Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

of

ZendCon 2018 - Cryptography in Depth Slide 1 ZendCon 2018 - Cryptography in Depth Slide 2 ZendCon 2018 - Cryptography in Depth Slide 3 ZendCon 2018 - Cryptography in Depth Slide 4 ZendCon 2018 - Cryptography in Depth Slide 5 ZendCon 2018 - Cryptography in Depth Slide 6 ZendCon 2018 - Cryptography in Depth Slide 7 ZendCon 2018 - Cryptography in Depth Slide 8 ZendCon 2018 - Cryptography in Depth Slide 9 ZendCon 2018 - Cryptography in Depth Slide 10 ZendCon 2018 - Cryptography in Depth Slide 11 ZendCon 2018 - Cryptography in Depth Slide 12 ZendCon 2018 - Cryptography in Depth Slide 13 ZendCon 2018 - Cryptography in Depth Slide 14 ZendCon 2018 - Cryptography in Depth Slide 15 ZendCon 2018 - Cryptography in Depth Slide 16 ZendCon 2018 - Cryptography in Depth Slide 17 ZendCon 2018 - Cryptography in Depth Slide 18 ZendCon 2018 - Cryptography in Depth Slide 19 ZendCon 2018 - Cryptography in Depth Slide 20 ZendCon 2018 - Cryptography in Depth Slide 21 ZendCon 2018 - Cryptography in Depth Slide 22 ZendCon 2018 - Cryptography in Depth Slide 23 ZendCon 2018 - Cryptography in Depth Slide 24 ZendCon 2018 - Cryptography in Depth Slide 25 ZendCon 2018 - Cryptography in Depth Slide 26 ZendCon 2018 - Cryptography in Depth Slide 27 ZendCon 2018 - Cryptography in Depth Slide 28 ZendCon 2018 - Cryptography in Depth Slide 29 ZendCon 2018 - Cryptography in Depth Slide 30 ZendCon 2018 - Cryptography in Depth Slide 31 ZendCon 2018 - Cryptography in Depth Slide 32 ZendCon 2018 - Cryptography in Depth Slide 33 ZendCon 2018 - Cryptography in Depth Slide 34 ZendCon 2018 - Cryptography in Depth Slide 35 ZendCon 2018 - Cryptography in Depth Slide 36 ZendCon 2018 - Cryptography in Depth Slide 37 ZendCon 2018 - Cryptography in Depth Slide 38 ZendCon 2018 - Cryptography in Depth Slide 39 ZendCon 2018 - Cryptography in Depth Slide 40 ZendCon 2018 - Cryptography in Depth Slide 41 ZendCon 2018 - Cryptography in Depth Slide 42 ZendCon 2018 - Cryptography in Depth Slide 43 ZendCon 2018 - Cryptography in Depth Slide 44 ZendCon 2018 - Cryptography in Depth Slide 45 ZendCon 2018 - Cryptography in Depth Slide 46 ZendCon 2018 - Cryptography in Depth Slide 47 ZendCon 2018 - Cryptography in Depth Slide 48 ZendCon 2018 - Cryptography in Depth Slide 49 ZendCon 2018 - Cryptography in Depth Slide 50 ZendCon 2018 - Cryptography in Depth Slide 51 ZendCon 2018 - Cryptography in Depth Slide 52 ZendCon 2018 - Cryptography in Depth Slide 53 ZendCon 2018 - Cryptography in Depth Slide 54 ZendCon 2018 - Cryptography in Depth Slide 55 ZendCon 2018 - Cryptography in Depth Slide 56 ZendCon 2018 - Cryptography in Depth Slide 57 ZendCon 2018 - Cryptography in Depth Slide 58 ZendCon 2018 - Cryptography in Depth Slide 59 ZendCon 2018 - Cryptography in Depth Slide 60 ZendCon 2018 - Cryptography in Depth Slide 61 ZendCon 2018 - Cryptography in Depth Slide 62 ZendCon 2018 - Cryptography in Depth Slide 63 ZendCon 2018 - Cryptography in Depth Slide 64 ZendCon 2018 - Cryptography in Depth Slide 65 ZendCon 2018 - Cryptography in Depth Slide 66 ZendCon 2018 - Cryptography in Depth Slide 67 ZendCon 2018 - Cryptography in Depth Slide 68 ZendCon 2018 - Cryptography in Depth Slide 69 ZendCon 2018 - Cryptography in Depth Slide 70 ZendCon 2018 - Cryptography in Depth Slide 71 ZendCon 2018 - Cryptography in Depth Slide 72 ZendCon 2018 - Cryptography in Depth Slide 73 ZendCon 2018 - Cryptography in Depth Slide 74 ZendCon 2018 - Cryptography in Depth Slide 75 ZendCon 2018 - Cryptography in Depth Slide 76 ZendCon 2018 - Cryptography in Depth Slide 77 ZendCon 2018 - Cryptography in Depth Slide 78 ZendCon 2018 - Cryptography in Depth Slide 79 ZendCon 2018 - Cryptography in Depth Slide 80 ZendCon 2018 - Cryptography in Depth Slide 81 ZendCon 2018 - Cryptography in Depth Slide 82 ZendCon 2018 - Cryptography in Depth Slide 83 ZendCon 2018 - Cryptography in Depth Slide 84 ZendCon 2018 - Cryptography in Depth Slide 85 ZendCon 2018 - Cryptography in Depth Slide 86 ZendCon 2018 - Cryptography in Depth Slide 87 ZendCon 2018 - Cryptography in Depth Slide 88 ZendCon 2018 - Cryptography in Depth Slide 89 ZendCon 2018 - Cryptography in Depth Slide 90 ZendCon 2018 - Cryptography in Depth Slide 91 ZendCon 2018 - Cryptography in Depth Slide 92 ZendCon 2018 - Cryptography in Depth Slide 93 ZendCon 2018 - Cryptography in Depth Slide 94 ZendCon 2018 - Cryptography in Depth Slide 95 ZendCon 2018 - Cryptography in Depth Slide 96 ZendCon 2018 - Cryptography in Depth Slide 97 ZendCon 2018 - Cryptography in Depth Slide 98 ZendCon 2018 - Cryptography in Depth Slide 99 ZendCon 2018 - Cryptography in Depth Slide 100 ZendCon 2018 - Cryptography in Depth Slide 101 ZendCon 2018 - Cryptography in Depth Slide 102 ZendCon 2018 - Cryptography in Depth Slide 103 ZendCon 2018 - Cryptography in Depth Slide 104 ZendCon 2018 - Cryptography in Depth Slide 105 ZendCon 2018 - Cryptography in Depth Slide 106 ZendCon 2018 - Cryptography in Depth Slide 107 ZendCon 2018 - Cryptography in Depth Slide 108 ZendCon 2018 - Cryptography in Depth Slide 109 ZendCon 2018 - Cryptography in Depth Slide 110 ZendCon 2018 - Cryptography in Depth Slide 111 ZendCon 2018 - Cryptography in Depth Slide 112 ZendCon 2018 - Cryptography in Depth Slide 113 ZendCon 2018 - Cryptography in Depth Slide 114 ZendCon 2018 - Cryptography in Depth Slide 115 ZendCon 2018 - Cryptography in Depth Slide 116 ZendCon 2018 - Cryptography in Depth Slide 117 ZendCon 2018 - Cryptography in Depth Slide 118 ZendCon 2018 - Cryptography in Depth Slide 119 ZendCon 2018 - Cryptography in Depth Slide 120 ZendCon 2018 - Cryptography in Depth Slide 121 ZendCon 2018 - Cryptography in Depth Slide 122 ZendCon 2018 - Cryptography in Depth Slide 123 ZendCon 2018 - Cryptography in Depth Slide 124 ZendCon 2018 - Cryptography in Depth Slide 125 ZendCon 2018 - Cryptography in Depth Slide 126 ZendCon 2018 - Cryptography in Depth Slide 127 ZendCon 2018 - Cryptography in Depth Slide 128 ZendCon 2018 - Cryptography in Depth Slide 129 ZendCon 2018 - Cryptography in Depth Slide 130 ZendCon 2018 - Cryptography in Depth Slide 131 ZendCon 2018 - Cryptography in Depth Slide 132 ZendCon 2018 - Cryptography in Depth Slide 133 ZendCon 2018 - Cryptography in Depth Slide 134 ZendCon 2018 - Cryptography in Depth Slide 135 ZendCon 2018 - Cryptography in Depth Slide 136 ZendCon 2018 - Cryptography in Depth Slide 137 ZendCon 2018 - Cryptography in Depth Slide 138 ZendCon 2018 - Cryptography in Depth Slide 139 ZendCon 