SlideShare a Scribd company logo

SMIMP Lightning Talk - DEFCON CryptoVillage

Download as PPTX, PDF
Adam Caudill
Adam Caudill

Short talk on the SMIMP project given at DEFCON.

Technology
1 of 9
SMIMP, Email, Superglue A discussion on the state of email security, and options for a path forward.
Email security today...
The Email Failfest ● Assumes network is trusted ● Assumes servers are trusted ● Assumes the sender is who they claim ● Doesn't prevent content modification ● Doesn't protect content
Torch it, or keep trying to fix it? Keep: ● Massive user base ● Deeply entrenched ● Universal support Torch: ● Do it right ● Strong crypto ● Better privacy
SMIMP: A Micro Introduction ● End-to-end Crypto (curve25519) ● Forward secrecy (loosely based on TextSecure) ● Integrated public key discovery ● Hash-chain to detect profile alteration ● Dynamic Hashcash-like proof of work ● Transported over HTTPS (firewall friendly, harder to block or inspect)
The Two Sides of SMIMP Identity ● Name ● Public Ed25519 key ● Web site ● Social profiles Messaging ● Multiple message types ● Whitelist / blacklist / anti-spam ● Simple JSON format
What's the status today? ● Spec work still ongoing ● No code written ● Needs more feedback
Thanks! smimp.org github.com/smimp/smimp_spec adam@adamcaudill.com @adamcaudill

Recommended

Security awareness training
Security awareness trainingSecurity awareness training
Security awareness trainingSumedt Jitpukdebodin
 
TSC Summit #4 - Howto get browser persitence and remote execution (JS)
TSC Summit #4 - Howto get browser persitence and remote execution (JS)TSC Summit #4 - Howto get browser persitence and remote execution (JS)
TSC Summit #4 - Howto get browser persitence and remote execution (JS)Mikal Villa
 
Trusted Types - Securing the DOM from the bottom up (JSNation Amsterdam)
Trusted Types - Securing the DOM from the bottom up (JSNation Amsterdam)Trusted Types - Securing the DOM from the bottom up (JSNation Amsterdam)
Trusted Types - Securing the DOM from the bottom up (JSNation Amsterdam)Krzysztof Kotowicz
 
Let's Encrypt
Let's EncryptLet's Encrypt
Let's EncryptAmjad Mashaal
 
Web security at Meteor (Pivotal Labs)
Web security at Meteor (Pivotal Labs)Web security at Meteor (Pivotal Labs)
Web security at Meteor (Pivotal Labs)Emily Stark
 
Rd mongo-meetup-2013-05-21
Rd mongo-meetup-2013-05-21Rd mongo-meetup-2013-05-21
Rd mongo-meetup-2013-05-21Claire Willett
 
Trusted Types and the end of DOM XSS
Trusted Types and the end of DOM XSSTrusted Types and the end of DOM XSS
Trusted Types and the end of DOM XSSKrzysztof Kotowicz
 
Security in PHP Applications: An absolute must!
Security in PHP Applications: An absolute must!Security in PHP Applications: An absolute must!
Security in PHP Applications: An absolute must!Mark Niebergall
 

Recommended

Security awareness training
Security awareness trainingSecurity awareness training
Security awareness trainingSumedt Jitpukdebodin
 
TSC Summit #4 - Howto get browser persitence and remote execution (JS)
TSC Summit #4 - Howto get browser persitence and remote execution (JS)TSC Summit #4 - Howto get browser persitence and remote execution (JS)
TSC Summit #4 - Howto get browser persitence and remote execution (JS)Mikal Villa
 
Trusted Types - Securing the DOM from the bottom up (JSNation Amsterdam)
Trusted Types - Securing the DOM from the bottom up (JSNation Amsterdam)Trusted Types - Securing the DOM from the bottom up (JSNation Amsterdam)
Trusted Types - Securing the DOM from the bottom up (JSNation Amsterdam)Krzysztof Kotowicz
 
Let's Encrypt
Let's EncryptLet's Encrypt
Let's EncryptAmjad Mashaal
 
Web security at Meteor (Pivotal Labs)
Web security at Meteor (Pivotal Labs)Web security at Meteor (Pivotal Labs)
Web security at Meteor (Pivotal Labs)Emily Stark
 
