The document discusses the properties of deniability and secure function evaluation in the Off-the-Record (OTR) messaging protocol and similar cryptographic protocols, examining how OTR provides confidentiality, integrity, authentication, forward secrecy, and strong deniability through frequent rekeying and publishing of old MAC keys between parties.
End-to-end encryption provides stronger security than HTTPS alone. It encrypts messages on the sender's device before transmission so that only the recipient can decrypt it with their private key, rather than data being encrypted in transit only. BunkerMail uses this method, generating unique AES keys for each message and attachment, encrypting the keys with the recipient's RSA public key so only they can decrypt it, ensuring the information is accessible by the end users and not others like servers.
Review on Whatsapp's End to End encryption and Facebook integrationGovindarrajan NV
The presentation deals with the latest updates of whatsapp with the end to end encryption and Facebook integration explained in a very detailed manner from the basics with advantages and disadvantages.
The document discusses WhatsApp's implementation of end-to-end encryption to secure messages between users. It describes how WhatsApp previously sent messages in plaintext but now uses the Signal Protocol and public/private keys to encrypt messages between clients. Keys include identity keys, pre keys, and one-time pre keys. Messages are encrypted with randomly generated message keys. Users can verify keys by comparing numeric fingerprints to ensure message integrity. The end result is that third parties like WhatsApp cannot access the contents of messages or calls between users.
1) End-to-end encryption protects communications by encrypting messages in a way that only the sender and recipient can access, not intermediate servers or other third parties.
2) Currently, most email services like Gmail can be accessed by system administrators and is sent in clear text, similar to sending a postcard through the mail system.
3) With end-to-end encryption, messages are encrypted like placing the message in a locked safe that only the intended recipient can open, providing privacy and security from threats of surveillance, hacking and other attacks.
The document provides an introduction to encryption basics including symmetric and asymmetric encryption. It explains how symmetric encryption works with Alice and Bob sharing a password to encrypt and decrypt messages. It also explains how asymmetric encryption works with Alice using Bob's public key to encrypt a message that only Bob can decrypt with his private key. The document recommends tools for encrypting email, disks, and browsing privately including Thunderbird, TrueCrypt, and Tor. It discusses some challenges with encryption including managing keys and speeds with Tor. The overall purpose is to educate about the importance of encryption for privacy.
WhatsApp encrypts messages using the RC4 protocol and obtains a hash from either a user's IMEI number on Android or MAC address on iPhone. However, WhatsApp initially sends some identifying information such as a user's phone number in plain text, which could allow others to intercept this data on unsecured networks. It is recommended to use a VPN when sending WhatsApp messages on public Wi-Fi networks to help prevent this type of interception.
Predicting the social culture of our future – The Neurobiology of social networking
What is expected of tomorrow’s social networks to address the needs of a more and more complex society? Where is Facebook falling short? What can Neurobiology tell us about the wellbeing of our digital culture?
In an entertaining and inspiring talk, the speakers will use an Australian model of Neurobiology to answer these questions.
The story begins where we will explore the different personas present in our minds. We find out that different platforms such as Tinder, Facebook and Snapchat are just manifestations of these personas and our deepest longings. Then, we will enter the secret side of our brains and explore what Whisper and Lord of the Rings have in common. The speakers will then reveal the six intelligence centers of the human brain in order to classify today’s social networks and predict what is needed to build more sustainable digital platforms. In an inspiring crescendo, the speakers will make bold predictions impacting our social culture as well as our digital future.
Entrepreneurs, listen up! The speakers will predict what social platforms need to emerge to satisfy the social cognitive needs of the human brain. Using the insights of focus groups with digital natives and drawing from a wealth of research and Neurobiology, the speakers will explore the underlying motives of a digital society. This will include an outlook on Google Glass as well as an exploration into the depth of our psychological being.
