Analysis of a simple cryptographic protocol

•Download as PPTX, PDF•

0 likes•52 views

This document describes and analyzes three protocols for maintaining security in a simple network application between Alice and Bob. The objective is to authenticate that messages are from Alice and correspond to Bob's requests. Protocol 1 uses a shared symmetric key and MAC. Protocol 2 uses digital signatures instead of a shared key. Protocol 3 is also vulnerable to reflection attacks without additional tracking. The document analyzes each protocol's ability to provide data origin authentication, message freshness, and assurance messages correspond to requests, noting advantages and disadvantages of each approach.

Technology

Created by S.Gagan Kumar
https://www.linkedin.com/in/sgagankumar/
Analysis of a
Simple Protocol

Created by S.Gagan Kumar
https://www.linkedin.com/in/sgagankumar/
IN THIS TOPIC
▪ We will look at a simple application when cryptographic protocols can be used.
▪ We study the application and provide insights at the protocol design.
▪ Propose 7 different ways to establish security.
▪ Point out the advantages and disadvantages.
▪ Analyze complexities in protocol design.

Created by S.Gagan Kumar
https://www.linkedin.com/in/sgagankumar/
SIMPLE APPLICATION
NETWORK
ALICE BOB
Hey, its Bob, are you OK?
Hey Bob, its Alice, I’m OK.
OBJECTIVE : maintain security to assure Alice’s liveness

Created by S.Gagan Kumar
https://www.linkedin.com/in/sgagankumar/
PROTOCOL GOALS
Data Origin Authentication of Alice’s Reply
▪ Alice may not be alive but reply is sent by an attacker
Freshness of Alice’s Reply
▪ A previous reply can be resent by the attacker
Assurance that Alice’s reply corresponds to Bob’s request
▪ Bob receives a reply that corresponds to only his Alive requests

Created by S.Gagan Kumar
https://www.linkedin.com/in/sgagankumar/
PROTOCOL 1
ASSUMPTION :
▪ Bob has access to randomness to generate nonce RB.
▪ Alice and Bob share a symmetric key K
▪ Alice and Bob agree to use a strong MAC algorithm

Created by S.Gagan Kumar
https://www.linkedin.com/in/sgagankumar/
PROTOCOL 1
ALICE BOB
RB || It’s Bob, are you OK?
RB || Bob || Yes, I’m OK
MACk (RB || Bob || Yes, I’m OK )

Created by S.Gagan Kumar
https://www.linkedin.com/in/sgagankumar/
PROTOCOL 1
ANALYSIS :
▪ DATA ORIGIN AUTHENTICATION : Only Bob and Alice know the
MAC algorithm hence message is authenticated.
▪ FRESHNESS OF ALICE’s REPLY : The reply contains Nonce RB
which bob generates uniquely every time.
▪ ASSURANCE THAT ALICE’s REPLY CORRESPONDS : The reply
has Nonce RB corresponding to the request made and identifier
Bob is used.

Created by S.Gagan Kumar
https://www.linkedin.com/in/sgagankumar/
PROTOCOL 1
DISADVANTAGES :
▪ The shared key K must not be known to any third person.
▪ Bob must always check for the authentication of the message again
in order to maintain guarantee of origin.
▪ All the action must be performed in the same order to maintain
precision.

Created by S.Gagan Kumar
https://www.linkedin.com/in/sgagankumar/
PROTOCOL 2
ASSUMPTION :
▪ Bob has access to randomness to generate nonce RB.
▪ Alice must have the ability to generate a digital signature. Hence no
pre-shared key is required.
▪ Alice and Bob agree on use of a strong digital signature scheme.

Created by S.Gagan Kumar
https://www.linkedin.com/in/sgagankumar/
PROTOCOL 2
ALICE BOB
RB || It’s Bob, are you OK?
RB || Bob || Yes, I’m OK
SIGa (RB || Bob || Yes, I’m OK )

Created by S.Gagan Kumar
https://www.linkedin.com/in/sgagankumar/
PROTOCOL 2
ANALYSIS :
▪ DATA ORIGIN AUTHENTICATION : Alice is the only entity who can
digitally sign the reply. Bob has to verify for the authentication.
▪ FRESHNESS OF ALICE’s REPLY : The reply contains Nonce RB
which bob generates uniquely every time.
▪ ASSURANCE THAT ALICE’s REPLY CORRESPONDS : The reply
has Nonce RB corresponding to the request made and identifier
Bob is used.

