Successfully reported this slideshow.
Upcoming SlideShare
×

# Practical Cryptography

240 views

Published on

Crypto is used for a lot more than just currencies. This talk will dive into modern cryptography, the math behind how it works, and its everyday use cases. By looking at the origins of cryptography weβll follow the progression of methods and algorithms as humans and computers evolved.

Published in: Engineering
• Full Name
Comment goes here.

Are you sure you want to Yes No
• Be the first to comment

### Practical Cryptography

1. 1. π Practical Cryptography π @KelleyRobinson PyGotham 2018
3. 3. π Practical Cryptography π Introduction to Public Key Cryptography
4. 4. @kelleyrobinson β ππ %
5. 5. @kelleyrobinson Meet Alice and Bob π π π¬π€·
6. 6. @kelleyrobinson
7. 7. What is Public Key Crypto? Each entity has ( keys Public Key - to be shared Private Key - to be kept secret
8. 8. @kelleyrobinson
9. 9. Asymmetric Crypto == Public Key Crypto == PKC
10. 10. RSA algorithm (there are other algorithms, we'll get to that)
11. 11. What is Public Key Crypto? Two major use cases (for RSA): 1. Encrypting with Public Key 2. Sign with Private Key
12. 12. @kelleyrobinson Encrypting with Public Key ...only Bob can decode the cyphertext
13. 13. @kelleyrobinson Signing with Private Key ...only Alice can be the author
14. 14. @kelleyrobinson How are keys generated? TL;DR: math
15. 15. How are keys generated? @kelleyrobinson
16. 16. @kelleyrobinson Trapdoor Functions
17. 17. @kelleyrobinson Trapdoor Functions Which is easier? 1. Find the two prime factors of 4,757 2. Multiply 67 and 71
18. 18. RSA Algorithm Example# Chosen inputs p, q, e = 67, 71, 37 https://github.com/robinske/rsa-example # Calculated n = p*q x = (p - 1)*(q - 1) d = inverse_mod(e, x) # modular multiplicative inverse public_key = (e, n) private_key = (d, n) message = 123 encrypted = pow(message, e, n) decrypted = pow(encrypted, d, n) # == message π€― These are all trapdoor functions!
19. 19. Other Common Algorithms
20. 20. Diffie-Hellman Key Exchange @kelleyrobinson
21. 21. Elliptic-Curve Cryptography (ECC) y2 = x3 + ax + b Elliptic Curve Addition (Image By SuperManu [GFDLΒ orΒ CC BY-SA 3.0],Β viaΒ Wikimedia Commons)
22. 22. @kelleyrobinson What is Key Size? https://xkcd.com/538/
23. 23. Impacts security strength, measured in bits of security What is Key Size? RSA key size of 2048 RSA key size of 3072 ECC key size of 256 112 bits of security 128 bits of security 128 bits of security
24. 24. @kelleyrobinson What is Security Strength? - NIST Recommendation for Key Management βa number associated with the amount of work that is required to break a cryptographic algorithm or system. β
25. 25. PKC in Python
26. 26. @kelleyrobinson PKC in Python # pip install cryptography from cryptography.hazmat.primitives.asymmetric import rsa private_key = rsa.generate_private_key( public_exponent=65537, key_size=2048, ... )
27. 27. @kelleyrobinson PKC in Python https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/
28. 28. @kelleyrobinson Encrypting public_key = private_key.public_key() ciphertext = public_key.encrypt(message, ...) plaintext = private_key.decrypt(ciphertext, ...) # returns True message == plaintext
29. 29. @kelleyrobinson Signing public_key = private_key.public_key() signature = private_key.sign(message, ...) # throws exception if not verified public_key.verify(signature, message, ...)
30. 30. Everyday Uses of Public Key Cryptography Authy! PGP and GPG TLS (HTTPS) Bitcoin SSH
31. 31. @kelleyrobinson ]
32. 32. @kelleyrobinson ] @kelleyrobinson Public key on the Authy servers
33. 33. @kelleyrobinson ] @kelleyrobinson Private key on your device
34. 34. @kelleyrobinson ] @kelleyrobinson Your device signs with your private key
35. 35. @kelleyrobinson
36. 36. @kelleyrobinson Algorithm
37. 37. @kelleyrobinson Key SizeAlgorithm
38. 38. @kelleyrobinson
39. 39. @kelleyrobinson
40. 40. https://xkcd.com/1181/
41. 41. @kelleyrobinson __________________ | | Don't roll your own crypto! |__________________| (__/) || (β’γβ’) || / γ γ₯ @kelleyrobinson
42. 42. @kelleyrobinson twilio.com/blog/what-is-public-key-cryptography Further Reading
43. 43. @kelleyrobinson astonishinglegends.com Further Listening
44. 44. @kelleyrobinson THANK YOU! @kelleyrobinson