End-to-end encryption provides stronger security than HTTPS alone. It encrypts messages on the sender's device before transmission so that only the recipient can decrypt it with their private key, rather than data being encrypted in transit only. BunkerMail uses this method, generating unique AES keys for each message and attachment, encrypting the keys with the recipient's RSA public key so only they can decrypt it, ensuring the information is accessible by the end users and not others like servers.
Review on Whatsapp's End to End encryption and Facebook integrationGovindarrajan NV
The presentation deals with the latest updates of whatsapp with the end to end encryption and Facebook integration explained in a very detailed manner from the basics with advantages and disadvantages.
The document discusses WhatsApp's implementation of end-to-end encryption to secure messages between users. It describes how WhatsApp previously sent messages in plaintext but now uses the Signal Protocol and public/private keys to encrypt messages between clients. Keys include identity keys, pre keys, and one-time pre keys. Messages are encrypted with randomly generated message keys. Users can verify keys by comparing numeric fingerprints to ensure message integrity. The end result is that third parties like WhatsApp cannot access the contents of messages or calls between users.
1) End-to-end encryption protects communications by encrypting messages in a way that only the sender and recipient can access, not intermediate servers or other third parties.
2) Currently, most email services like Gmail can be accessed by system administrators and is sent in clear text, similar to sending a postcard through the mail system.
3) With end-to-end encryption, messages are encrypted like placing the message in a locked safe that only the intended recipient can open, providing privacy and security from threats of surveillance, hacking and other attacks.
The document provides an introduction to encryption basics including symmetric and asymmetric encryption. It explains how symmetric encryption works with Alice and Bob sharing a password to encrypt and decrypt messages. It also explains how asymmetric encryption works with Alice using Bob's public key to encrypt a message that only Bob can decrypt with his private key. The document recommends tools for encrypting email, disks, and browsing privately including Thunderbird, TrueCrypt, and Tor. It discusses some challenges with encryption including managing keys and speeds with Tor. The overall purpose is to educate about the importance of encryption for privacy.
WhatsApp encrypts messages using the RC4 protocol and obtains a hash from either a user's IMEI number on Android or MAC address on iPhone. However, WhatsApp initially sends some identifying information such as a user's phone number in plain text, which could allow others to intercept this data on unsecured networks. It is recommended to use a VPN when sending WhatsApp messages on public Wi-Fi networks to help prevent this type of interception.
Predicting the social culture of our future – The Neurobiology of social networking
What is expected of tomorrow’s social networks to address the needs of a more and more complex society? Where is Facebook falling short? What can Neurobiology tell us about the wellbeing of our digital culture?
In an entertaining and inspiring talk, the speakers will use an Australian model of Neurobiology to answer these questions.
The story begins where we will explore the different personas present in our minds. We find out that different platforms such as Tinder, Facebook and Snapchat are just manifestations of these personas and our deepest longings. Then, we will enter the secret side of our brains and explore what Whisper and Lord of the Rings have in common. The speakers will then reveal the six intelligence centers of the human brain in order to classify today’s social networks and predict what is needed to build more sustainable digital platforms. In an inspiring crescendo, the speakers will make bold predictions impacting our social culture as well as our digital future.
Entrepreneurs, listen up! The speakers will predict what social platforms need to emerge to satisfy the social cognitive needs of the human brain. Using the insights of focus groups with digital natives and drawing from a wealth of research and Neurobiology, the speakers will explore the underlying motives of a digital society. This will include an outlook on Google Glass as well as an exploration into the depth of our psychological being.
The document discusses secure communication on the internet and encryption techniques. It covers symmetric and asymmetric cryptography, encryption keys, digital fingerprints, and how to securely exchange encryption keys over unsecured channels like the internet. Examples of specific encryption techniques mentioned include Diffie-Hellman key exchange. The document is presented as part of a talk or presentation on secure communication.
The document is an invitation from the India International Friendship Society to be considered for their prestigious "Bharat Jyoti Award" given to individuals who have excelled in fields like science, education, industry, arts, politics, and social work. Past recipients of the award are mentioned, including politicians, governors, chief ministers, military leaders, judges, educators, doctors, actors, singers, cricketers, and an Olympic medalist. The recipient is asked to submit a biography highlighting their achievements for consideration for the award.