Created by S.Gagan Kumar
https://www.linkedin.com/in/sgagankumar/
PROTOCOL 2
DISADVANTAGES :
▪ Digital Signature requires more computational power. In case of
resource constrained environment MAC’s are more efficient.
▪ Both Alice and Bob have to invest resources on signing and verify
for the authenticity.

Created by S.Gagan Kumar
https://www.linkedin.com/in/sgagankumar/
PROTOCOL 3
ASSUMPTION :
▪ Bob has access to randomness to generate nonce RB.
▪ Alice must have the ability to generate a digital signature. Hence no
pre-shared key is required.
▪ Alice and Bob agree on use of a strong digital signature scheme.

Created by S.Gagan Kumar
https://www.linkedin.com/in/sgagankumar/
PROTOCOL 3
ALICE BOB
RB || It’s Bob, are you OK?
RB || Yes, I’m OK
MACk (RB || Yes, I’m OK )

Created by S.Gagan Kumar
https://www.linkedin.com/in/sgagankumar/
REFLECTION ATTACK
ALICE BOB
RB || It’s Bob, are you OK?
RB || Yes, I’m OK
MACk (RB || Yes, I’m OK )
ATTACKER
RB || It’s Alice, are you OK?
RB || Yes, I’m OK
MACk (RB || Yes, I’m OK )

Created by S.Gagan Kumar
https://www.linkedin.com/in/sgagankumar/
PROTOCOL 3
ANALYSIS :
▪ DATA ORIGIN AUTHENTICATION : Only Bob and Alice know the
MAC algorithm hence message is authenticated.
▪ FRESHNESS OF ALICE’s REPLY : The reply contains Nonce RB
which bob generates uniquely every time.
▪ ASSURANCE THAT ALICE’s REPLY CORRESPONDS : The reply
has Nonce RB corresponding to the request made.

Created by S.Gagan Kumar
https://www.linkedin.com/in/sgagankumar/
PROTOCOL 3
DISADVANTAGES :
▪ Susceptible to Reflection Attacks
▪ Need for an attack detection mechanism, such as session tracking.

The document discusses Twitter's approach to automating security tasks through the use of tools like Brakeman, ThreatDeck, Phantom, and Roshambo. It outlines Twitter's guidelines for security automation, including getting the right information to the right people quickly, not repeating mistakes, and automating dumb work. The document shares details about Twitter's automated security workflow and dashboard used to generate reports and notifications. It provides examples of the types of issues these tools detect and how they help improve security.

Webinar: Easy SEO Tips for Bloggers (Alexis Grant)

Alexis Grant

The Future of Deep Linking & App Indexing

MobileMoxie

Google & Bing App Indexing - SMX Munich 2016

MobileMoxie

This document discusses Google and Bing app indexing and deep linking. It provides an overview of how app indexing works on Android and iOS, including setting up deep links in app manifests and using APIs to optimize links. It also covers controlling indexing, alternative methods like using web markup, factors that impact deep link ranking, and implementing deep links for Bing on Windows phones using applinks.org markup.

Setting AMP for Success at #BrightonSEO

Aleyda Solís

System interconnect architecture

Gagan Kumar

Video games case study

Gagan Kumar

In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation. We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios. Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!

GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...

Neo4j

Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.

Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...

SOFTTECHHUB

The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing. One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.

AI 101: An Introduction to the Basics and Impact of Artificial Intelligence

IndexBug

GraphRAG for Life Science to increase LLM accuracy

Tomaz Bratanic

Climate Impact of Software Testing at Nordic Testing Days

Kari Kakkonen

My slides at Nordic Testing Days 6.6.2024 Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.

