling SSO System Mallory Client SDK MalAppC FooAppC FooAppS Service SDK Client runtime Service runtime Identity Provider (IdP) Reason about all possible applications that can be built using the SDK evans@virginia.edu Engineering Crypto Applications 57
  • 59. Credential Misuse Vulnerability access_token Facebook back end Welcome, Alice! Foo App Client Foo App Server evans@virginia.edu Engineering Crypto Applications 58
  • 60. Credential Misuse Vulnerability access_token Facebook back end Welcome, Alice! Foo App Malicious Client App Client Foo App Server evans@virginia.edu Engineering Crypto Applications 59
  • 61. Credential Leakage Vulnerability OAuth Credentials evans@virginia.edu Engineering Crypto Applications 60
  • 62. How Common Are These Vulnerabilities? evans@virginia.edu Engineering Crypto Applications 61
  • 65. Oracle Automatically test if site is vulnerable by looking at visual clues and traffic. evans@virginia.edu Engineering Crypto Applications 64
  • 66. Dataset Test the top-ranked 20,000 websites (from quantcast.com) for 5 vulnerabilites 3 machines for 3 days evans@virginia.edu Engineering Crypto Applications google.com youtube.com facebook.com msn.com amazon.com twitter.com ebay.com pinterest.com yahoo.com bing.com microsoft.com … 65
  • 67. 45% 1700 of top-20000 sites use Facebook SSO % supporting FB SSO 40% 35% 30% 25% 20% 15% 10% 5% 0% Top-Ranked Sites evans@virginia.edu Site rank percentile (20K) Engineering Crypto Applications 20,000th-ranked site 66
  • 68. 20% 50 sites Percent of Sites Vulnerable 30% 10% 20% of sites (in top 20,000) that integrate Facebook SSO have at least one serious vulnerability detected by SSOScan 0% 20,000th-ranked site Top-Ranked Sites evans@virginia.edu Engineering Crypto Applications 67
  • 69. Responses from Sites 20 vendors contacted normally 12: no response 6: auto-generated response 2: manual responses 0: fixed evans@virginia.edu Engineering Crypto Applications 68
  • 71. Next Friday’s Talk! Rice Hall 85 Engineer’s Way University of Virginia Charlottesville, Va evans@virginia.edu Engineering Crypto Applications 70
  • 72. Home of Famous Cryptographer! evans@virginia.edu Engineering Crypto Applications 71

Notes de l'éditeur

  1. Circuit structure is small and can be reused;Each GT can be used only once.Significance: 1) allow GC to easily scale to arbitrary problem size; 2) indirectly improves time efficiency;
  2. People have done this before. What’s new here is achieving performance & scalability needed for realistic problems.