Loading...

DEF CON 24 Crypto and Privacy Village - David Wong - How to Backdoor Diffie-Hellman

3,478 views

Loading...

Loading...

Transcript

The interactive transcript could not be loaded.

Loading...

Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Nov 3, 2016

Lately, several backdoors in cryptographic constructions, protocols and implementations have been surfacing in the wild: Dual-EC in RSA's B-Safe product, a modified Dual-EC in Juniper's operating system ScreenOS and a non-prime modulus in the open-source tool socat. Many papers have already discussed the fragility of cryptographic constructions not using nothing-up-my-sleeve numbers, as well as how such numbers can be safely picked. However, the question of how to introduce a backdoor in an already secure, safe and easy to audit implementation has so far rarely been researched (in the public).

BIO: David Wong (Twitter: @lyon01_david) is a Security Consultant at the Cryptography Services team of NCC Group. He has been working in Security for over a year now, being part of several publicly funded open source audits such as the OpenSSL and the Let's Encrypt ones. He has conducted research in many domains in cryptography, publishing whitepapers as well as writing numerous editions of the Cryptography Services private bulletin. He has been a trainer for cryptography courses at BlackHat US 2015 and BlackHat US 2016.

Loading...

When autoplay is enabled, a suggested video will automatically play next.

Up next


to add this to Watch Later

Add to

Loading playlists...