GenAI Pilot Implementation in the organizations

kumardaparthi1024

HCL Notes and Domino License Cost Reduction in the World of DLAU

panagenda

Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/ The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this! We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model. Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward. These topics will be covered - Reducing license cost by finding and fixing misconfigurations and superfluous accounts - How do CCB and CCX licenses really work? - Understanding the DLAU tool and how to best utilize it - Tips for common problem areas, like team mailboxes, functional/test users, etc - Practical examples and best practices to implement right away

Uni Systems Copilot event_05062024_C.Vlachos.pdf

Uni Systems S.M.S.A.

How to Get CNIC Information System with Paksim Ga.pptx

danishmna97

GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...

Neo4j

Leonard Jayamohan, Partner & Generative AI Lead, Deloitte This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.

“I’m still / I’m still / Chaining from the Block”

Claudio Di Ciccio

HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU

panagenda

Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/ DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen! Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell. Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten. Diese Themen werden behandelt - Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten - Wie funktionieren CCB- und CCX-Lizenzen wirklich? - Verstehen des DLAU-Tools und wie man es am besten nutzt - Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw. - Praxisbeispiele und Best Practices zum sofortigen Umsetzen

Presentation of the OECD Artificial Intelligence Review of Germany

innovationoecd

Programming Foundation Models with DSPy - Meetup Slides

Zilliz

20240607 QFM018 Elixir Reading List May 2024

Matthew Sinclair

GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024

Neo4j

Mariano G Tinti - Decoding SpaceX

Mariano Tinti

GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...

Neo4j

Dr. Sean Tan, Head of Data Science, Changi Airport Group Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.

Pushing the limits of ePRTC: 100ns holdover for 100 days

Adtran

2024 State of Marketing Report – by Hubspot

Marius Sescu

https://www.hubspot.com/state-of-marketing · Scaling relationships and proving ROI · Social media is the place for search, sales, and service · Authentic influencer partnerships fuel brand growth · The strongest connections happen via call, click, chat, and camera. · Time saved with AI leads to more creative work · Seeking: A single source of truth · TLDR; Get on social, try AI, and align your systems. · More human marketing, powered by robots

Everything You Need To Know About ChatGPT

Expeed Software

ChatGPT is a revolutionary addition to the world since its introduction in 2022. A big shift in the sector of information gathering and processing happened because of this chatbot. What is the story of ChatGPT? How is the bot responding to prompts and generating contents? Swipe through these slides prepared by Expeed Software, a web development company regarding the development and technical intricacies of ChatGPT!

Recently uploaded

Essentials of Automations: The Art of Triggers and Actions in FME

Safe Software

GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...

Neo4j

Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...

SOFTTECHHUB

AI 101: An Introduction to the Basics and Impact of Artificial Intelligence

IndexBug

GraphRAG for Life Science to increase LLM accuracy

Tomaz Bratanic

Climate Impact of Software Testing at Nordic Testing Days

Kari Kakkonen

GenAI Pilot Implementation in the organizations

kumardaparthi1024

HCL Notes and Domino License Cost Reduction in the World of DLAU

panagenda

Uni Systems Copilot event_05062024_C.Vlachos.pdf

Uni Systems S.M.S.A.

How to Get CNIC Information System with Paksim Ga.pptx

danishmna97

GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...

Neo4j

“I’m still / I’m still / Chaining from the Block”

Claudio Di Ciccio

HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU

panagenda

Presentation of the OECD Artificial Intelligence Review of Germany

innovationoecd

Programming Foundation Models with DSPy - Meetup Slides

Zilliz

20240607 QFM018 Elixir Reading List May 2024

Matthew Sinclair

GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024

Neo4j

Mariano G Tinti - Decoding SpaceX

Mariano Tinti

GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...

Neo4j

Pushing the limits of ePRTC: 100ns holdover for 100 days

Adtran

Recently uploaded (20)

Essentials of Automations: The Art of Triggers and Actions in FME

GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...

Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...

AI 101: An Introduction to the Basics and Impact of Artificial Intelligence

GraphRAG for Life Science to increase LLM accuracy

Climate Impact of Software Testing at Nordic Testing Days

GenAI Pilot Implementation in the organizations

HCL Notes and Domino License Cost Reduction in the World of DLAU

Uni Systems Copilot event_05062024_C.Vlachos.pdf

How to Get CNIC Information System with Paksim Ga.pptx

GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...

