What, how, and why?
Chief Security Analyst, IU CACR
This is not cryptography.
- Is extremely commonplace: HTTPS, credit card transactions, SSH, GPG, OTR, digital signatures, some digital radio modes, your cell phone, cryptocurrencies
- Is a pile of math aimed at making the people who know the key(s) more able to get at information than the people who don't.
- Usually fails one of two ways:
- All of our computers have become powerful enough that yesterday's math isn't hard enough any more.
- The programmer in charge of putting that math into a program, and making sure that program relies on it correctly, screwed up.
- Involves standing in front of a whiteboard arguing about algorithms a lot. Or a chalkboard, for purists.
I AM NOT A CRYPTOGRAPHER
(but I keep one in my pocket)
Current Events in Cryptography
Concepts in Modern Cryptography
Current Events in Cryptography
(or WTF do I care about black magic?)
Cryptocurrencies such as Bitcoin, Litecoin, Ethereum, etc. are attempts to use blockchain technology to create a currency that is purely digital.
Ransomware is malware that will encrypt the contents of a computer or computers, demanding payment in exchange for they keys to decrypt. Lately, it's also been exfiltrating data in order to demand ransom payments under threat of releasing the data publicly.
The finance industry is incredibly dependent on cryptography, to protect transaction information in transit, to make transactions harder to fake, to keep traders honest about things as simple as what time it is.
Controversial Things Crypto Hackers Do
There are plenty of white- and grey-hat hackers out there using crypto in interesting ways, from trying to preserve the integrity of journalists' reporting from heavily censored places to helping persecuted groups communicate in secret, or farmers repair their tractors.
A cryptographer's toolkit these days contains tools for moving communications as well as money.
Cryptocat, from eff.org's page on helping coders who work at the edges
Concepts in Modern Crypto
(or how do I translate this confusing paper?)
When you want to learn more:
- Funny: The Alice and Bob After Dinner Speech
- History: The Codebreakers by David Kahn
- Math: An Introduction to Mathematical Cryptography by Jeffrey Hoffstein, Jill Pipher, and Joseph H. Silverman
- Protocol design, ethics, systemic concerns:
Cryptography Engineering by Niels Ferguson, Bruce Schneier, Tadayoshi Kohno
Encrypt / Decrypt
Sign / Verify Signature
Use the same key to encrypt and decrypt.
Safe key exchange is hard.
Well-suited for storage applications or in combination with asymmetric cryptography.
Keys come in pairs: a public key for encrypting/verifying and a private key for decrypting/signing.
You can publish a public key anywhere, but never share a private key.
Suited for general communications and integrity verification.
Alice, Bob, Carol, and Dave: people doing stuff
Eve: an eavesdropper
Mallory: a malicious attacker
Peggy: a prover
Trent: a trusted third party
Victor: a verifier
(aka take out a pencil and learn how this works)
A Simple Substitution Cipher
A Grid Cipher
Thanks for coming!
This deck is licensed under a CC-BY license (do as you please with it but give me credit for my work). Contact email@example.com for other uses.
Reach out if you have questions or want to learn more:
By Susan Sons