2018 - Cryptography in Depth Slide 140 ZendCon 2018 - Cryptography in Depth Slide 141 ZendCon 2018 - Cryptography in Depth Slide 142 ZendCon 2018 - Cryptography in Depth Slide 143 ZendCon 2018 - Cryptography in Depth Slide 144 ZendCon 2018 - Cryptography in Depth Slide 145 ZendCon 2018 - Cryptography in Depth Slide 146 ZendCon 2018 - Cryptography in Depth Slide 147 ZendCon 2018 - Cryptography in Depth Slide 148 ZendCon 2018 - Cryptography in Depth Slide 149 ZendCon 2018 - Cryptography in Depth Slide 150 ZendCon 2018 - Cryptography in Depth Slide 151 ZendCon 2018 - Cryptography in Depth Slide 152 ZendCon 2018 - Cryptography in Depth Slide 153 ZendCon 2018 - Cryptography in Depth Slide 154 ZendCon 2018 - Cryptography in Depth Slide 155 ZendCon 2018 - Cryptography in Depth Slide 156 ZendCon 2018 - Cryptography in Depth Slide 157 ZendCon 2018 - Cryptography in Depth Slide 158 ZendCon 2018 - Cryptography in Depth Slide 159 ZendCon 2018 - Cryptography in Depth Slide 160 ZendCon 2018 - Cryptography in Depth Slide 161 ZendCon 2018 - Cryptography in Depth Slide 162 ZendCon 2018 - Cryptography in Depth Slide 163 ZendCon 2018 - Cryptography in Depth Slide 164 ZendCon 2018 - Cryptography in Depth Slide 165 ZendCon 2018 - Cryptography in Depth Slide 166 ZendCon 2018 - Cryptography in Depth Slide 167 ZendCon 2018 - Cryptography in Depth Slide 168 ZendCon 2018 - Cryptography in Depth Slide 169 ZendCon 2018 - Cryptography in Depth Slide 170 ZendCon 2018 - Cryptography in Depth Slide 171 ZendCon 2018 - Cryptography in Depth Slide 172 ZendCon 2018 - Cryptography in Depth Slide 173 ZendCon 2018 - Cryptography in Depth Slide 174 ZendCon 2018 - Cryptography in Depth Slide 175 ZendCon 2018 - Cryptography in Depth Slide 176 ZendCon 2018 - Cryptography in Depth Slide 177 ZendCon 2018 - Cryptography in Depth Slide 178 ZendCon 2018 - Cryptography in Depth Slide 179 ZendCon 2018 - Cryptography in Depth Slide 180 ZendCon 2018 - Cryptography in Depth Slide 181 ZendCon 2018 - Cryptography in Depth Slide 182 ZendCon 2018 - Cryptography in Depth Slide 183 ZendCon 2018 - Cryptography in Depth Slide 184 ZendCon 2018 - Cryptography in Depth Slide 185 ZendCon 2018 - Cryptography in Depth Slide 186 ZendCon 2018 - Cryptography in Depth Slide 187 ZendCon 2018 - Cryptography in Depth Slide 188 ZendCon 2018 - Cryptography in Depth Slide 189 ZendCon 2018 - Cryptography in Depth Slide 190 ZendCon 2018 - Cryptography in Depth Slide 191 ZendCon 2018 - Cryptography in Depth Slide 192 ZendCon 2018 - Cryptography in Depth Slide 193 ZendCon 2018 - Cryptography in Depth Slide 194 ZendCon 2018 - Cryptography in Depth Slide 195 ZendCon 2018 - Cryptography in Depth Slide 196 ZendCon 2018 - Cryptography in Depth Slide 197 ZendCon 2018 - Cryptography in Depth Slide 198 ZendCon 2018 - Cryptography in Depth Slide 199 ZendCon 2018 - Cryptography in Depth Slide 200 ZendCon 2018 - Cryptography in Depth Slide 201 ZendCon 2018 - Cryptography in Depth Slide 202 ZendCon 2018 - Cryptography in Depth Slide 203 ZendCon 2018 - Cryptography in Depth Slide 204 ZendCon 2018 - Cryptography in Depth Slide 205 ZendCon 2018 - Cryptography in Depth Slide 206 ZendCon 2018 - Cryptography in Depth Slide 207 ZendCon 2018 - Cryptography in Depth Slide 208 ZendCon 2018 - Cryptography in Depth Slide 209 ZendCon 2018 - Cryptography in Depth Slide 210 ZendCon 2018 - Cryptography in Depth Slide 211 ZendCon 2018 - Cryptography in Depth Slide 212 ZendCon 2018 - Cryptography in Depth Slide 213 ZendCon 2018 - Cryptography in Depth Slide 214 ZendCon 2018 - Cryptography in Depth Slide 215 ZendCon 2018 - Cryptography in Depth Slide 216 ZendCon 2018 - Cryptography in Depth Slide 217 ZendCon 2018 - Cryptography in Depth Slide 218 ZendCon 2018 - Cryptography in Depth Slide 219 ZendCon 2018 - Cryptography in Depth Slide 220 ZendCon 2018 - Cryptography in Depth Slide 221 ZendCon 2018 - Cryptography in Depth Slide 222 ZendCon 2018 - Cryptography in Depth Slide 223 ZendCon 2018 - Cryptography in Depth Slide 224 ZendCon 2018 - Cryptography in Depth Slide 225 ZendCon 2018 - Cryptography in Depth Slide 226 ZendCon 2018 - Cryptography in Depth Slide 227 ZendCon 2018 - Cryptography in Depth Slide 228 ZendCon 2018 - Cryptography in Depth Slide 229 ZendCon 2018 - Cryptography in Depth Slide 230 ZendCon 2018 - Cryptography in Depth Slide 231 ZendCon 2018 - Cryptography in Depth Slide 232 ZendCon 2018 - Cryptography in Depth Slide 233 ZendCon 2018 - Cryptography in Depth Slide 234 ZendCon 2018 - Cryptography in Depth Slide 235 ZendCon 2018 - Cryptography in Depth Slide 236 ZendCon 2018 - Cryptography in Depth Slide 237 ZendCon 2018 - Cryptography in Depth Slide 238 ZendCon 2018 - Cryptography in Depth Slide 239 ZendCon 2018 - Cryptography in Depth Slide 240 ZendCon 2018 - Cryptography in Depth Slide 241 ZendCon 2018 - Cryptography in Depth Slide 242 ZendCon 2018 - Cryptography in Depth Slide 243 ZendCon 2018 - Cryptography in Depth Slide 244 ZendCon 2018 - Cryptography in Depth Slide 245 ZendCon 2018 - Cryptography in Depth Slide 246 ZendCon 2018 - Cryptography in Depth Slide 247 ZendCon 2018 - Cryptography in Depth Slide 248 ZendCon 2018 - Cryptography in Depth Slide 249 ZendCon 2018 - Cryptography in Depth Slide 250 ZendCon 2018 - Cryptography in Depth Slide 251 ZendCon 2018 - Cryptography in Depth Slide 252 ZendCon 2018 - Cryptography in Depth Slide 253 ZendCon 2018 - Cryptography in Depth Slide 254 ZendCon 2018 - Cryptography in Depth Slide 255 ZendCon 2018 - Cryptography in Depth Slide 256 ZendCon 2018 - Cryptography in Depth Slide 257 ZendCon 2018 - Cryptography in Depth Slide 258 ZendCon 2018 - Cryptography in Depth Slide 259 ZendCon 2018 - Cryptography in Depth Slide 260 ZendCon 2018 - Cryptography in Depth Slide 261 ZendCon 2018 - Cryptography in Depth Slide 262 ZendCon 2018 - Cryptography in Depth Slide 263 ZendCon 2018 - Cryptography in Depth Slide 264 ZendCon 2018 - Cryptography in Depth Slide 265 ZendCon 2018 - Cryptography in Depth Slide 266 ZendCon 2018 - Cryptography in Depth Slide 267 ZendCon 2018 - Cryptography in Depth Slide 268 ZendCon 2018 - Cryptography in Depth Slide 269 ZendCon 2018 - Cryptography in Depth Slide 270 ZendCon 2018 - Cryptography in Depth Slide 271 ZendCon 2018 - Cryptography in Depth Slide 272 ZendCon 2018 - Cryptography in Depth Slide 273 ZendCon 2018 - Cryptography in Depth Slide 274 ZendCon 2018 - Cryptography in Depth Slide 275
Upcoming SlideShare
What to Upload to SlideShare
Next
Download to read offline and view in fullscreen.