“I’m still / I’m still / Chaining from the Block”

HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU

Presentation of the OECD Artificial Intelligence Review of Germany

Programming Foundation Models with DSPy - Meetup Slides

20240607 QFM018 Elixir Reading List May 2024

GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024

Mariano G Tinti - Decoding SpaceX

GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...

Pushing the limits of ePRTC: 100ns holdover for 100 days

Featured

2024 State of Marketing Report – by Hubspot

Marius Sescu

Everything You Need To Know About ChatGPT

Expeed Software

Product Design Trends in 2024 | Teenage Engineerings

Pixeldarts

How Race, Age and Gender Shape Attitudes Towards Mental Health

ThinkNow

Mental health has been in the news quite a bit lately. Dozens of U.S. states are currently suing Meta for contributing to the youth mental health crisis by inserting addictive features into their products, while the U.S. Surgeon General is touring the nation to bring awareness to the growing epidemic of loneliness and isolation. The country has endured periods of low national morale, such as in the 1970s when high inflation and the energy crisis worsened public sentiment following the Vietnam War. The current mood, however, feels different. Gallup recently reported that national mental health is at an all-time low, with few bright spots to lift spirits. To better understand how Americans are feeling and their attitudes towards mental health in general, ThinkNow conducted a nationally representative quantitative survey of 1,500 respondents and found some interesting differences among ethnic, age and gender groups. Technology For example, 52% agree that technology and social media have a negative impact on mental health, but when broken out by race, 61% of Whites felt technology had a negative effect, and only 48% of Hispanics thought it did. While technology has helped us keep in touch with friends and family in faraway places, it appears to have degraded our ability to connect in person. Staying connected online is a double-edged sword since the same news feed that brings us pictures of the grandkids and fluffy kittens also feeds us news about the wars in Israel and Ukraine, the dysfunction in Washington, the latest mass shooting and the climate crisis. Hispanics may have a built-in defense against the isolation technology breeds, owing to their large, multigenerational households, strong social support systems, and tendency to use social media to stay connected with relatives abroad. Age and Gender When asked how individuals rate their mental health, men rate it higher than women by 11 percentage points, and Baby Boomers rank it highest at 83%, saying it’s good or excellent vs. 57% of Gen Z saying the same. Gen Z spends the most amount of time on social media, so the notion that social media negatively affects mental health appears to be correlated. Unfortunately, Gen Z is also the generation that’s least comfortable discussing mental health concerns with healthcare professionals. Only 40% of them state they’re comfortable discussing their issues with a professional compared to 60% of Millennials and 65% of Boomers. Race Affects Attitudes As seen in previous research conducted by ThinkNow, Asian Americans lag other groups when it comes to awareness of mental health issues. Twenty-four percent of Asian Americans believe that having a mental health issue is a sign of weakness compared to the 16% average for all groups. Asians are also considerably less likely to be aware of mental health services in their communities (42% vs. 55%) and most likely to seek out information on social media (51% vs. 35%).

AI Trends in Creative Operations 2024 by Artwork Flow.pdf

marketingartwork

Creative operations teams expect increased AI use in 2024. Currently, over half of tasks are not AI-enabled, but this is expected to decrease in the coming year. ChatGPT is the most popular AI tool currently. Business leaders are more actively exploring AI benefits than individual contributors. Most respondents do not believe AI will impact workforce size in 2024. However, some inhibitions still exist around AI accuracy and lack of understanding. Creatives primarily want to use AI to save time on mundane tasks and boost productivity.

Skeleton Culture Code

Skeleton Technologies

Organizational culture includes values, norms, systems, symbols, language, assumptions, beliefs, and habits that influence employee behaviors and how people interpret those behaviors. It is important because culture can help or hinder a company's success. Some key aspects of Netflix's culture that help it achieve results include hiring smartly so every position has stars, focusing on attitude over just aptitude, and having a strict policy against peacocks, whiners, and jerks.