The document discusses Whisper, a company that produces wireless radio systems for guided tours, conferences, and other events where a speaker needs to communicate with a group. It describes how Whisper systems allow speakers to whisper instead of shouting, keeping groups engaged over long distances. The document provides statistics on Whisper's popularity and growth over the past 20 years, noting they now serve over 5 million users annually in over 40 countries.
Prenez votre pied avec les bots et cognitive services.Microsoft
"Cette session vous propose de découvrir comment mettre le pied dans le monde des bots.
Microsoft Bot Framework offre une solution complète pour créer et connecter votre bot aux principales plateformes de messagerie, notamment Skype, Slack et Facebook Messenger.
Nous vous proposons également de découvrir Cognitives Services pour interagir en language naturel et enrichir les scenarios de votre futur Bot !"
XMPP is an open standard for instant messaging and presence information. It has been implemented by services like Google Talk, Facebook, Yahoo, and others. XMPP uses XML streams to send small messages and is extensible and federated.
OTR provides encryption for instant messages to ensure forward secrecy, repudiable authentication, and prevent eavesdropping. The example message shows how OTR inserts encrypted fields into the XMPP message.
The "socialist millionaire" problem in cryptography refers to allowing two parties to determine if they have equal wealth without disclosing the actual amounts.
This document provides an overview of WhatsApp's end-to-end encryption system. It describes how WhatsApp uses the Signal Protocol to establish encrypted sessions between users, securely exchange messages and media, and conduct encrypted voice and video calls. The encryption protects messages so only the sender and recipient can read them, and not even WhatsApp can access the plaintext. It also details how group messaging, key verification, and transport security are implemented in WhatsApp's encryption protocol.
The document discusses symmetric key cryptography. It begins with an introduction to cryptography and encryption techniques like substitution ciphers. It then covers symmetric encryption in more detail, explaining block ciphers like DES and AES, as well as modes of operation like ECB, CBC, and OFB. It provides an example Java implementation of AES encryption and decryption. It also briefly covers stream ciphers like RC4 and the concept of steganography.
This document discusses different types of symmetric key cryptography. It describes stream ciphers and block ciphers as the two main classifications. Stream ciphers combine plaintext with a pseudorandom cipher stream using XOR, while block ciphers encrypt fixed-length blocks. Example stream ciphers include RC4 and A5/1, while example block ciphers are DES, 3DES, and AES. The document provides details on the algorithms, components, and workings of these various symmetric key cryptography methods.
The document discusses XMPP/Jabber, an open communications protocol used for instant messaging. It describes how XMPP works, including addressing, presence, rostering, messaging and extensions. It also outlines some of XMPP's strengths like being an open standard, proven, extensible and scalable. However, it notes some weaknesses like being verbose and stateful. The document provides examples of XMPP applications and implementations, including servers, desktop and mobile clients, and discusses adding encryption via OTR. It concludes with an invitation to install a client and try chatting over XMPP.
WhatsApp Telemedicine For the Developing World: What Can We Learn From India by Maurice Mars Head Dept of TeleHealth, Nelson, R Mandela School of Medicine @ University of KwaZulu-Natal, South Africa
WhatsApp is a cross-platform messaging app that allows users to exchange messages on iPhone, BlackBerry, Android and Nokia phones. It provides an alternative to SMS and MMS by using internet connectivity to avoid message charges. The app records a user's device information and phone number when installed and registered with the server. Key features include contacts, favorites, status updates, group chats, and sharing media and locations.
What Facebook acquisition of WhatsApp means for Simplify360Simplify360
There are several talks happening in the Media, and several speculations going on about what happens to the World of Social Media Platforms. We, at Simplify360, are excited about this acquisition, and are looking forward to have more open WhatsApp. More on the presentation.