1 Like

Share

Download to read offline

ZendCon 2018 - Cryptography in Depth

Download to read offline

Cryptography is the invisible layer protecting everything around us. As software engineers, we are required to have some understanding of cryptography. Most of us only have a cursory understanding. Let’s dive deep into algorithms and modes for encryption, digital signatures, hashing, and key derivation. To get the most from this presentation, it is expected that you have a basic understanding of cryptography.

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all

ZendCon 2018 - Cryptography in Depth

  1. 1. @adam_englander Cryptography in Depth Adam Englander Software Architect, TransUnion
  2. 2. @adam_englander Entropy
  3. 3. @adam_englander Entropy
  4. 4. @adam_englander Fighting Predictability
  5. 5. @adam_englander
  6. 6. @adam_englander 4,294,967,296 Total messages 365 Days/year 8,171 Encryptions/min ➗ 24 Hours/day➗ 60 Minutes/hour➗
  7. 7. @adam_englander sdhpeurh8awjw4npv894nv9q04
  8. 8. @adam_englander CSPRNGs and the Entropy Pools
  9. 9. @adam_englander Environmental Pools
  10. 10. @adam_englander Hardware Pools
  11. 11. @adam_englander /dev/random
  12. 12. @adam_englander /dev/urandom
  13. 13. @adam_englander /dev/arandom
  14. 14. @adam_englander Which one should I use?
  15. 15. @adam_englander paragonie/rand_compat CSPRNG Functions
  16. 16. @adam_englander Fighting Predictability
  17. 17. @adam_englander Secrets
  18. 18. @adam_englander Keys
  19. 19. @adam_englander Keys
  20. 20. @adam_englander Shared Secrets
  21. 21. @adam_englander The Problem is Trust
  22. 22. @adam_englander Too Many Keys
  23. 23. @adam_englander Key Exchange
  24. 24. @adam_englander Diffie-Hellman Key Exchange The magic of modular arithmetic
  25. 25. @adam_englander Public Key Cryptography
  26. 26. @adam_englander Modular Arithmetic Magic
  27. 27. @adam_englander Very Large Prime Numbers
  28. 28. @adam_englander Which one should I use?
  29. 29. @adam_englander Public Key Shared Secret
  30. 30. @adam_englander Rotation
  31. 31. @adam_englander Encryption
  32. 32. @adam_englander
  33. 33. @adam_englander RSA
  34. 34. @adam_englander RSA Encryption Plain Text Padding Cipher Text Public Key Padded Message Encrypt
  35. 35. @adam_englander RSA Encryption Plain Text Padding Cipher Text Public Key Padded Message Encrypt
  36. 36. @adam_englander RSA Encryption Plain Text Padding Cipher Text Public Key Padded Message Encrypt
  37. 37. @adam_englander RSA Encryption Plain Text Padding Cipher Text Public Key Padded Message Encrypt
  38. 38. @adam_englander RSA Decryption Plain TextRemove Pad Cipher Text Private Key Padded Message Decrypt
  39. 39. @adam_englander RSA Decryption Plain TextRemove Pad Cipher Text Private Key Padded Message Decrypt
  40. 40. @adam_englander RSA Decryption Plain TextRemove Pad Cipher Text Private Key Padded Message Decrypt
  41. 41. @adam_englander Padding Schemes
  42. 42. @adam_englander PKCS#1v1.5
  43. 43. @adam_englander OAEP a.k.a PKCS#1v2
  44. 44. @adam_englander Advanced Encryption Standard (AES)
  45. 45. @adam_englander Block Cipher
  46. 46. @adam_englander This is a block split se ntence22
  47. 47. @adam_englander Key Key Expansion Add RoundKey Round 1 Key Round 2 to n-1 Key Round n Key Round 1 Round n Ciphertext Block Round 2 to (n-1) Plaintext Block
  48. 48. @adam_englander Key Key Expansion Add RoundKey Round 1 Key Round 2 to n-1 Key Round n Key Round 1 Round n Ciphertext Block Round 2 to (n-1) Plaintext Block
  49. 49. @adam_englander Rijandel Key Schedule
  50. 50. @adam_englander Key Key Expansion AddRoundKey Round 1 Key Round 2 to n-1 Key Round n Key Round 1 Round n Ciphertext Block Round 2 to (n-1) Input Block
  51. 51. @adam_englander AddRoundKey 1001100110100010101010110010111010011001101000101010101100101110 0010110010101111010101011001010101011100010101010001110010101010 1011010100001101111111101011101111000101111101111011011110000100 XOR
  52. 52. @adam_englander Key Key Expansion Add RoundKey Round 1 Key Round 2 to n-1 Key Round n Key Round 1 Round n Ciphertext Block Round 2 to (n-1) Input Block
  53. 53. @adam_englander Key Key Expansion Add RoundKey Round 1 Key Round 2 to n-1 Key Round n Key Round 1 Round n Ciphertext Block Round 2 to (n-1) Input Block
  54. 54. @adam_englander Key Key Expansion Add RoundKey Round 1 Key Round 2 to n-1 Key Round n Key Round 1 Round n Ciphertext Block Round 2 to (n-1) Input Block
  55. 55. @adam_englander Rounds RoundKeySubBytes ShiftRows MixColumns AddRoundKey Input Block Output Block To Matrices To Bytes
  56. 56. @adam_englander Rounds RoundKeySubBytes ShiftRows MixColumns AddRoundKey Input Block Output Block To Matrices To Bytes
  57. 57. @adam_englander Rounds RoundKeySubBytes ShiftRows MixColumns AddRoundKey Input Block Output Block To Matrices To Bytes
  58. 58. @adam_englander Bits to Byte Matrices b01 b05 b09 b13 b02 b06 b10 b14 b03 b07 b11 b15 b04 b08 b12 b16 b33 b37 b41 b45 b34 b38 b42 b46 b35 b39 b43 b47 B36 b40 b44 b48 b17 b21 b25 b29 b18 b22 b26 b30 b19 b23 b27 b31 b20 b24 b28 b32 b49 b53 b57 b61 b50 b54 b58 b62 b51 b55 b59 b63 b52 b56 b60 b64 1011010100001101111111101011101111000101111101111011011110000100
