Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Steve Cornish - "Passing Sensitive Data Through The Public Domain"


Published on

Steve Cornish talks at Digital Henley #4 on Wednesday 4th May regarding Data Security - The best passwords, the most effective ways to protect privacy and private data, data integrity and how big businesses keep your information safe (or don't!).

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Steve Cornish - "Passing Sensitive Data Through The Public Domain"

  1. 1. Passing Sensitive Data Through the Public Domain Steve Cornish | @stevesquirrol | 4th May 2016
  2. 2. About me By day… • Contracting Digital / Integration Architect • Currently @ Vodafone By night… • CTO of Squirrol – a Social Network for Collectors • Cool tech • Pre-funding stage • Site is live:
  3. 3. Why protect data? Public domain => Internet => untrusted network • Is the integrity of the data important? • Is the privacy of the data important?
  4. 4. Data Integrity / Authentication HMAC functions can be used to verify a message… a) Comes from the expected source b) Has not been tampered with in flight With HMAC, both the source and target generate a token (the MAC) from the message using a shared key which is compared to establish integrity.
  5. 5. HMAC … Message … Generate MAC from message Generate MAC from message MAC 1 Shared Secret Shared Secret Source Target MAC 2 Compare MACs
  6. 6. Data Privacy • Symmetric and Asymmetric cryptography can be used to secure data in flight • Symmetric encryption (e.g. AES): • The same key is used to encrypt the data and to decrypt the cipher • Asymmetric encryption (”Public Key Cryptography” / PKI): • Consists of a public/private key pair • The data is encrypted using the public key, and decrypted using the private key
  7. 7. Symmetric … Message … encrypt decrypt … Message … 110101010 101001101 010101011 Shared Key Shared Key Source Target
  8. 8. Asymmetric … Message … encrypt decrypt … Message … 110101010 101001101 010101011 (Target) Public Key (Target) Private Key Source Target
  9. 9. Summary • Data Integrity and Data Privacy are two concerns of Data Security • Data Integrity can be assured using HMACs • Data Privacy can be enforced using cryptography Data Security is a big subject – we’ve only scratched the surface
  10. 10. Thank you… Questions?
  11. 11. Appendix Performance • HMAC-SHA256 • 1m MACs in 4.76s • AES-128 • 1m encrypts in 2.54s • 1m decrypts in 2.13s (Run on a 5 year old Dell Latitude E6410 with Core i5, 4GB RAM, Win 7 32-Bit…)