PEPSICO Presentation to CAGNY Conference Feb 2024

Neil Kimberley

PepsiCo provided a safe harbor statement noting that any forward-looking statements are based on currently available information and are subject to risks and uncertainties. It also provided information on non-GAAP measures and directing readers to its website for disclosure and reconciliation. The document then discussed PepsiCo's business overview, including that it is a global beverage and convenient food company with iconic brands, $91 billion in net revenue in 2023, and nearly $14 billion in core operating profit. It operates through a divisional structure with a focus on local consumers.

Content Methodology: A Best Practices Report (Webinar)

contently

This document provides an overview of content methodology best practices. It defines content methodology as establishing objectives, KPIs, and a culture of continuous learning and iteration. An effective methodology focuses on connecting with audiences, creating optimal content, and optimizing processes. It also discusses why a methodology is needed due to the competitive landscape, proliferation of channels, and opportunities for improvement. Components of an effective methodology include defining objectives and KPIs, audience analysis, identifying opportunities, and evaluating resources. The document concludes with recommendations around creating a content plan, testing and optimizing content over 90 days.

How to Prepare For a Successful Job Search for 2024

Albert Qian

The document provides guidance on preparing a job search for 2024. It discusses the state of the job market, focusing on growth in AI and healthcare but also continued layoffs. It recommends figuring out what you want to do by researching interests and skills, then conducting informational interviews. The job search should involve building a personal brand on LinkedIn, actively applying to jobs, tailoring resumes and interviews, maintaining job hunting as a habit, and continuing self-improvement. Once hired, the document advises setting new goals and keeping skills and networking active in case of future opportunities.

Social Media Marketing Trends 2024 // The Global Indie Insights

Kurio // The Social Media Age(ncy)

A report by thenetworkone and Kurio. The contributing experts and agencies are (in an alphabetical order): Sylwia Rytel, Social Media Supervisor, 180heartbeats + JUNG v MATT (PL), Sharlene Jenner, Vice President - Director of Engagement Strategy, Abelson Taylor (USA), Alex Casanovas, Digital Director, Atrevia (ES), Dora Beilin, Senior Social Strategist, Barrett Hoffher (USA), Min Seo, Campaign Director, Brand New Agency (KR), Deshé M. Gully, Associate Strategist, Day One Agency (USA), Francesca Trevisan, Strategist, Different (IT), Trevor Crossman, CX and Digital Transformation Director; Olivia Hussey, Strategic Planner; Simi Srinarula, Social Media Manager, The Hallway (AUS), James Hebbert, Managing Director, Hylink (CN / UK), Mundy Álvarez, Planning Director; Pedro Rojas, Social Media Manager; Pancho González, CCO, Inbrax (CH), Oana Oprea, Head of Digital Planning, Jam Session Agency (RO), Amy Bottrill, Social Account Director, Launch (UK), Gaby Arriaga, Founder, Leonardo1452 (MX), Shantesh S Row, Creative Director, Liwa (UAE), Rajesh Mehta, Chief Strategy Officer; Dhruv Gaur, Digital Planning Lead; Leonie Mergulhao, Account Supervisor - Social Media & PR, Medulla (IN), Aurelija Plioplytė, Head of Digital & Social, Not Perfect (LI), Daiana Khaidargaliyeva, Account Manager, Osaka Labs (UK / USA), Stefanie Söhnchen, Vice President Digital, PIABO Communications (DE), Elisabeth Winiartati, Managing Consultant, Head of Global Integrated Communications; Lydia Aprina, Account Manager, Integrated Marketing and Communications; Nita Prabowo, Account Manager, Integrated Marketing and Communications; Okhi, Web Developer, PNTR Group (ID), Kei Obusan, Insights Director; Daffi Ranandi, Insights Manager, Radarr (SG), Gautam Reghunath, Co-founder & CEO, Talented (IN), Donagh Humphreys, Head of Social and Digital Innovation, THINKHOUSE (IRE), Sarah Yim, Strategy Director, Zulu Alpha Kilo (CA).