  59. 59. @adam_englander Rounds RoundKeySubBytes ShiftRows MixColumns AddRoundKey Input Block Output Block To Matrices To Bytes
  60. 60. @adam_englander SubBytes b01 b05 b09 b13 b02 b06 b10 b14 b03 b07 b11 b15 b04 b08 b12 b16
  61. 61. @adam_englander SubBytes s01 b05 b09 b13 b02 b06 b10 b14 b03 b07 b11 b15 b04 b08 b12 b16
  62. 62. @adam_englander SubBytes s01 s05 b09 b13 s02 b06 b10 b14 b03 b07 b11 b15 b04 b08 b12 b16
  63. 63. @adam_englander SubBytes s01 b05 b09 b13 s02 b06 b10 b14 s03 b07 b11 b15 b04 b08 b12 b16
  64. 64. @adam_englander SubBytes s01 s05 s09 s13 s02 s06 s10 s14 s03 s07 s11 s15 s04 s08 s12 s16
  65. 65. @adam_englander Rounds RoundKeySubBytes ShiftRows MixColumns AddRoundKey Input Block Output Block To Matrices To Bytes
  66. 66. @adam_englander ShiftRows b01 b05 b09 b13 b02 b06 b10 b14 b03 b07 b11 b15 b04 b08 b12 b16
  67. 67. @adam_englander ShiftRows b01 b05 b09 b13 b02 b06 b10 b14 b03 b07 b11 b15 b04 b08 b12 b16
  68. 68. @adam_englander ShiftRows b01 b05 b09 b13 b06 b10 b14 b02 b03 b07 b11 b15 b04 b08 b12 b16
  69. 69. @adam_englander ShiftRows b01 b05 b09 b13 b06 b10 b14 b02 b11 b15 b03 b07 b04 b08 b12 b16
  70. 70. @adam_englander ShiftRows b01 b05 b09 b13 b06 b10 b14 b02 b11 b15 b03 b07 b16 b04 b08 b12
  71. 71. @adam_englander ShiftRows b01 b05 b09 b13 b06 b10 b14 b02 b11 b15 b03 b07 b16 b04 b08 b12
  72. 72. @adam_englander Rounds RoundKeySubBytes ShiftRows MixColumns AddRoundKey Input Block Output Block To Matrices To Bytes
  73. 73. @adam_englander Rounds RoundKeySubBytes ShiftRows MixColumns AddRoundKey Input Block Output Block To Matrices To Bytes
  74. 74. @adam_englander MixColumns b01 b05 b09 b13 b02 b06 b10 b14 b03 b07 b11 b15 b04 b08 b12 b16
  75. 75. @adam_englander MixColumns t01 b05 b09 b13 t02 b06 b10 b14 t03 b07 b11 b15 t04 b08 b12 b16
  76. 76. @adam_englander MixColumns t01 t05 b09 b13 t02 t06 b10 b14 t03 t07 b11 b15 t04 t08 b12 b16
  77. 77. @adam_englander MixColumns t01 t05 t09 b13 t02 t06 t10 b14 t03 t07 t11 b15 t04 t08 t12 b16
  78. 78. @adam_englander MixColumns t01 t05 t09 t13 t02 t06 t10 t14 t03 t07 t11 t15 t04 t08 t12 t16
  79. 79. @adam_englander Rounds RoundKeySubBytes ShiftRows MixColumns AddRoundKey Input Block Output Block To Matrices To Bytes
  80. 80. @adam_englander Byte Matrices to Bits b01 b05 b09 b13 b02 b06 b10 b14 b03 b07 b11 b15 b04 b08 b12 b16 b33 b37 b41 b45 b34 b38 b42 b46 b35 b39 b43 b47 B36 b40 b44 b48 b17 b21 b25 b29 b18 b22 b26 b30 b19 b23 b27 b31 b20 b24 b28 b32 b49 b53 b57 b61 b50 b54 b58 b62 b51 b55 b59 b63 b52 b56 b60 b64 1011010100001101111111101011101111000101111101111011011110000100
  81. 81. @adam_englander Rounds RoundKeySubBytes ShiftRows MixColumns AddRoundKey Input Block Output Block To Matrices To Bytes
  82. 82. @adam_englander AddRoundKey 1001100110100010101010110010111010011001101000101010101100101110 0010110010101111010101011001010101011100010101010001110010101010 1011010100001101111111101011101111000101111101111011011110000100 XOR
  83. 83. @adam_englander Modes
  84. 84. @adam_englander This is a block split se ntence22
  85. 85. @adam_englander CBC ECB OFB CFB CTR GCM
  86. 86. @adam_englander CBC ECB OFB CFB CTR GCM
  87. 87. @adam_englander CBC ECB OFB CFB CTR GCM
  88. 88. @adam_englander CBC ECB OFB CFB CTR GCM
  89. 89. @adam_englander CBC ECB OFB CFB CTR GCM
  90. 90. @adam_englander Electronic Cook Book (ECB)
  91. 91. @adam_englander
  92. 92. @adam_englander
  93. 93. @adam_englander Cipher Block Chaining (CBC)
  94. 94. @adam_englander
  95. 95. @adam_englander
  96. 96. @adam_englander Galois Counter Mode (GCM)
  97. 97. @adam_englander Galois Counter Mode (GCM)
  98. 98. @adam_englander
  99. 99. @adam_englander
  100. 100. @adam_englander Galois Counter Mode (GCM)
  101. 101. @adam_englander Galois Counter Mode (GCM)
  102. 102. @adam_englander Galois Counter Mode (GCM)
  103. 103. @adam_englander Galois Counter Mode (GCM)
  104. 104. @adam_englander Which mode should I use?
  105. 105. @adam_englander Mode Padding Oracle Resistant? Nonce Reuse Resistant? CBC No Yes GCM Yes No
  106. 106. @adam_englander GCM CBC
  107. 107. @adam_englander Padding
  108. 108. @adam_englander PKCS#5/PKCS#7 The value of each added byte is the number of bytes that are added. The last value is always a pad.
  109. 109. @adam_englander PKCS#5/7 Example Hello World
  110. 110. @adam_englander PKCS#5/7 Example Hello World 48 65 6c 6c 6f 20 57 6f 72 6c 64 11 bytes
  111. 111. @adam_englander PKCS#5/7 Example Hello World 48 65 6c 6c 6f 20 57 6f 72 6c 64 11 bytes 64 bytes - 11 bytes = 53 bytes = 0x35 bytes
  112. 112. @adam_englander PKCS#5/7 Example Hello World 48 65 6c 6c 6f 20 57 6f 72 6c 64 11 bytes 64 bytes - 11 bytes = 53 bytes = 0x35 bytes 48 65 6c 6c 6f 20 57 6f 72 6c 64 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 64 byte padded value
  113. 113. @adam_englander PKCS#5/7 Example Hello World 48 65 6c 6c 6f 20 57 6f 72 6c 64 11 bytes 64 bytes - 11 bytes = 53 bytes = 0x35 bytes 48 65 6c 6c 6f 20 57 6f 72 6c 64 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 64 byte padded value