Rd mongo-meetup-2013-05-21
Rd mongo-meetup-2013-05-21Rd mongo-meetup-2013-05-21
Rd mongo-meetup-2013-05-21Claire Willett
 
Trusted Types and the end of DOM XSS
Trusted Types and the end of DOM XSSTrusted Types and the end of DOM XSS
Trusted Types and the end of DOM XSSKrzysztof Kotowicz
 
Security in PHP Applications: An absolute must!
Security in PHP Applications: An absolute must!Security in PHP Applications: An absolute must!
Security in PHP Applications: An absolute must!Mark Niebergall
 
Trusted Types @ W3C TPAC 2018
Trusted Types @ W3C TPAC 2018Trusted Types @ W3C TPAC 2018
Trusted Types @ W3C TPAC 2018Krzysztof Kotowicz
 
BlockChain Basic Concepts
BlockChain Basic ConceptsBlockChain Basic Concepts
BlockChain Basic ConceptsMuLearn
 
cross document messaging, html 5
cross document messaging, html 5cross document messaging, html 5
cross document messaging, html 5Kristoffer Snabb
 
22S kickoff 2.0 (kickoff + anonymity talk)
22S kickoff 2.0 (kickoff + anonymity talk)22S kickoff 2.0 (kickoff + anonymity talk)
22S kickoff 2.0 (kickoff + anonymity talk)UTD Computer Security Group
 
Ssl certificate in internet world
Ssl certificate in internet worldSsl certificate in internet world
Ssl certificate in internet worldjamesbarns729
 
UTD Computer Security Group - Cracking the domain
UTD Computer Security Group - Cracking the domainUTD Computer Security Group - Cracking the domain
UTD Computer Security Group - Cracking the domainUTD Computer Security Group
 
Java script, security and you - Tri-Cities Javascript Developers Group
Java script, security and you - Tri-Cities Javascript Developers GroupJava script, security and you - Tri-Cities Javascript Developers Group
Java script, security and you - Tri-Cities Javascript Developers GroupAdam Caudill
 
Body parts
Body partsBody parts
Body partsJuan Pablo Franco Perdomo
 
User research when you can’t reach your users
User research when you can’t reach your usersUser research when you can’t reach your users
User research when you can’t reach your usersDesign for Drupal, Boston
 
Responsive js
Responsive jsResponsive js
Responsive jsDesign for Drupal, Boston
 
Cooperatives and Collectives - Think Outside the Boss
Cooperatives and Collectives - Think Outside the BossCooperatives and Collectives - Think Outside the Boss
Cooperatives and Collectives - Think Outside the BossDesign for Drupal, Boston
 
Clothes
ClothesClothes
ClothesJuan Pablo Franco Perdomo
 
Fans fans sepakbola
Fans fans sepakbola Fans fans sepakbola
Fans fans sepakbola Apriyantowijaya
 
Oomph - Community, Drupal & Business
Oomph - Community, Drupal & BusinessOomph - Community, Drupal & Business
Oomph - Community, Drupal & BusinessDesign for Drupal, Boston
 
Real-Time Multi-Device Theming
Real-Time Multi-Device ThemingReal-Time Multi-Device Theming
Real-Time Multi-Device ThemingDesign for Drupal, Boston
 
Enhancing Design with Adaptive Content
Enhancing Design with Adaptive ContentEnhancing Design with Adaptive Content
Enhancing Design with Adaptive ContentDesign for Drupal, Boston
 
Body parts
Body partsBody parts
Body partsJuan Pablo Franco Perdomo
 
SC Magazine Congress Chicago - BadUSB & Beyond
SC Magazine Congress Chicago - BadUSB & BeyondSC Magazine Congress Chicago - BadUSB & Beyond
SC Magazine Congress Chicago - BadUSB & BeyondAdam Caudill
 
Coopify Feasbility Study
Coopify Feasbility StudyCoopify Feasbility Study
Coopify Feasbility StudyStephanie Nussbaum
 
DerbyCon 2014 - Making BadUSB Work For You
DerbyCon 2014 - Making BadUSB Work For YouDerbyCon 2014 - Making BadUSB Work For You
DerbyCon 2014 - Making BadUSB Work For YouAdam Caudill
 