Trends In Paid Search: Navigating The Digital Landscape In 2024

Search Engine Journal

The search marketing landscape is evolving rapidly with new technologies, and professionals, like you, rely on innovative paid search strategies to meet changing demands. It’s important that you’re ready to implement new strategies in 2024. Check this out and learn the top trends in paid search advertising that are expected to gain traction, so you can drive higher ROI more efficiently in 2024. You’ll learn: - The latest trends in AI and automation, and what this means for an evolving paid search ecosystem. - New developments in privacy and data regulation. - Emerging ad formats that are expected to make an impact next year. Watch Sreekant Lanka from iQuanti and Irina Klein from OneMain Financial as they dive into the future of paid search and explore the trends, strategies, and technologies that will shape the search marketing landscape. If you’re looking to assess your paid search strategy and design an industry-aligned plan for 2024, then this webinar is for you.

5 Public speaking tips from TED - Visualized summary

SpeakerHub

From their humble beginnings in 1984, TED has grown into the world’s most powerful amplifier for speakers and thought-leaders to share their ideas. They have over 2,400 filmed talks (not including the 30,000+ TEDx videos) freely available online, and have hosted over 17,500 events around the world. With over one billion views in a year, it’s no wonder that so many speakers are looking to TED for ideas on how to share their message more effectively. The article “5 Public-Speaking Tips TED Gives Its Speakers”, by Carmine Gallo for Forbes, gives speakers five practical ways to connect with their audience, and effectively share their ideas on stage. Whether you are gearing up to get on a TED stage yourself, or just want to master the skills that so many of their speakers possess, these tips and quotes from Chris Anderson, the TED Talks Curator, will encourage you to make the most impactful impression on your audience. See the full article and more summaries like this on SpeakerHub here: https://speakerhub.com/blog/5-presentation-tips-ted-gives-its-speakers See the original article on Forbes here: http://www.forbes.com/forbes/welcome/?toURL=http://www.forbes.com/sites/carminegallo/2016/05/06/5-public-speaking-tips-ted-gives-its-speakers/&refURL=&referrer=#5c07a8221d9b

ChatGPT and the Future of Work - Clark Boyd

Clark Boyd

Everyone is in agreement that ChatGPT (and other generative AI tools) will shape the future of work. Yet there is little consensus on exactly how, when, and to what extent this technology will change our world. Businesses that extract maximum value from ChatGPT will use it as a collaborative tool for everything from brainstorming to technical maintenance. For individuals, now is the time to pinpoint the skills the future professional will need to thrive in the AI age. Check out this presentation to understand what ChatGPT is, how it will shape the future of work, and how you can prepare to take advantage.

Getting into the tech field. what next

Tessa Mero

The document provides career advice for getting into the tech field, including: - Doing projects and internships in college to build a portfolio. - Learning about different roles and technologies through industry research. - Contributing to open source projects to build experience and network. - Developing a personal brand through a website and social media presence. - Networking through events, communities, and finding a mentor. - Practicing interviews through mock interviews and whiteboarding coding questions.

Google's Just Not That Into You: Understanding Core Updates & Search Intent

Lily Ray

1. Core updates from Google periodically change how its algorithms assess and rank websites and pages. This can impact rankings through shifts in user intent, site quality issues being caught up to, world events influencing queries, and overhauls to search like the E-A-T framework. 2. There are many possible user intents beyond just transactional, navigational and informational. Identifying intent shifts is important during core updates. Sites may need to optimize for new intents through different content types and sections. 3. Responding effectively to core updates requires analyzing "before and after" data to understand changes, identifying new intents or page types, and ensuring content matches appropriate intents across video, images, knowledge graphs and more.

How to have difficult conversations

Rajiv Jayarajah, MAppComm, ACC

Introduction to Data Science

Christy Abraham Joy

Time Management & Productivity - Best Practices

Vit Horky

The six step guide to practical project management

MindGenius

The six step guide to practical project management If you think managing projects is too difficult, think again. We’ve stripped back project management processes to the basics – to make it quicker and easier, without sacrificing the vital ingredients for success. “If you’re looking for some real-world guidance, then The Six Step Guide to Practical Project Management will help.” Dr Andrew Makar, Tactical Project Management

Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...