Public key cryptography uses asymmetric encryption with two related keys - a public key and a private key. The public key can be shared openly but the private key is kept secret. When Alice wants to send a confidential message to Bob, she encrypts it with Bob's public key. Only Bob can decrypt it using his private key. Public key infrastructure involves policies and technologies for issuing, managing, and revoking digital certificates that bind public keys to identities. Popular public key algorithms like RSA are based on the difficulty of factoring large prime numbers.
Speaker:Santhosh Kumar
Event:Defcon Kerala
Date:8/03/2014
Android-Forensic and Security Analysis.
Android one of the leading Mobile Operating System which is managed by Google released back in 2008 now stands with a 4.4.x version Android KitKat.The Study Shows that increasing Crime Rates are switching from Computer Centered to PDA Based.Crime against Women,Children And Abuse.As the Digital Forensics and Law Enforcement Agencies find new Hard Challenges Cracking Down different Situation in the Android Environment.Google Play Store which has over 1 Million Application Active has also added to the Pain.
The Talk Focus on various Methods,the Various Situation where the forensics is useful.
The Methods are classified as Logical and physical which involves from breaking the passcodes to exploring virtual NAND memory.
The talk also focus on various places where is information is available to the forensic point of view.
Affected by Mobile Cyber Attack? Tortured by a Android Smartphone ? Relax there is a solution to each and everything.
The Talk also focus on using both Windows And linux as the Forensic Investigation Environment.
Android Which has the linux kernel at Heart can be best paradise when it comes to Forensic Data.
Various Tools on way this can be done in faster way.
Forensic always useful whether you are from a corporate environment or even from the massive Law enforcement Agencies.
Добро пожаловать в очередной выпуск ежемесячного сборника материалов, который является вашим универсальным ресурсом для получения информации о самых последних разработках, аналитических материалах и лучших практиках в постоянно развивающейся области безопасности. В этом выпуске мы подготовили разнообразную подборку статей, новостей и результатов исследований, рассчитанных как на профессионалов, так и на обычных любителей. Цель нашего дайджеста - сделать наш контент интересным и доступным. Приятного чтения
(https://boosty.to/chronicles_security + ссылки на источник внутри документа)
Добро пожаловать в очередной выпуск ежемесячного сборника материалов, который является вашим универсальным ресурсом для получения информации о самых последних разработках, аналитических материалах и лучших практиках в постоянно развивающейся области безопасности. В этом выпуске мы подготовили разнообразную подборку статей, новостей и результатов исследований, рассчитанных как на профессионалов, так и на обычных любителей. Цель нашего дайджеста - сделать наш контент интересным и доступным. Приятного чтения
(https://boosty.to/chronicles_security + ссылки на источник внутри документа)
Добро пожаловать в очередной выпуск ежемесячного сборника материалов, который является вашим универсальным ресурсом для получения информации о самых последних разработках, аналитических материалах и лучших практиках в постоянно развивающейся области безопасности. В этом выпуске мы подготовили разнообразную подборку статей, новостей и результатов исследований, рассчитанных как на профессионалов, так и на обычных любителей. Цель нашего дайджеста - сделать наш контент интересным и доступным. Приятного чтения
(https://boosty.to/irony_security + ссылки на источник внутри документа)
Добро пожаловать в очередной выпуск ежемесячного сборника материалов, который является вашим универсальным ресурсом для получения информации о самых последних разработках, аналитических материалах и лучших практиках в постоянно развивающейся области безопасности. В этом выпуске мы подготовили разнообразную подборку статей, новостей и результатов исследований, рассчитанных как на профессионалов, так и на обычных любителей. Цель нашего дайджеста - сделать наш контент интересным и доступным. Приятного чтения
(https://boosty.to/irony_security + ссылки на источник внутри документа)
Welcome to the next edition of our Monthly Digest, your one-stop resource for staying informed on the most recent developments, insights, and best practices in the ever-evolving field of security. In this issue, we have curated a diverse collection of articles, news, and research findings tailored to both professionals and casual enthusiasts. Our digest aims to make our content is both engaging and accessible. Happy reading
(https://boosty.to/overkill_security + check original source urls inside)
Welcome to the next edition of our Monthly Digest, your one-stop resource for staying informed on the most recent developments, insights, and best practices in the ever-evolving field of security. In this issue, we have curated a diverse collection of articles, news, and research findings tailored to both professionals and casual enthusiasts. Our digest aims to make our content is both engaging and accessible. Happy reading
(https://boosty.to/overkill_security + check original source urls inside)
The document discusses secure communication on the internet and encryption techniques. It covers symmetric and asymmetric cryptography, encryption keys, digital fingerprints, and how to securely exchange encryption keys over unsecured channels like the internet. Examples of specific encryption techniques mentioned include Diffie-Hellman key exchange. The document is presented as part of a talk or presentation on secure communication.
