Saturday 4:15 p.m.–5 p.m.
Crypto 101
Laurens Van Houtven
- Audience level:
- Novice
- Category:
- Best Practices/Patterns
Description
An introduction to applied cryptography and information security suitable for programmers of all ages and skill levels.
Abstract
Cryptography is a tricky subject.
There's an infinitude of ways to get it wrong, but there's only a few ways to get it right. Failures are usually silent, and only evident once it's too late.
This talk will touch on basic cryptographic primitives and tools: just enough to know what they do, when and why you'd want them, and just enough to satisfy basic curiosity.
Goals
At the end of this talk, attendees should know how to use the available cryptographic tools to build larger systems that involve cryptography. They should also have some basic understanding of how some common systems compare, and also a sense for detecting and exposing snake oil.
People won't leave the room as newly minted cryptographers, but I hope they'll leave a lot less likely to shoot themselves in the foot.
Target audience
This talk is aimed at programmers of any skill level that lack crypto chops.
Subjects
- One time pads
- Block ciphers
- Stream ciphers
- Diffe-Hellman key exchange
- Hash functions
- Password Storage
- Message authentication
- Asymmetric encryption algorithms
- Putting it all together: a high-level walk-through of TLS
While going through these subjects, I'll touch on several kinds of attacks, illustrated by practical example:
- Replay attacks
- Extension attacks
- Man-in-the-middle attacks
- Chain of trust issues
If I have additional time (which I doubt), I will cover timing attacks and how they pop up in practice.
Sponsors
Diamond
Platinum
Gold
Silver
Patron
OSS / Community
Media