RachelPearson36

Featured (20)

2024 State of Marketing Report – by Hubspot

Everything You Need To Know About ChatGPT

Product Design Trends in 2024 | Teenage Engineerings

How Race, Age and Gender Shape Attitudes Towards Mental Health

AI Trends in Creative Operations 2024 by Artwork Flow.pdf

Skeleton Culture Code

PEPSICO Presentation to CAGNY Conference Feb 2024

Content Methodology: A Best Practices Report (Webinar)

How to Prepare For a Successful Job Search for 2024

Social Media Marketing Trends 2024 // The Global Indie Insights

Trends In Paid Search: Navigating The Digital Landscape In 2024

5 Public speaking tips from TED - Visualized summary

ChatGPT and the Future of Work - Clark Boyd

Getting into the tech field. what next

Google's Just Not That Into You: Understanding Core Updates & Search Intent

How to have difficult conversations

Introduction to Data Science

Time Management & Productivity - Best Practices

The six step guide to practical project management

Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...

Analysis of a simple cryptographic protocol

1. Created by S.Gagan Kumar https://www.linkedin.com/in/sgagankumar/ Analysis of a Simple Protocol

2. Created by S.Gagan Kumar https://www.linkedin.com/in/sgagankumar/ IN THIS TOPIC ▪ We will look at a simple application when cryptographic protocols can be used. ▪ We study the application and provide insights at the protocol design. ▪ Propose 7 different ways to establish security. ▪ Point out the advantages and disadvantages. ▪ Analyze complexities in protocol design.

3. Created by S.Gagan Kumar https://www.linkedin.com/in/sgagankumar/ SIMPLE APPLICATION NETWORK ALICE BOB Hey, its Bob, are you OK? Hey Bob, its Alice, I’m OK. OBJECTIVE : maintain security to assure Alice’s liveness

4. Created by S.Gagan Kumar https://www.linkedin.com/in/sgagankumar/ PROTOCOL GOALS Data Origin Authentication of Alice’s Reply ▪ Alice may not be alive but reply is sent by an attacker Freshness of Alice’s Reply ▪ A previous reply can be resent by the attacker Assurance that Alice’s reply corresponds to Bob’s request ▪ Bob receives a reply that corresponds to only his Alive requests

5. Created by S.Gagan Kumar https://www.linkedin.com/in/sgagankumar/ PROTOCOL 1 ASSUMPTION : ▪ Bob has access to randomness to generate nonce RB. ▪ Alice and Bob share a symmetric key K ▪ Alice and Bob agree to use a strong MAC algorithm

6. Created by S.Gagan Kumar https://www.linkedin.com/in/sgagankumar/ PROTOCOL 1 ALICE BOB RB || It’s Bob, are you OK? RB || Bob || Yes, I’m OK MACk (RB || Bob || Yes, I’m OK )

7. Created by S.Gagan Kumar https://www.linkedin.com/in/sgagankumar/ PROTOCOL 1 ANALYSIS : ▪ DATA ORIGIN AUTHENTICATION : Only Bob and Alice know the MAC algorithm hence message is authenticated. ▪ FRESHNESS OF ALICE’s REPLY : The reply contains Nonce RB which bob generates uniquely every time. ▪ ASSURANCE THAT ALICE’s REPLY CORRESPONDS : The reply has Nonce RB corresponding to the request made and identifier Bob is used.

8. Created by S.Gagan Kumar https://www.linkedin.com/in/sgagankumar/ PROTOCOL 1 DISADVANTAGES : ▪ The shared key K must not be known to any third person. ▪ Bob must always check for the authentication of the message again in order to maintain guarantee of origin. ▪ All the action must be performed in the same order to maintain precision.

9. Created by S.Gagan Kumar https://www.linkedin.com/in/sgagankumar/ PROTOCOL 2 ASSUMPTION : ▪ Bob has access to randomness to generate nonce RB. ▪ Alice must have the ability to generate a digital signature. Hence no pre-shared key is required. ▪ Alice and Bob agree on use of a strong digital signature scheme.