From User Personas to Testing: A Project Manager's Journey Towards Behat
From User Personas to Testing: A Project Manager's Journey Towards BehatFrom User Personas to Testing: A Project Manager's Journey Towards Behat
From User Personas to Testing: A Project Manager's Journey Towards BehatDesign for Drupal, Boston
 
Introduction to Web Application Security - Blackhoodie US 2018
Introduction to Web Application Security - Blackhoodie US 2018Introduction to Web Application Security - Blackhoodie US 2018
Introduction to Web Application Security - Blackhoodie US 2018Niranjanaa Ragupathy
 

More Related Content

What's hot

BlockChain Basic Concepts
BlockChain Basic ConceptsBlockChain Basic Concepts
BlockChain Basic ConceptsMuLearn
 
cross document messaging, html 5
cross document messaging, html 5cross document messaging, html 5
cross document messaging, html 5Kristoffer Snabb
 
Ssl certificate in internet world
Ssl certificate in internet worldSsl certificate in internet world
Ssl certificate in internet worldjamesbarns729
 
UTD Computer Security Group - Cracking the domain
UTD Computer Security Group - Cracking the domainUTD Computer Security Group - Cracking the domain
UTD Computer Security Group - Cracking the domainUTD Computer Security Group
 

What's hot (6)

Trusted Types @ W3C TPAC 2018
Trusted Types @ W3C TPAC 2018Trusted Types @ W3C TPAC 2018
Trusted Types @ W3C TPAC 2018
 
BlockChain Basic Concepts
BlockChain Basic ConceptsBlockChain Basic Concepts
BlockChain Basic Concepts
 
cross document messaging, html 5
cross document messaging, html 5cross document messaging, html 5
cross document messaging, html 5
 
22S kickoff 2.0 (kickoff + anonymity talk)
22S kickoff 2.0 (kickoff + anonymity talk)22S kickoff 2.0 (kickoff + anonymity talk)
22S kickoff 2.0 (kickoff + anonymity talk)
 
Ssl certificate in internet world
Ssl certificate in internet worldSsl certificate in internet world
Ssl certificate in internet world
 
UTD Computer Security Group - Cracking the domain
UTD Computer Security Group - Cracking the domainUTD Computer Security Group - Cracking the domain
UTD Computer Security Group - Cracking the domain
 

Viewers also liked

Java script, security and you - Tri-Cities Javascript Developers Group
Java script, security and you - Tri-Cities Javascript Developers GroupJava script, security and you - Tri-Cities Javascript Developers Group
Java script, security and you - Tri-Cities Javascript Developers GroupAdam Caudill
 
User research when you can’t reach your users
User research when you can’t reach your usersUser research when you can’t reach your users
User research when you can’t reach your usersDesign for Drupal, Boston
 
Cooperatives and Collectives - Think Outside the Boss
Cooperatives and Collectives - Think Outside the BossCooperatives and Collectives - Think Outside the Boss
Cooperatives and Collectives - Think Outside the BossDesign for Drupal, Boston
 
SC Magazine Congress Chicago - BadUSB & Beyond
SC Magazine Congress Chicago - BadUSB & BeyondSC Magazine Congress Chicago - BadUSB & Beyond
SC Magazine Congress Chicago - BadUSB & BeyondAdam Caudill
 
DerbyCon 2014 - Making BadUSB Work For You
DerbyCon 2014 - Making BadUSB Work For YouDerbyCon 2014 - Making BadUSB Work For You
DerbyCon 2014 - Making BadUSB Work For YouAdam Caudill
 
From User Personas to Testing: A Project Manager's Journey Towards Behat
From User Personas to Testing: A Project Manager's Journey Towards BehatFrom User Personas to Testing: A Project Manager's Journey Towards Behat
From User Personas to Testing: A Project Manager's Journey Towards BehatDesign for Drupal, Boston
 

Viewers also liked (15)

Java script, security and you - Tri-Cities Javascript Developers Group
Java script, security and you - Tri-Cities Javascript Developers GroupJava script, security and you - Tri-Cities Javascript Developers Group
Java script, security and you - Tri-Cities Javascript Developers Group
 
