Crypto Strikes Back!
Loading...
Uploaded by GoogleTechTalks on Aug 6, 2009
Google Tech Talk
August 5, 2009
ABSTRACT
Presented by Nate Lawson
Encrypting and decrypting, choosing a random number, signing and verifying -- it all seems so logical. But the road to hell is paved with good intentions and a copy of "Applied Cryptography".
This talk will cover recent crypto vulnerabilities in widely-deployed systems and how the smallest oversight resulted in catastrophe. You'll learn why public key crypto is like a Ford Pinto in a demolition derby, the meaning of "PBKDF2", and how Web 2.0 reinvented 1970's-style password hashing, badly. And maybe, just maybe, you'll leave with a newfound respect for the utter brittleness of even the simplest crypto.
Nate Lawson is the founder of Root Labs, which specializes in the design and analysis of embedded security and cryptography. Previously, he worked at Cryptography Research, analyzing cryptographic products and co-designing the Blu-ray content protection layer known as BD+.
- 60 likes, 6 dislikes
-
Link to this comment:
- 3:03Cryptographyby WhatYouOughtToKnow27,833 views
Featured Video
- 36:02The Thorium Molten-Salt Reactor: Why Didn't Thi...by GoogleTechTalks19,468 views
- 1:00:07SPDY Essentialsby GoogleTechTalks1,334 views
- 57:54Mobile Web Performanceby GoogleTechTalks6,120 views
- 29:04HCIR 2011: Human Computer Information Retrieval...by GoogleTechTalks368 views
- 1:05:01Intrusion Detection and Network Security Perspe...by wwp19601,746 views
- 8:56cryptographyby vitrohype13,269 views
- 1:05:21Transform Your Mind, Change Your Brainby GoogleTechTalks185,388 views
- 3:42RSA Conference 2009 Mathematics Award: Victor M...by rsaconf20091,044 views
- 56:36So You Want To Be A Programming Rock Star?by GoogleTechTalks44,349 views
- 28:14Chocolate Key Cryptography: Delicious Way to Se...by ResearchChannel1,955 views
- 55:27How Cybercriminals Steal Moneyby GoogleTechTalks91,183 views
- 0:45Scientists crack cryptographyby BCS1957208 views
- 1:10:14Tech Talk: Linus Torvalds on gitby Google875,222 views
- 45:30BLOSSOMS - Introduction to Cryptography (Urdu v...by mittechtv2,388 views
- 1:00:07My own solar system: Installing solar panels at...by GoogleTechTalks144,093 views
- 3:12Public Key Cryptographyby Frege10018,312 views
- 51:17Dramatic Changes in Polar Ice: Are We Waking Sl...by GoogleTechTalks5,322 views
- 1:00:44Mitigating Web-based Malware Attacksby GoogleTechTalks7,524 views
- 48:04When Will We Discover the Extraterrestrials?by GoogleTechTalks79,463 views
hvala
atenica1 1 year ago
@janspambox It seems pretty higgh level to me, you already even selected the encryption algorithm... low level is more to the number theory part of things, like the mentioned PRNG function, or if you have to to meddle with primes and the like. Though you should also be careful on the key selection related stuff too, even if relatively high level, but since you seem to just be signing now, you are assuming you did everything right up to THAT point.
trickyoutrickme 1 year ago
This is one of the guys responsible for me haveing to do a )(&*^%^ update on my Blu-Ray everytime I buy a new release :(
bmecher 1 year ago
Does anyone know if System.Security.Cryptography.ECDsaCng.SignData() (.NET crypto stuff, takes byte[] data and spits out byte[] signature) is to be considered high-level (good) or low-level (evil)?
janspambox 1 year ago
the tee shirt is a secret message from nephillium L-5
pzmtuthcvpvl 1 year ago
Nope, but I see what you mean. It is just a logo on his shirt. Check it out @ 49:23.
StephenWeis 2 years ago
Is the logo or whatever it is on that guys T-Shirt censored @ 12:55 and following? Just wondering.
foojoku 2 years ago