Cryptography and Network Security Lecture at [31c3] 2015
Δημοσιεύτηκε στις 1 Ιουν 2015
Cryptography and Network Security Lecture at [31c3] 2015
When
the Internet was designed, it was thought to be meadows full of
daisies. As we now know, it's a dark place, where communication is
monitored and subverted. This session presents both developments in
known solutions, as well as novel suggestions, to liberally apply crypto
to improve the foundations of Internet communications.
Trusting servers you can't touch by Ryan Lackey:
Servers
for Internet applications are usually deployed at a distance from both
the end users of the service and the administrators of the system, often
controlled by third parties. Even when they're hardware vs.
virtualized/cloud, it's rare for admins to have direct physical control
of the servers. Yet, most applications require a high degree of trust in
the integrity of servers. We describe a variety of technologies and
solutions to this problem, and a framework to best protect your
applications and your users.
dename: decentralized, secure, usable PKI by Andreas Erbsen:
A
major challenge for private online communication is public key
distribution. Trusted authorities have failed to be secure, and the web
of trust has failed to build the network effect it gravely requires to
be usable. This talk proposes a new PKI system built on a cryptographic
consensus protocol. A set of directory servers updates and signs a
mapping from public keys to names. Anyone can run their own server,
strengthening the security guarantee for all clients that know it. We
have an open-source implementation that can be easily integrated with
systems that currently rely on manual key verification, including secure
messaging, host authentication, and software distribution.
New development in OTR by Jurre van Bergen
Jurre
van Bergen will speak about new developments in the world of
`off-the-record` messaging. What is going on? Where are we going? In
addition we will address frequently answered questions by developers and
users.
Secure email communication - LEAP Encryption Access Project &
Pixelated Your Right to by Varac
This
presentation will introduce two new secure communication tools under
development that help guarantee the right to digitally whisper – LEAP
and Pixelated.
Dark Mail by Ladar Levision
Since Ladar
Levison shuttered Lavabit during the summer of 2013, he has been working
to solve the email privacy problems that made it technologically
possible for an American court to demand unfettered access to the email
messages for all of Lavabit’s worldwide customers. After a year of hard
work, the Dark Internet Mail Environment (DIME) is a standards based,
collaborative effort to create an elegant technical solution capable of
protecting the privacy of everyone’s email. It is focused on making
end-to-end email encryption automatic, while providing message
confidentiality, author verification, and minimizing the leakage of
metadata. DIME capable systems reduce the amount of trust users must
place in their service provider. Automating the key exchange process
while keeping the system resistant to manipulation by sophisticated
threats is an ongoing challenge. This talk offers a compressed
discussion of the DIME standards, highlighting key portions and will be
followed by a project update, where we hope to showcase a DIME capable
client and server implementation.
TLS ♥ DNS ♥ Tor by equinox
Replacing
100 CA hierarchies with the single DNS hierarchy, and how the bite
reflex against the latter is coming at the cost of less secure
identities.
──────────
➤Speaker: Ryan Lackey, Andres Erbsen, Jurre van Bergen, Ladar Levison, equinox, Daniel Ziegler
➤EventID: 6597
➤Event: 31th Chaos Communication Congress [31c3] of the Chaos Computer Club [CCC]
➤Location: Congress Centrum Hamburg (CCH); Am Dammtor; Marseiller Straße; 20355 Hamburg; Germany
➤Language: english
➤Begin: Tue, 12/30/2014 16:00:00 +01:00
➤License: CC-by
When
the Internet was designed, it was thought to be meadows full of
daisies. As we now know, it's a dark place, where communication is
monitored and subverted. This session presents both developments in
known solutions, as well as novel suggestions, to liberally apply crypto
to improve the foundations of Internet communications.
Trusting servers you can't touch by Ryan Lackey:
Servers
for Internet applications are usually deployed at a distance from both
the end users of the service and the administrators of the system, often
controlled by third parties. Even when they're hardware vs.
virtualized/cloud, it's rare for admins to have direct physical control
of the servers. Yet, most applications require a high degree of trust in
the integrity of servers. We describe a variety of technologies and
solutions to this problem, and a framework to best protect your
applications and your users.
dename: decentralized, secure, usable PKI by Andreas Erbsen:
A
major challenge for private online communication is public key
distribution. Trusted authorities have failed to be secure, and the web
of trust has failed to build the network effect it gravely requires to
be usable. This talk proposes a new PKI system built on a cryptographic
consensus protocol. A set of directory servers updates and signs a
mapping from public keys to names. Anyone can run their own server,
strengthening the security guarantee for all clients that know it. We
have an open-source implementation that can be easily integrated with
systems that currently rely on manual key verification, including secure
messaging, host authentication, and software distribution.
New development in OTR by Jurre van Bergen
Jurre
van Bergen will speak about new developments in the world of
`off-the-record` messaging. What is going on? Where are we going? In
addition we will address frequently answered questions by developers and
users.
Secure email communication - LEAP Encryption Access Project &
Pixelated Your Right to by Varac
This
presentation will introduce two new secure communication tools under
development that help guarantee the right to digitally whisper – LEAP
and Pixelated.
Dark Mail by Ladar Levision
Since Ladar
Levison shuttered Lavabit during the summer of 2013, he has been working
to solve the email privacy problems that made it technologically
possible for an American court to demand unfettered access to the email
messages for all of Lavabit’s worldwide customers. After a year of hard
work, the Dark Internet Mail Environment (DIME) is a standards based,
collaborative effort to create an elegant technical solution capable of
protecting the privacy of everyone’s email. It is focused on making
end-to-end email encryption automatic, while providing message
confidentiality, author verification, and minimizing the leakage of
metadata. DIME capable systems reduce the amount of trust users must
place in their service provider. Automating the key exchange process
while keeping the system resistant to manipulation by sophisticated
threats is an ongoing challenge. This talk offers a compressed
discussion of the DIME standards, highlighting key portions and will be
followed by a project update, where we hope to showcase a DIME capable
client and server implementation.
TLS ♥ DNS ♥ Tor by equinox
Replacing
100 CA hierarchies with the single DNS hierarchy, and how the bite
reflex against the latter is coming at the cost of less secure
identities.
──────────
➤Speaker: Ryan Lackey, Andres Erbsen, Jurre van Bergen, Ladar Levison, equinox, Daniel Ziegler
➤EventID: 6597
➤Event: 31th Chaos Communication Congress [31c3] of the Chaos Computer Club [CCC]
➤Location: Congress Centrum Hamburg (CCH); Am Dammtor; Marseiller Straße; 20355 Hamburg; Germany
➤Language: english
➤Begin: Tue, 12/30/2014 16:00:00 +01:00
➤License: CC-by
Κατηγορία
Άδεια
- Τυπική άδεια YouTube
Εργαλείο δημιουργίας
Βίντεο-πηγές
Δεν υπάρχουν σχόλια:
Δημοσίευση σχολίου