The document is an invitation from the India International Friendship Society to be considered for their prestigious "Bharat Jyoti Award" given to individuals who have excelled in fields like science, education, industry, arts, politics, and social work. Past recipients of the award are mentioned, including politicians, governors, chief ministers, military leaders, judges, educators, doctors, actors, singers, cricketers, and an Olympic medalist. The recipient is asked to submit a biography highlighting their achievements for consideration for the award.
The document discusses Whisper, a company that produces wireless radio systems for guided tours, conferences, and other events where a speaker needs to communicate with a group. It describes how Whisper systems allow speakers to whisper instead of shouting, keeping groups engaged over long distances. The document provides statistics on Whisper's popularity and growth over the past 20 years, noting they now serve over 5 million users annually in over 40 countries.
Prenez votre pied avec les bots et cognitive services.Microsoft
"Cette session vous propose de découvrir comment mettre le pied dans le monde des bots.
Microsoft Bot Framework offre une solution complète pour créer et connecter votre bot aux principales plateformes de messagerie, notamment Skype, Slack et Facebook Messenger.
Nous vous proposons également de découvrir Cognitives Services pour interagir en language naturel et enrichir les scenarios de votre futur Bot !"
XMPP is an open standard for instant messaging and presence information. It has been implemented by services like Google Talk, Facebook, Yahoo, and others. XMPP uses XML streams to send small messages and is extensible and federated.
OTR provides encryption for instant messages to ensure forward secrecy, repudiable authentication, and prevent eavesdropping. The example message shows how OTR inserts encrypted fields into the XMPP message.
The "socialist millionaire" problem in cryptography refers to allowing two parties to determine if they have equal wealth without disclosing the actual amounts.
This document provides an overview of WhatsApp's end-to-end encryption system. It describes how WhatsApp uses the Signal Protocol to establish encrypted sessions between users, securely exchange messages and media, and conduct encrypted voice and video calls. The encryption protects messages so only the sender and recipient can read them, and not even WhatsApp can access the plaintext. It also details how group messaging, key verification, and transport security are implemented in WhatsApp's encryption protocol.
The document discusses symmetric key cryptography. It begins with an introduction to cryptography and encryption techniques like substitution ciphers. It then covers symmetric encryption in more detail, explaining block ciphers like DES and AES, as well as modes of operation like ECB, CBC, and OFB. It provides an example Java implementation of AES encryption and decryption. It also briefly covers stream ciphers like RC4 and the concept of steganography.
This document discusses different types of symmetric key cryptography. It describes stream ciphers and block ciphers as the two main classifications. Stream ciphers combine plaintext with a pseudorandom cipher stream using XOR, while block ciphers encrypt fixed-length blocks. Example stream ciphers include RC4 and A5/1, while example block ciphers are DES, 3DES, and AES. The document provides details on the algorithms, components, and workings of these various symmetric key cryptography methods.
The document discusses XMPP/Jabber, an open communications protocol used for instant messaging. It describes how XMPP works, including addressing, presence, rostering, messaging and extensions. It also outlines some of XMPP's strengths like being an open standard, proven, extensible and scalable. However, it notes some weaknesses like being verbose and stateful. The document provides examples of XMPP applications and implementations, including servers, desktop and mobile clients, and discusses adding encryption via OTR. It concludes with an invitation to install a client and try chatting over XMPP.