10. Created by S.Gagan Kumar https://www.linkedin.com/in/sgagankumar/ PROTOCOL 2 ALICE BOB RB || It’s Bob, are you OK? RB || Bob || Yes, I’m OK SIGa (RB || Bob || Yes, I’m OK )

11. Created by S.Gagan Kumar https://www.linkedin.com/in/sgagankumar/ PROTOCOL 2 ANALYSIS : ▪ DATA ORIGIN AUTHENTICATION : Alice is the only entity who can digitally sign the reply. Bob has to verify for the authentication. ▪ FRESHNESS OF ALICE’s REPLY : The reply contains Nonce RB which bob generates uniquely every time. ▪ ASSURANCE THAT ALICE’s REPLY CORRESPONDS : The reply has Nonce RB corresponding to the request made and identifier Bob is used.

12. Created by S.Gagan Kumar https://www.linkedin.com/in/sgagankumar/ PROTOCOL 2 DISADVANTAGES : ▪ Digital Signature requires more computational power. In case of resource constrained environment MAC’s are more efficient. ▪ Both Alice and Bob have to invest resources on signing and verify for the authenticity.

13. Created by S.Gagan Kumar https://www.linkedin.com/in/sgagankumar/ PROTOCOL 3 ASSUMPTION : ▪ Bob has access to randomness to generate nonce RB. ▪ Alice must have the ability to generate a digital signature. Hence no pre-shared key is required. ▪ Alice and Bob agree on use of a strong digital signature scheme.

14. Created by S.Gagan Kumar https://www.linkedin.com/in/sgagankumar/ PROTOCOL 3 ALICE BOB RB || It’s Bob, are you OK? RB || Yes, I’m OK MACk (RB || Yes, I’m OK )

15. Created by S.Gagan Kumar https://www.linkedin.com/in/sgagankumar/ REFLECTION ATTACK ALICE BOB RB || It’s Bob, are you OK? RB || Yes, I’m OK MACk (RB || Yes, I’m OK ) ATTACKER RB || It’s Alice, are you OK? RB || Yes, I’m OK MACk (RB || Yes, I’m OK )

16. Created by S.Gagan Kumar https://www.linkedin.com/in/sgagankumar/ PROTOCOL 3 ANALYSIS : ▪ DATA ORIGIN AUTHENTICATION : Only Bob and Alice know the MAC algorithm hence message is authenticated. ▪ FRESHNESS OF ALICE’s REPLY : The reply contains Nonce RB which bob generates uniquely every time. ▪ ASSURANCE THAT ALICE’s REPLY CORRESPONDS : The reply has Nonce RB corresponding to the request made.

17. Created by S.Gagan Kumar https://www.linkedin.com/in/sgagankumar/ PROTOCOL 3 DISADVANTAGES : ▪ Susceptible to Reflection Attacks ▪ Need for an attack detection mechanism, such as session tracking.

18. THANK YOU !

Editor's Notes

Both use a common network which is used by many other people. Bob wants to check is Alice is Alive. Bob sends a request message to check for Alice status and Alice has to reply back to Bob to ensure her liveness This happens periodically at any choosen time.
Both use a common network which is used by many other people. Bob wants to check is Alice is Alive. Bob sends a request message to check for Alice status and Alice has to reply back to Bob to ensure her liveness This happens periodically at any choosen time. Transfer: We note that first 2 goals provide the basic guarantee that alice is alive. Third goal is to provode more precision.
Data origin authentication : only bob and alice know the MAC algorithm hence message is authenticated
Data origin authentication : only bob and alice know the MAC algorithm hence message is authenticated
Data origin authentication : only bob and alice know the MAC algorithm hence message is authenticated
Data origin authentication : only bob and alice know the MAC algorithm hence message is authenticated
Data origin authentication : only bob and alice know the MAC algorithm hence message is authenticated
Data origin authentication : only bob and alice know the MAC algorithm hence message is authenticated

Analysis of a simple cryptographic protocol

Recommended

Recommended

More Related Content

Recently uploaded

Recently uploaded (20)

Featured

Featured (20)

Analysis of a simple cryptographic protocol

Editor's Notes