  114. 114. @adam_englander PKCS#5/7 Example Hello World 48 65 6c 6c 6f 20 57 6f 72 6c 64 11 bytes 64 bytes - 11 bytes = 53 bytes = 0x35 bytes 48 65 6c 6c 6f 20 57 6f 72 6c 64 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 64 byte padded value
  115. 115. @adam_englander What if we have 64 characters?
  116. 116. @adam_englander PKCS#5/7 64 Character Example This is a sixty four byte text that I am going to encrypt meow
  117. 117. @adam_englander PKCS#5/7 64 Character Example This is a sixty four byte text that I am going to encrypt meow 54 68 69 73 20 69 73 20 61 20 73 69 78 74 79 20 66 6f 75 72 20 62 79 74 65 20 74 65 78 74 20 74 68 61 74 20 49 20 61 6d 20 67 6f 69 6e 67 20 74 6f 20 65 6e 63 72 79 70 74 20 6d 65 6f 77 64 bytes
  118. 118. @adam_englander PKCS#5/7 64 Character Example This is a sixty four byte text that I am going to encrypt meow 54 68 69 73 20 69 73 20 61 20 73 69 78 74 79 20 66 6f 75 72 20 62 79 74 65 20 74 65 78 74 20 74 68 61 74 20 49 20 61 6d 20 67 6f 69 6e 67 20 74 6f 20 65 6e 63 72 79 70 74 20 6d 65 6f 77 64 bytes 64 bytes - 64 bytes = 0 bytes
  119. 119. @adam_englander PKCS#5/PKCS#7 The value of each added byte is the number of bytes that are added. The last value is always a pad.
  120. 120. @adam_englander PKCS#5/7 64 Character Example This is a sixty four byte text that I am going to encrypt meow 54 68 69 73 20 69 73 20 61 20 73 69 78 74 79 20 66 6f 75 72 20 62 79 74 65 20 74 65 78 74 20 74 68 61 74 20 49 20 61 6d 20 67 6f 69 6e 67 20 74 6f 20 65 6e 63 72 79 70 74 20 6d 65 6f 77 64 bytes 64 bytes - 64 bytes = 0 bytes 54 68 69 73 20 69 73 20 61 20 73 69 78 74 79 20 66 6f 75 72 20 62 79 74 65 20 74 65 78 74 20 74 68 61 74 20 49 20 61 6d 20 67 6f 69 6e 67 20 74 6f 20 65 6e 63 72 79 70 74 20 6d 65 6f 7740 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 128 byte padded value
  121. 121. @adam_englander PKCS#5/7 64 Character Example This is a sixty four byte text that I am going to encrypt meow 54 68 69 73 20 69 73 20 61 20 73 69 78 74 79 20 66 6f 75 72 20 62 79 74 65 20 74 65 78 74 20 74 68 61 74 20 49 20 61 6d 20 67 6f 69 6e 67 20 74 6f 20 65 6e 63 72 79 70 74 20 6d 65 6f 77 64 bytes 64 bytes - 64 bytes = 0 bytes 54 68 69 73 20 69 73 20 61 20 73 69 78 74 79 20 66 6f 75 72 20 62 79 74 65 20 74 65 78 74 20 74 68 61 74 20 49 20 61 6d 20 67 6f 69 6e 67 20 74 6f 20 65 6e 63 72 79 70 74 20 6d 65 6f 7740 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 128 byte padded value
  122. 122. @adam_englander PKCS#5/7 64 Character Example This is a sixty four byte text that I am going to encrypt meow 54 68 69 73 20 69 73 20 61 20 73 69 78 74 79 20 66 6f 75 72 20 62 79 74 65 20 74 65 78 74 20 74 68 61 74 20 49 20 61 6d 20 67 6f 69 6e 67 20 74 6f 20 65 6e 63 72 79 70 74 20 6d 65 6f 77 64 bytes 64 bytes - 64 bytes = 0 bytes 54 68 69 73 20 69 73 20 61 20 73 69 78 74 79 20 66 6f 75 72 20 62 79 74 65 20 74 65 78 74 20 74 68 61 74 20 49 20 61 6d 20 67 6f 69 6e 67 20 74 6f 20 65 6e 63 72 79 70 74 20 6d 65 6f 7740 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 128 byte padded value
  123. 123. @adam_englander Salsa20/XSalsa20 ChaCha/XChaCha
  124. 124. @adam_englander Salsa20 The new hotness!
  125. 125. @adam_englander Cons Key Key Key Key Cons Nonce Nonce Pos Pos Cons Key Key Key Key Cons
  126. 126. @adam_englander Cons Key Key Key Key Cons Nonce Nonce Pos Pos Cons Key Key Key Key Cons Key Key Key Key Key Key Key Key
  127. 127. @adam_englander Cons Key Key Key Key Cons Nonce Nonce Pos Pos Cons Key Key Key Key Cons Nonce Nonce
  128. 128. @adam_englander Cons Key Key Key Key Cons Nonce Nonce Pos Pos Cons Key Key Key Key Cons Pos Pos
  129. 129. @adam_englander Cons Key Key Key Key Cons Nonce Nonce Pos Pos Cons Key Key Key Key Cons Cons Cons Cons Cons
  130. 130. @adam_englander Cons Key Key Key Key Cons Nonce Nonce Pos Pos Cons Key Key Key Key Cons Cons Cons Cons Cons
  131. 131. @adam_englander Rounds 0 4 8 12 1 5 9 13 2 6 10 14 3 7 11 15
  132. 132. @adam_englander Even Rounds 0 4 8 12 1 5 9 13 2 6 10 14 3 7 11 15
  133. 133. @adam_englander Even Rounds 0 4 8 12 1 5 9 13 2 6 10 14 3 7 11 15
  134. 134. @adam_englander Even Rounds 0 4 8 12 1 5 9 13 2 6 10 14 3 7 11 15
  135. 135. @adam_englander Even Rounds 0 4 8 12 1 5 9 13 2 6 10 14 3 7 11 15
  136. 136. @adam_englander Odd Rounds 0 4 8 12 1 5 9 13 2 6 10 14 3 7 11 15
  137. 137. @adam_englander Odd Rounds 0 4 8 12 1 5 9 13 2 6 10 14 3 7 11 15
  138. 138. @adam_englander Odd Rounds 0 4 8 12 1 5 9 13 2 6 10 14 3 7 11 15
  139. 139. @adam_englander Odd Rounds 0 4 8 12 1 5 9 13 2 6 10 14 3 7 11 15
  140. 140. @adam_englander Round Manipulation b ⊕= (a ⊞ d) <<< 7 c ⊕= (b ⊞ a) <<< 9 d ⊕= (c ⊞ b) <<< 13 a ⊕= (d ⊞ c) <<< 18
  141. 141. @adam_englander Round Manipulation b ⊕= (a ⊞ d) <<< 7 c ⊕= (b ⊞ a) <<< 9 d ⊕= (c ⊞ b) <<< 13 a ⊕= (d ⊞ c) <<< 18
  142. 142. @adam_englander Round Manipulation b ⊕= (a ⊞ d) <<< 7 c ⊕= (b ⊞ a) <<< 9 d ⊕= (c ⊞ b) <<< 13 a ⊕= (d ⊞ c) <<< 18
  143. 143. @adam_englander Round Manipulation b ⊕= (a ⊞ d) <<< 7 c ⊕= (b ⊞ a) <<< 9 d ⊕= (c ⊞ b) <<< 13 a ⊕= (d ⊞ c) <<< 18
  144. 144. @adam_englander Round Manipulation b ⊕= (a ⊞ d) <<< 7 c ⊕= (b ⊞ a) <<< 9 d ⊕= (c ⊞ b) <<< 13 a ⊕= (d ⊞ c) <<< 18
  145. 145. @adam_englander ChaCha Mixes it up a bit
