Thursday, February 21, 2013

Cryptography is a systems problem (video)

Tonight's the Usenix Security deadline. Who has time to blog...?

But in case you're dying for a dose of crypto wonkery (and have an hour with nothing better to do) feel free to check out this talk on SSL/TLS I just gave at Dartmouth. Slides here.



Thanks to Sergey Bratus for the invitation and to everyone who filled out the excellent audience.

8 comments:

  1. Interesting talk for an OS class :D

    ReplyDelete
  2. Great talk! Thanks for sharing the video and slides.

    I have some trouble following the demo on the RC4 bias. What is being encrypted for 5000 times (some string with character A as the second char) and with what keys?

    ReplyDelete
    Replies
    1. There's a bias in the second output byte of RC4. This causes the generator to output "0" with twice the probability it should, even if it's set up with a completely random key.

      A consequence is that if you encrypt a message by XORing it with the RC4 generator output, the second byte of the ciphertext will tend to equal the plaintext value with slightly higher probability than it should.

      If you only encrypt a message once that isn't a very big deal. But if you encrypt the same message several thousand times, you can actually recover the value of the plaintext at that position. This is what the demo showed.

      Delete
  3. "cryptography is just as broken as the other stuff" (disputing "cryptography is the strongest link in the chain"): I can't agree with this statement. Yes, cryptography is all kinds of broken and perhaps not a very strong chain link, but you really should see some of the other chain links in this chain! (ok, ok, I know you've seen them.. so I'm a little surprised I'm arguing here with you).

    ReplyDelete
  4. I guess it wasn't a bad idea to write my own implementation of TLS (sticking closely to what the spec says) for my app. :)

    ReplyDelete
  5. Regarding naming an attack http://www.isg.rhul.ac.uk/tls/#Name

    ReplyDelete
  6. Yes, this is a very good talk. Do you have any more talks/lectures recorded and put online?

    ReplyDelete