WhatsApp Telemedicine For the Developing World: What Can We Learn From India by Maurice Mars Head Dept of TeleHealth, Nelson, R Mandela School of Medicine @ University of KwaZulu-Natal, South Africa
WhatsApp is a cross-platform messaging app that allows users to exchange messages on iPhone, BlackBerry, Android and Nokia phones. It provides an alternative to SMS and MMS by using internet connectivity to avoid message charges. The app records a user's device information and phone number when installed and registered with the server. Key features include contacts, favorites, status updates, group chats, and sharing media and locations.
What Facebook acquisition of WhatsApp means for Simplify360Simplify360
There are several talks happening in the Media, and several speculations going on about what happens to the World of Social Media Platforms. We, at Simplify360, are excited about this acquisition, and are looking forward to have more open WhatsApp. More on the presentation.
Public key cryptography uses asymmetric encryption with two related keys - a public key and a private key. The public key can be shared openly but the private key is kept secret. When Alice wants to send a confidential message to Bob, she encrypts it with Bob's public key. Only Bob can decrypt it using his private key. Public key infrastructure involves policies and technologies for issuing, managing, and revoking digital certificates that bind public keys to identities. Popular public key algorithms like RSA are based on the difficulty of factoring large prime numbers.
Speaker:Santhosh Kumar
Event:Defcon Kerala
Date:8/03/2014
Android-Forensic and Security Analysis.
Android one of the leading Mobile Operating System which is managed by Google released back in 2008 now stands with a 4.4.x version Android KitKat.The Study Shows that increasing Crime Rates are switching from Computer Centered to PDA Based.Crime against Women,Children And Abuse.As the Digital Forensics and Law Enforcement Agencies find new Hard Challenges Cracking Down different Situation in the Android Environment.Google Play Store which has over 1 Million Application Active has also added to the Pain.
The Talk Focus on various Methods,the Various Situation where the forensics is useful.
The Methods are classified as Logical and physical which involves from breaking the passcodes to exploring virtual NAND memory.
The talk also focus on various places where is information is available to the forensic point of view.
Affected by Mobile Cyber Attack? Tortured by a Android Smartphone ? Relax there is a solution to each and everything.
The Talk also focus on using both Windows And linux as the Forensic Investigation Environment.
Android Which has the linux kernel at Heart can be best paradise when it comes to Forensic Data.
Various Tools on way this can be done in faster way.
Forensic always useful whether you are from a corporate environment or even from the massive Law enforcement Agencies.
Добро пожаловать в очередной выпуск ежемесячного сборника материалов, который является вашим универсальным ресурсом для получения информации о самых последних разработках, аналитических материалах и лучших практиках в постоянно развивающейся области безопасности. В этом выпуске мы подготовили разнообразную подборку статей, новостей и результатов исследований, рассчитанных как на профессионалов, так и на обычных любителей. Цель нашего дайджеста - сделать наш контент интересным и доступным. Приятного чтения
(https://boosty.to/chronicles_security + ссылки на источник внутри документа)
Добро пожаловать в очередной выпуск ежемесячного сборника материалов, который является вашим универсальным ресурсом для получения информации о самых последних разработках, аналитических материалах и лучших практиках в постоянно развивающейся области безопасности. В этом выпуске мы подготовили разнообразную подборку статей, новостей и результатов исследований, рассчитанных как на профессионалов, так и на обычных любителей. Цель нашего дайджеста - сделать наш контент интересным и доступным. Приятного чтения
(https://boosty.to/chronicles_security + ссылки на источник внутри документа)
Добро пожаловать в очередной выпуск ежемесячного сборника материалов, который является вашим универсальным ресурсом для получения информации о самых последних разработках, аналитических материалах и лучших практиках в постоянно развивающейся области безопасности. В этом выпуске мы подготовили разнообразную подборку статей, новостей и результатов исследований, рассчитанных как на профессионалов, так и на обычных любителей. Цель нашего дайджеста - сделать наш контент интересным и доступным. Приятного чтения
(https://boosty.to/irony_security + ссылки на источник внутри документа)
