Explore the fundamentals of cryptology in this 55-minute conference talk from BSides Columbus 2018. Delve into the history of classic ciphers, understand the Triangle of Security, and examine the four main adversarial capabilities. Learn about software bugs versus security vulnerabilities, the importance of randomness in encryption, and various encryption modes like CBC. Investigate concepts such as padding oracles, integrity, authentic encryption, and public key cryptography. Discover the significance of prime numbers, key exchange, and elliptical curve cryptography. Gain insights into password security, including the use of salt. Understand why cryptology should be viewed as a precise tool rather than a catch-all solution for cybersecurity challenges.
Overview
Syllabus
Introduction
Software bugs vs security vulnerabilities
Brief history
Classic ciphers
Prometheus tables
How it works
Triangle of Security
The four main adversarial capabilities
Why would we decrypt malicious cyberattacks
The system must not require secrecy
Long BS passage
Pepe
The Problem
Randomness
CBC Mode
Penguin
Oracle
Padding Oracle
Integrity
Fencegate
Authentic Encryption
Prime Numbers
Trust
Key Exchange
Untrusting
Public Key Cryptography
Passwords
Salt
Elliptical Curve