Body parts
Body partsBody parts
Body parts
 
User research when you can’t reach your users
User research when you can’t reach your usersUser research when you can’t reach your users
User research when you can’t reach your users
 
Responsive js
Responsive jsResponsive js
Responsive js
 
Cooperatives and Collectives - Think Outside the Boss
Cooperatives and Collectives - Think Outside the BossCooperatives and Collectives - Think Outside the Boss
Cooperatives and Collectives - Think Outside the Boss
 
Clothes
ClothesClothes
Clothes
 
Fans fans sepakbola
Fans fans sepakbola Fans fans sepakbola
Fans fans sepakbola
 
Oomph - Community, Drupal & Business
Oomph - Community, Drupal & BusinessOomph - Community, Drupal & Business
Oomph - Community, Drupal & Business
 
Real-Time Multi-Device Theming
Real-Time Multi-Device ThemingReal-Time Multi-Device Theming
Real-Time Multi-Device Theming
 
Enhancing Design with Adaptive Content
Enhancing Design with Adaptive ContentEnhancing Design with Adaptive Content
Enhancing Design with Adaptive Content
 
Body parts
Body partsBody parts
Body parts
 
SC Magazine Congress Chicago - BadUSB & Beyond
SC Magazine Congress Chicago - BadUSB & BeyondSC Magazine Congress Chicago - BadUSB & Beyond
SC Magazine Congress Chicago - BadUSB & Beyond
 
Coopify Feasbility Study
Coopify Feasbility StudyCoopify Feasbility Study
Coopify Feasbility Study
 
DerbyCon 2014 - Making BadUSB Work For You
DerbyCon 2014 - Making BadUSB Work For YouDerbyCon 2014 - Making BadUSB Work For You
DerbyCon 2014 - Making BadUSB Work For You
 
From User Personas to Testing: A Project Manager's Journey Towards Behat
From User Personas to Testing: A Project Manager's Journey Towards BehatFrom User Personas to Testing: A Project Manager's Journey Towards Behat
From User Personas to Testing: A Project Manager's Journey Towards Behat
 

Similar to SMIMP Lightning Talk - DEFCON CryptoVillage

Introduction to Web Application Security - Blackhoodie US 2018
Introduction to Web Application Security - Blackhoodie US 2018Introduction to Web Application Security - Blackhoodie US 2018
Introduction to Web Application Security - Blackhoodie US 2018Niranjanaa Ragupathy
 
Course_Presentation cyber --------------.pptx
Course_Presentation cyber --------------.pptxCourse_Presentation cyber --------------.pptx
Course_Presentation cyber --------------.pptxssuser020436
 
Security .NET.pdf
Security .NET.pdfSecurity .NET.pdf
Security .NET.pdfAbhi Jain
 
Are you weak in the middle?
Are you weak in the middle?Are you weak in the middle?
Are you weak in the middle?FSCONS
 
Echoworx Encryption Delivery Methods
Echoworx Encryption Delivery MethodsEchoworx Encryption Delivery Methods
Echoworx Encryption Delivery MethodsEchoworx
 
BSides Rochester 2018: Chaim Sanders: How the Cookie Crumbles: Modern HTTP St...
BSides Rochester 2018: Chaim Sanders: How the Cookie Crumbles: Modern HTTP St...BSides Rochester 2018: Chaim Sanders: How the Cookie Crumbles: Modern HTTP St...
BSides Rochester 2018: Chaim Sanders: How the Cookie Crumbles: Modern HTTP St...JosephTesta9
 
curl and new technologies
curl and new technologiescurl and new technologies
curl and new technologiesDaniel Stenberg
 
Tuenti: Web Application Security
Tuenti: Web Application SecurityTuenti: Web Application Security
Tuenti: Web Application SecurityTuenti
 
Tuenti: Web Application Security
Tuenti: Web Application SecurityTuenti: Web Application Security
Tuenti: Web Application SecurityGuille -bisho-
 
CISSP Week 13
CISSP Week 13CISSP Week 13
CISSP Week 13jemtallon
 
Trusted Email Server DKIM, SPF, DMARC, RDNS
Trusted Email Server DKIM, SPF, DMARC, RDNSTrusted Email Server DKIM, SPF, DMARC, RDNS
Trusted Email Server DKIM, SPF, DMARC, RDNSGLC Networks
 
apsec SEPPmail Email Security Gateway
apsec SEPPmail Email Security Gatewayapsec SEPPmail Email Security Gateway
apsec SEPPmail Email Security Gatewayandreasschuster
 

