Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Practical Cryptography

139 views

Published on

Crypto is used for a lot more than just currencies. This talk will dive into modern cryptography, the math behind how it works, and its everyday use cases. By looking at the origins of cryptography we’ll follow the progression of methods and algorithms as humans and computers evolved.

Published in: Engineering
  • Be the first to comment

Practical Cryptography

  1. 1. πŸ”’ Practical Cryptography πŸ” @KelleyRobinson PyGotham 2018
  2. 2. @kelleyrobinson https://twitter.com/mshelton/status/1047556643389468672
  3. 3. πŸ”’ Practical Cryptography πŸ” Introduction to Public Key Cryptography
  4. 4. @kelleyrobinson ☎ πŸ”πŸ‘‹ %
  5. 5. @kelleyrobinson Meet Alice and Bob πŸ” πŸ” πŸ’¬πŸ€·
  6. 6. @kelleyrobinson
  7. 7. What is Public Key Crypto? Each entity has ( keys Public Key - to be shared Private Key - to be kept secret
  8. 8. @kelleyrobinson
  9. 9. Asymmetric Crypto == Public Key Crypto == PKC
  10. 10. RSA algorithm (there are other algorithms, we'll get to that)
  11. 11. What is Public Key Crypto? Two major use cases (for RSA): 1. Encrypting with Public Key 2. Sign with Private Key
  12. 12. @kelleyrobinson Encrypting with Public Key ...only Bob can decode the cyphertext
  13. 13. @kelleyrobinson Signing with Private Key ...only Alice can be the author
  14. 14. @kelleyrobinson How are keys generated? TL;DR: math
  15. 15. How are keys generated? @kelleyrobinson
  16. 16. @kelleyrobinson Trapdoor Functions
  17. 17. @kelleyrobinson Trapdoor Functions Which is easier? 1. Find the two prime factors of 4,757 2. Multiply 67 and 71
  18. 18. RSA Algorithm Example# Chosen inputs p, q, e = 67, 71, 37 https://github.com/robinske/rsa-example # Calculated n = p*q x = (p - 1)*(q - 1) d = inverse_mod(e, x) # modular multiplicative inverse public_key = (e, n) private_key = (d, n) message = 123 encrypted = pow(message, e, n) decrypted = pow(encrypted, d, n) # == message 🀯 These are all trapdoor functions!
  19. 19. Other Common Algorithms
  20. 20. Diffie-Hellman Key Exchange @kelleyrobinson
  21. 21. Elliptic-Curve Cryptography (ECC) y2 = x3 + ax + b Elliptic Curve Addition (Image By SuperManu [GFDLΒ orΒ CC BY-SA 3.0],Β viaΒ Wikimedia Commons)
  22. 22. @kelleyrobinson What is Key Size? https://xkcd.com/538/
  23. 23. Impacts security strength, measured in bits of security What is Key Size? RSA key size of 2048 RSA key size of 3072 ECC key size of 256 112 bits of security 128 bits of security 128 bits of security
  24. 24. @kelleyrobinson What is Security Strength? - NIST Recommendation for Key Management β€œa number associated with the amount of work that is required to break a cryptographic algorithm or system. ”
  25. 25. PKC in Python
  26. 26. @kelleyrobinson PKC in Python # pip install cryptography from cryptography.hazmat.primitives.asymmetric import rsa private_key = rsa.generate_private_key( public_exponent=65537, key_size=2048, ... )
  27. 27. @kelleyrobinson PKC in Python https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/
  28. 28. @kelleyrobinson Encrypting public_key = private_key.public_key() ciphertext = public_key.encrypt(message, ...) plaintext = private_key.decrypt(ciphertext, ...) # returns True message == plaintext
  29. 29. @kelleyrobinson Signing public_key = private_key.public_key() signature = private_key.sign(message, ...) # throws exception if not verified public_key.verify(signature, message, ...)
  30. 30. Everyday Uses of Public Key Cryptography Authy! PGP and GPG TLS (HTTPS) Bitcoin SSH
  31. 31. @kelleyrobinson ]
  32. 32. @kelleyrobinson ] @kelleyrobinson Public key on the Authy servers
  33. 33. @kelleyrobinson ] @kelleyrobinson Private key on your device
  34. 34. @kelleyrobinson ] @kelleyrobinson Your device signs with your private key
  35. 35. @kelleyrobinson
  36. 36. @kelleyrobinson Algorithm
  37. 37. @kelleyrobinson Key SizeAlgorithm
  38. 38. @kelleyrobinson
  39. 39. @kelleyrobinson
  40. 40. https://xkcd.com/1181/
  41. 41. @kelleyrobinson __________________ | | Don't roll your own crypto! |__________________| (__/) || (β€’γ……β€’) || / γ€€ γ₯ @kelleyrobinson
  42. 42. @kelleyrobinson twilio.com/blog/what-is-public-key-cryptography Further Reading
  43. 43. @kelleyrobinson astonishinglegends.com Further Listening
  44. 44. @kelleyrobinson THANK YOU! @kelleyrobinson

Γ—