  146. 146. @adam_englander Cons Cons Cons Cons Key Key Key Key Key Key Key Key Pos Pos Nonce Nonce
  147. 147. @adam_englander Odd Rounds 0 4 8 12 1 5 9 13 2 6 10 14 3 7 11 15
  148. 148. @adam_englander Odd Rounds 0 4 8 12 1 5 9 13 2 6 10 14 3 7 11 15
  149. 149. @adam_englander Odd Rounds 0 4 8 12 1 5 9 13 2 6 10 14 3 7 11 15
  150. 150. @adam_englander Odd Rounds 0 4 8 12 1 5 9 13 2 6 10 14 3 7 11 15
  151. 151. @adam_englander Even Rounds 0 4 8 12 1 5 9 13 2 6 10 14 3 7 11 15
  152. 152. @adam_englander Even Rounds 0 4 8 12 1 5 9 13 2 6 10 14 3 7 11 15
  153. 153. @adam_englander Even Rounds 0 4 8 12 1 5 9 13 2 6 10 14 3 7 11 15
  154. 154. @adam_englander Even Rounds 0 4 8 12 1 5 9 13 2 6 10 14 3 7 11 15
  155. 155. @adam_englander Round Manipulation a ⊞= b; d ⊕= a; a <<< 16 c ⊞= d; b ⊕=c; b<<< 12 a ⊞= b; d ⊕= a; d<<< 8 c ⊞= d; b ⊕=c; b<<< 78
  156. 156. @adam_englander Round Manipulation a ⊞= b; d ⊕= a; a <<< 16 c ⊞= d; b ⊕=c; b<<< 12 a ⊞= b; d ⊕= a; d<<< 8 c ⊞= d; b ⊕=c; b<<< 78
  157. 157. @adam_englander Round Manipulation a ⊞= b; d ⊕= a; a <<< 16 c ⊞= d; b ⊕=c; b<<< 12 a ⊞= b; d ⊕= a; d<<< 8 c ⊞= d; b ⊕=c; b<<< 78
  158. 158. @adam_englander Round Manipulation a ⊞= b; d ⊕= a; a <<< 16 c ⊞= d; b ⊕=c; b<<< 12 a ⊞= b; d ⊕= a; d<<< 8 c ⊞= d; b ⊕=c; b<<< 78
  159. 159. @adam_englander Round Manipulation a ⊞= b; d ⊕= a; a <<< 16 c ⊞= d; b ⊕=c; b<<< 12 a ⊞= b; d ⊕= a; d<<< 8 c ⊞= d; b ⊕=c; b<<< 78
  160. 160. @adam_englander Round Manipulation a ⊞= b; d ⊕= a; a <<< 16 c ⊞= d; b ⊕=c; b<<< 12 a ⊞= b; d ⊕= a; d<<< 8 c ⊞= d; b ⊕=c; b<<< 78
  161. 161. @adam_englander Round Manipulation a ⊞= b; d ⊕= a; d<<< 16 c ⊞= d; b ⊕=c; b<<< 12 a ⊞= b; d ⊕= a; d<<< 8 c ⊞= d; b ⊕=c; b<<< 78
  162. 162. @adam_englander Round Manipulation a ⊞= b; d ⊕= a; a <<< 16 c ⊞= d; b ⊕=c; b<<< 12 a ⊞= b; d ⊕= a; d<<< 8 c ⊞= d; b ⊕=c; b<<< 78
  163. 163. @adam_englander X hits the spot
  164. 164. @adam_englander Which one should I use?
  165. 165. @adam_englander XChaCha RSA AES-GCM
  166. 166. @adam_englander Hashing
  167. 167. @adam_englander Msg block 1 Msg block 2 Msg block n XForm block 1 XForm block 2 XForm block n Static IV Compr Result Compr Result Compr Result Hash Compression Transformation F I N Merkle–Damgård MD5/SHA1/SHA2
  168. 168. @adam_englander Msg block 1 Msg block 2 Msg block n XForm block 1 XForm block 2 XForm block n Static IV Compr Result Compr Result Compr Result Hash Compression Transformation F I N Merkle–Damgård MD5/SHA1/SHA2
  169. 169. @adam_englander Msg block 1 Msg block 2 Msg block n XForm block 1 XForm block 2 XForm block n Static IV Compr Result Compr Result Compr Result Hash Compression Transformation F I N Merkle–Damgård MD5/SHA1/SHA2
  170. 170. @adam_englander Msg block 1 Msg block 2 Msg block n XForm block 1 XForm block 2 XForm block n Static IV Compr Result Compr Result Compr Result Hash Compression F I N Merkle–Damgård MD5/SHA1/SHA2 Transformation
  171. 171. @adam_englander Msg block 1 Msg block 2 Msg block n XForm block 1 XForm block 2 XForm block n Static IV Compr Result Compr Result Compr Result Hash Compression F I N Merkle–Damgård MD5/SHA1/SHA2 Transformation
  172. 172. @adam_englander Msg block 1 Msg block 2 Msg block n XForm block 1 XForm block 2 XForm block n Static IV Compr Result Compr Result Compr Result Hash Compression F I N Merkle–Damgård MD5/SHA1/SHA2 Transformation
  173. 173. @adam_englander Msg block 1 Msg block 2 Msg block n XForm block 1 XForm block 2 XForm block n Static IV Compr Result Compr Result Compr Result Hash Compression F I N Merkle–Damgård MD5/SHA1/SHA2 Transformation
  174. 174. @adam_englander Msg block 1 Msg block 2 Msg block n XForm block 1 XForm block 2 XForm block n Static IV Compr Result Compr Result Compr Result Hash Compression F I N Merkle–Damgård MD5/SHA1/SHA2 Transformation
  175. 175. @adam_englander If they’re all basically the same, how do I pick one to use?
  176. 176. @adam_englander It’s all about speed… and collisions
  177. 177. @adam_englander Hash Collision Speed SHA1 160 2^80 909 SHA2 512 2^256 623 SHA3 512 2^256 198 Blake2 512 2^256 947
  178. 178. @adam_englander Hash Collision Speed SHA1 160 2^80 909 SHA2 512 2^256 623 SHA3 512 2^256 198 Blake2 512 2^256 947
  179. 179. @adam_englander Hash Collision Speed SHA1 160 2^80 909 SHA2 512 2^256 623 SHA3 512 2^256 198 Blake2 512 2^256 947
  180. 180. @adam_englander Hash Collision Speed SHA1 160 2^80 909 SHA2 512 2^256 623 SHA3 512 2^256 198 Blake2 512 2^256 947
  181. 181. @adam_englander Hash Collision Speed SHA1 160 2^80 909 SHA2 512 2^256 623 SHA3 512 2^256 198 Blake2 512 2^256 947
  182. 182. @adam_englander Hash Collision Speed SHA1 160 2^80 909 SHA2 512 2^256 623 SHA3 512 2^256 198 Blake2 512 2^256 947
  183. 183. @adam_englander Hash Collision Speed SHA1 160 2^80 909 SHA2 512 2^256 623 SHA3 512 2^256 198 Blake2 512 2^256 947
  184. 184. @adam_englander Hash Collision Speed SHA-256 256 2^128 413 SHA-512 512 2^256 623 SHA3 256 2^128 367 Blake2 512 2^256 947
  185. 185. @adam_englander Hash Collision Speed SHA-256 256 2^128 413 SHA-512 512 2^256 623 SHA3 256 2^128 367 Blake2 512 2^256 947
  186. 186. @adam_englander 2.4814314e59 Years/collision 2^256 Hash/collision ➗4.6663425e15 Hash/year