Similar to SMIMP Lightning Talk - DEFCON CryptoVillage (20)

Introduction to Web Application Security - Blackhoodie US 2018
Introduction to Web Application Security - Blackhoodie US 2018Introduction to Web Application Security - Blackhoodie US 2018
Introduction to Web Application Security - Blackhoodie US 2018
 
Course_Presentation cyber --------------.pptx
Course_Presentation cyber --------------.pptxCourse_Presentation cyber --------------.pptx
Course_Presentation cyber --------------.pptx
 
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail SecurityCRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
 
Forward Secrecy
Forward SecrecyForward Secrecy
Forward Secrecy
 
Security .NET.pdf
Security .NET.pdfSecurity .NET.pdf
Security .NET.pdf
 
Are you weak in the middle?
Are you weak in the middle?Are you weak in the middle?
Are you weak in the middle?
 
email.ppt
email.pptemail.ppt
email.ppt
 
Email2
Email2Email2
Email2
 
Protobuff and gRPC
Protobuff and gRPCProtobuff and gRPC
Protobuff and gRPC
 
Echoworx Encryption Delivery Methods
Echoworx Encryption Delivery MethodsEchoworx Encryption Delivery Methods
Echoworx Encryption Delivery Methods
 
BSides Rochester 2018: Chaim Sanders: How the Cookie Crumbles: Modern HTTP St...
BSides Rochester 2018: Chaim Sanders: How the Cookie Crumbles: Modern HTTP St...BSides Rochester 2018: Chaim Sanders: How the Cookie Crumbles: Modern HTTP St...
BSides Rochester 2018: Chaim Sanders: How the Cookie Crumbles: Modern HTTP St...
 
curl and new technologies
curl and new technologiescurl and new technologies
curl and new technologies
 
Tuenti: Web Application Security
Tuenti: Web Application SecurityTuenti: Web Application Security
Tuenti: Web Application Security
 
Tuenti: Web Application Security
Tuenti: Web Application SecurityTuenti: Web Application Security
Tuenti: Web Application Security
 
CISSP Week 13
CISSP Week 13CISSP Week 13
CISSP Week 13
 
Trusted Email Server DKIM, SPF, DMARC, RDNS
Trusted Email Server DKIM, SPF, DMARC, RDNSTrusted Email Server DKIM, SPF, DMARC, RDNS
Trusted Email Server DKIM, SPF, DMARC, RDNS
 
Web security 101
Web security 101Web security 101
Web security 101
 
Websec
WebsecWebsec
Websec
 
apsec SEPPmail Email Security Gateway
apsec SEPPmail Email Security Gatewayapsec SEPPmail Email Security Gateway
apsec SEPPmail Email Security Gateway
 
Email security
Email securityEmail security
Email security
 

Recently uploaded

FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 

Recently uploaded (20)

FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 

SMIMP Lightning Talk - DEFCON CryptoVillage

  • 1.
  • 2. SMIMP, Email, Superglue A discussion on the state of email security, and options for a path forward.
  • 4. The Email Failfest ● Assumes network is trusted ● Assumes servers are trusted ● Assumes the sender is who they claim ● Doesn't prevent content modification ● Doesn't protect content
  • 5. Torch it, or keep trying to fix it? Keep: ● Massive user base ● Deeply entrenched ● Universal support Torch: ● Do it right ● Strong crypto ● Better privacy
  • 6. SMIMP: A Micro Introduction ● End-to-end Crypto (curve25519) ● Forward secrecy (loosely based on TextSecure) ● Integrated public key discovery ● Hash-chain to detect profile alteration ● Dynamic Hashcash-like proof of work ● Transported over HTTPS (firewall friendly, harder to block or inspect)
  • 7. The Two Sides of SMIMP Identity ● Name ● Public Ed25519 key ● Web site ● Social profiles Messaging ● Multiple message types ● Whitelist / blacklist / anti-spam ● Simple JSON format
  • 8. What's the status today? ● Spec work still ongoing ● No code written ● Needs more feedback