YouTube home Comedy Week on YouTube
Upload

Crypto Strikes Back!

GoogleTechTalks GoogleTechTalks·1,782 videos
147,581
13,389
Like     Dislike 6

Sign in to YouTube

Sign in with your Google Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to like GoogleTechTalks's video.

Sign in to YouTube

Sign in with your Google Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to dislike GoogleTechTalks's video.

Sign in to YouTube

Sign in with your Google Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to add GoogleTechTalks's video to your playlist.

Uploaded on Aug 6, 2009

Google Tech Talk
August 5, 2009

ABSTRACT

Presented by Nate Lawson

Encrypting and decrypting, choosing a random number, signing and verifying -- it all seems so logical. But the road to hell is paved with good intentions and a copy of "Applied Cryptography".

This talk will cover recent crypto vulnerabilities in widely-deployed systems and how the smallest oversight resulted in catastrophe. You'll learn why public key crypto is like a Ford Pinto in a demolition derby, the meaning of "PBKDF2", and how Web 2.0 reinvented 1970's-style password hashing, badly. And maybe, just maybe, you'll leave with a newfound respect for the utter brittleness of even the simplest crypto.

Nate Lawson is the founder of Root Labs, which specializes in the design and analysis of embedded security and cryptography. Previously, he worked at Cryptography Research, analyzing cryptographic products and co-designing the Blu-ray content protection layer known as BD+.

Loading icon Loading...

Loading icon Loading...

Loading icon Loading...

The interactive transcript could not be loaded.

Loading icon Loading...

Loading icon Loading...

Ratings have been disabled for this video.
Rating is available when the video has been rented.
This feature is not available right now. Please try again later.

All Comments (10)

Sign in now to post a comment!
  • somekidfromtexas

    Everything's breakable with enough effort.

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate somekidfromtexas's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate somekidfromtexas's comment.
    in reply to b1naryd1g1t5 (Show the comment)
  • b1naryd1g1t5

    This guy invented the Blu-Ray crypto protection system, a system that has already been cracked by Neils Ferguson.

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate b1naryd1g1t5's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate b1naryd1g1t5's comment.
  • Kirill Tishechkov

    Very good talk.

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Kirill Tishechkov's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Kirill Tishechkov's comment.
  • atenica1

    hvala

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate atenica1's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate atenica1's comment.
  • trickyoutrickme

    It seems pretty higgh level to me, you already even selected the encryption algorithm... low level is more to the number theory part of things, like the mentioned PRNG function, or if you have to to meddle with primes and the like. Though you should also be careful on the key selection related stuff too, even if relatively high level, but since you seem to just be signing now, you are assuming you did everything right up to THAT point.

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate trickyoutrickme's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate trickyoutrickme's comment.
    in reply to janspambox (Show the comment)
  • bmecher

    This is one of the guys responsible for me haveing to do a )(&*^%^ update on my Blu-Ray everytime I buy a new release :(

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate bmecher's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate bmecher's comment.
  • janspambox

    Does anyone know if System.Security.Cryptography.E­CDsaCng.SignData() (.NET crypto stuff, takes byte[] data and spits out byte[] signature) is to be considered high-level (good) or low-level (evil)?

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate janspambox's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate janspambox's comment.
  • Steve Weis

    Nope, but I see what you mean. It is just a logo on his shirt. Check it out @ 49:23.

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Steve Weis's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Steve Weis's comment.
  • Loading comment...
Loading...
Loading...
Working...
Sign in to add this to Watch Later