  187. 187. @adam_englander 248,143,142,594,689,942,762, 604,727,382,715,494,744,052, 723,660,212,605,567,331 years
  188. 188. @adam_englander 248,143,142,594,689,942,762, 604,727,382,715,494,744,052, 723,660,212,605,567 years
  189. 189. @adam_englander 248,143,142,594,689,942,762, 604,727,382,715,494,744,052, 723,660,212,605 years
  190. 190. @adam_englander Hash Collision Speed SHA-256 256 2^128 413 SHA-512 512 2^256 623 SHA3 256 2^128 367 Blake2 512 2^256 947
  191. 191. @adam_englander Blake 2b SHA2-512
  192. 192. @adam_englander Key Derivation
  193. 193. @adam_englander Key SALT SALT Derivation D(1) D(1) Derivation D(2) SALTD(n-1) Derivation Hash
  194. 194. @adam_englander Key SALT SALT Derivation D(1) D(1) Derivation D(2) SALTD(n-1) Derivation Hash
  195. 195. @adam_englander Key SALT SALT Derivation D(1) D(1) Derivation D(2) SALTD(n-1) Derivation Hash
  196. 196. @adam_englander Key SALT SALT Derivation D(1) D(1) Derivation D(2) SALTD(n-1) Derivation Hash
  197. 197. @adam_englander Key SALT SALT Derivation D(1) D(1) Derivation D(2) SALTD(n-1) Derivation Hash
  198. 198. @adam_englander Key SALT SALT Derivation D(1) D(1) Derivation D(2) SALTD(n-1) Derivation Hash
  199. 199. @adam_englander Key SALT SALT Derivation D(1) D(1) Derivation D(2) SALTD(n-1) Derivation Hash
  200. 200. @adam_englander MCF/PHC Format
  201. 201. @adam_englander Modular Crypt Format $<identifier>$<content>
  202. 202. @adam_englander bcrypt $2y$10$W6r/AOt7Eutp/l9oZaT6GezLUOIiljdWGIhs.KLJEmmtSJJVk5sDi
  203. 203. @adam_englander bcrypt $2y$10$W6r/AOt7Eutp/l9oZaT6GezLUOIiljdWGIhs.KLJEmmtSJJVk5sDi
  204. 204. @adam_englander bcrypt $2y$10$W6r/AOt7Eutp/l9oZaT6GezLUOIiljdWGIhs.KLJEmmtSJJVk5sDi
  205. 205. @adam_englander bcrypt $2y$10$W6r/AOt7Eutp/l9oZaT6GezLUOIiljdWGIhs.KLJEmmtSJJVk5sDi
  206. 206. @adam_englander bcrypt $2y$10$W6r/AOt7Eutp/l9oZaT6GezLUOIiljdWGIhs.KLJEmmtSJJVk5sDi
  207. 207. @adam_englander bcrypt $2y$10$W6r/AOt7Eutp/l9oZaT6GezLUOIiljdWGIhs.KLJEmmtSJJVk5sDi
  208. 208. @adam_englander PHC Format $<id>[$<param>=<value> (,<param>=<value>)*][$<salt>[$<hash>]]
  209. 209. @adam_englander PHC Format $<id>[$<param>=<value> (,<param>=<value>)*][$<salt>[$<hash>]]
  210. 210. @adam_englander scrypt $scrypt$ln=16,r=8,p=1$aM15713r3Xsvxmi31lqr1Q$ nFNh2CVHVjNldFVKDHDlm4CmdRSCdEmsjjJxD+iCs5E
  211. 211. @adam_englander scrypt $scrypt$ln=16,r=8,p=1$aM15713r3Xsvxmi31lqr1Q$ nFNh2CVHVjNldFVKDHDlm4CmdRSCdEmsjjJxD+iCs5E
  212. 212. @adam_englander scrypt $scrypt$ln=16,r=8,p=1$aM15713r3Xsvxmi31lqr1Q$ nFNh2CVHVjNldFVKDHDlm4CmdRSCdEmsjjJxD+iCs5E
  213. 213. @adam_englander scrypt $scrypt$ln=16,r=8,p=1$aM15713r3Xsvxmi31lqr1Q$ nFNh2CVHVjNldFVKDHDlm4CmdRSCdEmsjjJxD+iCs5E
  214. 214. @adam_englander scrypt $scrypt$ln=16,r=8,p=1$aM15713r3Xsvxmi31lqr1Q$ nFNh2CVHVjNldFVKDHDlm4CmdRSCdEmsjjJxD+iCs5E
  215. 215. @adam_englander Argon2i $argon2i$v=19$m=1024,t=2,p=2$TmxLemFoVnZFaEJuT1NyYg$ 4j2ZFDn1fVS70ZExmlJ33rXOinafcmXrp6A6grHEPkI
  216. 216. @adam_englander Argon2i $argon2i$v=19$m=1024,t=2,p=2$TmxLemFoVnZFaEJuT1NyYg$ 4j2ZFDn1fVS70ZExmlJ33rXOinafcmXrp6A6grHEPkI
  217. 217. @adam_englander Argon2i $argon2i$v=19$m=1024,t=2,p=2$TmxLemFoVnZFaEJuT1NyYg$ 4j2ZFDn1fVS70ZExmlJ33rXOinafcmXrp6A6grHEPkI
  218. 218. @adam_englander Argon2i $argon2i$v=19$m=1024,t=2,p=2$TmxLemFoVnZFaEJuT1NyYg$ 4j2ZFDn1fVS70ZExmlJ33rXOinafcmXrp6A6grHEPkI
  219. 219. @adam_englander Argon2i $argon2i$v=19$m=1024,t=2,p=2$TmxLemFoVnZFaEJuT1NyYg$ 4j2ZFDn1fVS70ZExmlJ33rXOinafcmXrp6A6grHEPkI
  220. 220. @adam_englander Which KDF should I use?
  221. 221. @adam_englander MCF Function CPU Memory PBKDF2 No HMAC-SHA No No bcrypt Yes blowfish No No scrypt Yes Salsa Yes No Argon2 Yes Blake2 Yes Yes
  222. 222. @adam_englander MCF Function CPU Memory PBKDF2 No HMAC-SHA No No bcrypt Yes blowfish No No scrypt Yes Salsa Yes No Argon2 Yes Blake2 Yes Yes
  223. 223. @adam_englander MCF Function CPU Memory PBKDF2 No HMAC-SHA No No bcrypt Yes blowfish No No scrypt Yes Salsa Yes No Argon2 Yes Blake2 Yes Yes
  224. 224. @adam_englander MCF Function CPU Memory PBKDF2 No HMAC-SHA No No bcrypt Yes blowfish No No scrypt Yes Salsa Yes No Argon2 Yes Blake2 Yes Yes
  225. 225. @adam_englander MCF Function CPU Memory PmKDF2 No HMAC-SHA No No mcrypt Yes mlowfish No No scrypt Yes Salsa Yes No Argon2 Yes Blake2 Yes Yes
  226. 226. @adam_englander Argon2 scrypt bcrypt
  227. 227. @adam_englander bcrypt Argon2
  228. 228. @adam_englander What settings should I use?
  229. 229. @adam_englander Turn it up as high as you can!
  230. 230. @adam_englander Digital Signatures
  231. 231. @adam_englander HMAC
  232. 232. @adam_englander Deriving Padded Keys Key Derivation(i) Padded Key Padded Inner Key Padded Outer Key Derivation(o) Hash/Pad
  233. 233. @adam_englander Deriving Padded Keys Key Derivation(i) Padded Key Padded Inner Key Padded Outer Key Derivation(o) Hash/Pad?
  234. 234. @adam_englander Deriving Padded Keys Key Derivation(i) Padded Key Padded Inner Key Padded Outer Key Derivation(o) Hash/Pad?
  235. 235. @adam_englander Deriving Padded Keys Key Derivation(i) Padded Key Padded Inner Key Padded Outer Key Derivation(o) Hash/Pad?
  236. 236. @adam_englander Deriving Padded Keys Key Derivation(i) Padded Key Padded Inner Key Padded Outer Key Derivation(o) Hash/Pad?
  237. 237. @adam_englander Deriving Padded Keys Key Derivation(i) Padded Key Padded Inner Key Padded Outer Key Derivation(o) Hash/Pad?
  238. 238. @adam_englander Deriving Padded Keys Key Derivation(i) Padded Key Padded Inner Key Padded Outer Key Derivation(o) Hash/Pad?
  239. 239. @adam_englander Deriving Padded Keys Key Derivation(i) Padded Key Padded Inner Key Padded Outer Key Derivation(o) Hash/Pad?
  240. 240. @adam_englander Building the Signature Padded Inner Key Message Hash Func Inner Hash Hash Func Signature Padded Outer Key Inner Hash
  241. 241. @adam_englander Building the Signature Padded Inner Key Message Hash Func Inner Hash Hash Func Signature Padded Outer Key Inner Hash
  242. 242. @adam_englander Building the Signature Padded Inner Key Message Hash Func Inner Hash Hash Func Signature Padded Outer Key Inner Hash
  243. 243. @adam_englander Building the Signature Padded Inner Key Message Hash Func Inner Hash Hash Func Signature Padded Outer Key Inner Hash
  244. 244. @adam_englander Building the Signature Padded Inner Key Message Hash Func Inner Hash Hash Func Signature Padded Outer Key Inner Hash
  245. 245. @adam_englander Building the Signature Padded Inner Key Message Hash Func Inner Hash Hash Func Signature Padded Outer Key Inner Hash
  246. 246. @adam_englander Building the Signature Padded Inner Key Message Hash Func Inner Hash Hash Func Signature Padded Outer Key Inner Hash
  247. 247. @adam_englander Building the Signature Padded Inner Key Message Hash Func Inner Hash Hash Func Signature Padded Outer Key Inner Hash
  248. 248. @adam_englander RSA
  249. 249. @adam_englander RSA Signing Message Hash Func Signature Private Key Hashed Message Encrypt
  250. 250. @adam_englander RSA Signing Message Hash Func Signature Private Key Message Digest Encrypt
  251. 251. @adam_englander RSA Signing Message Hash Func Signature Private Key Message Digest Encrypt
  252. 252. @adam_englander RSA Signature Verification Message Hash Func Signature Public Key Message Digest Decrypt Decrypted Message Compare
  253. 253. @adam_englander RSA Signature Verification Message Hash Func Signature Public Key Message Digest Decrypt Decrypted Message Compare
  254. 254. @adam_englander RSA Signature Verification Message Hash Func Signature Public Key Message Digest Decrypt Decrypted Message Compare
  255. 255. @adam_englander RSA Signature Verification Message Hash Func Signature Public Key Message Digest Decrypt Decrypted Message Compare
  256. 256. @adam_englander DSA
  257. 257. @adam_englander DSA Signing Message Hash Func Signature Private Key Message Digest Sign Nonce Gen Nonce
  258. 258. @adam_englander DSA Signing Message Hash Func Signature Private Key Message Digest Sign Nonce Gen Nonce
  259. 259. @adam_englander DSA Signing Message Hash Func Signature Private Key Message Digest Sign Nonce Gen Nonce
  260. 260. @adam_englander DSA Signing Message Hash Func Signature Private Key Message Digest Sign Nonce Gen Nonce
  261. 261. @adam_englander DSA Signature Verification Message Hash Func Signature Public Key Hashed Message Reverse Nonce Nonce? Compare
  262. 262. @adam_englander DSA Signature Verification Message Hash Func Signature Public Key Message Digest Reverse Nonce Nonce? Compare
  263. 263. @adam_englander DSA Signature Verification Message Hash Func Signature Public Key Message Digest Reverse Nonce Nonce? Compare
  264. 264. @adam_englander DSA Signature Verification Message Hash Func Signature Public Key Message Digest Reverse Nonce Nonce? Compare
  265. 265. @adam_englander ECDSA
  266. 266. @adam_englander
  267. 267. @adam_englander EdDSA
  268. 268. @adam_englander Type Symmetric Hash Security HMAC Yes SHA3-512 k RSA No SHA2-512 k/12.8 ECDSA No SHA2-512 k/2 EdDSA No Blake k/2
  269. 269. @adam_englander Type Symmetric Hash Security HMAC Yes SHA3-512 k RSA No SHA2-512 k/12.8 ECDSA No SHA2-512 k/2 EdDSA No Blake k/2
  270. 270. @adam_englander Type Symmetric Hash Security HMAC Yes SHA3-512 512b RSA No SHA2-512 k/12.8 ECDSA No SHA2-512 k/2 EdDSA No Blake k/2
  271. 271. @adam_englander Type Symmetric Hash Security HMAC Yes SHA3-512 512b RSA No SHA2-512 k/12.8 ECDSA No SHA2-512 k/2 EdDSA No Blake k/2
  272. 272. @adam_englander Type Symmetric Hash Security HMAC Yes SHA3-512 512b RSA No SHA2-512 k/12.8 ECDSA No SHA2-512 k/2 EdDSA No Blake k/2
  273. 273. @adam_englander Type Symmetric Hash Security HMAC Yes SHA3-512 512b RSA No SHA2-512 k/12.8 ECDSA No SHA2-512 k/2 EdDSA No Blake k/2
  274. 274. @adam_englander Which should I use?
  275. 275. @adam_englander EdDSA ECDSA
  • Konzman000

    Aug. 29, 2019

Cryptography is the invisible layer protecting everything around us. As software engineers, we are required to have some understanding of cryptography. Most of us only have a cursory understanding. Let’s dive deep into algorithms and modes for encryption, digital signatures, hashing, and key derivation. To get the most from this presentation, it is expected that you have a basic understanding of cryptography.

Views

Total views

220

On Slideshare

0

From embeds

0

Number of embeds

0

Actions

Downloads

11

Shares

0

Comments

0

Likes

1

×