Добро пожаловать в очередной выпуск ежемесячного сборника материалов, который является вашим универсальным ресурсом для получения информации о самых последних разработках, аналитических материалах и лучших практиках в постоянно развивающейся области безопасности. В этом выпуске мы подготовили разнообразную подборку статей, новостей и результатов исследований, рассчитанных как на профессионалов, так и на обычных любителей. Цель нашего дайджеста - сделать наш контент интересным и доступным. Приятного чтения
(https://boosty.to/irony_security + ссылки на источник внутри документа)
Welcome to the next edition of our Monthly Digest, your one-stop resource for staying informed on the most recent developments, insights, and best practices in the ever-evolving field of security. In this issue, we have curated a diverse collection of articles, news, and research findings tailored to both professionals and casual enthusiasts. Our digest aims to make our content is both engaging and accessible. Happy reading
(https://boosty.to/overkill_security + check original source urls inside)
Welcome to the next edition of our Monthly Digest, your one-stop resource for staying informed on the most recent developments, insights, and best practices in the ever-evolving field of security. In this issue, we have curated a diverse collection of articles, news, and research findings tailored to both professionals and casual enthusiasts. Our digest aims to make our content is both engaging and accessible. Happy reading
(https://boosty.to/overkill_security + check original source urls inside)
Welcome to the next edition of our Monthly Digest, your one-stop resource for staying informed on the most recent developments, insights, and best practices in the ever-evolving field of security. In this issue, we have curated a diverse collection of articles, news, and research findings tailored to both professionals and casual enthusiasts. Our digest aims to make our content is both engaging and accessible. Happy reading
(https://boosty.to/snarky_security + check original source urls inside)
Welcome to the next edition of our Monthly Digest, your one-stop resource for staying informed on the most recent developments, insights, and best practices in the ever-evolving field of security. In this issue, we have curated a diverse collection of articles, news, and research findings tailored to both professionals and casual enthusiasts. Our digest aims to make our content is both engaging and accessible. Happy reading
(https://boosty.to/snarky_security + check original source urls inside)
Security Vulnerability Notice SE-2012-01-PUBLIC [Security vulnerabilities in ...Yury Chemerkin
This document summarizes a security vulnerability (Issue 54) discovered in Java SE Platform related to method handles. It details how the lack of security checks when resolving method handles using certain MethodHandle methods like resolveVirtual can allow access to protected members of arbitrary classes. The vulnerability on its own is not enough to bypass Java security, but combined with another issue (Issue 55) it can be used to achieve a full sandbox bypass. The vendor Oracle was notified but has so far not acknowledged Issue 54 as a vulnerability, claiming the behavior is allowed. The reporting organization disagrees with this assessment.
The document discusses the Red October malware campaign and describes its use of a Java exploit to infiltrate victim networks in early 2012. It notes that the Java exploit (CVE-2011-3544) was delivered via a link to a site hosting the malicious NewsFinder.jar file. If clicked, it would exploit outdated Java versions. The exploit installed a downloader that communicated with the attackers' command and control servers, and could receive and execute additional malware payloads. The document analyzes the encryption routines and network communications used by the Java exploit and downloader.
The document provides network, file, system and email indicators of compromise from the Comment Crew group observed over the past year. It lists domains, IP addresses, filenames and file hashes that may be associated with Comment Crew attacks but could also match legitimate software. Additional verification is needed to confirm an actual compromise.
This document discusses Indicators of Compromise (IOCs) related to APT1, a Chinese cyber espionage group. It provides links to download the IOCs and explains how they can be used with Mandiant tools like Redline and MIR to detect malware. The document also defines IOCs and describes how the included IOCs were developed and may differ from other Mandiant IOCs. It notes that the IOCs focus on detecting known malware families and may not find new variants.
This document contains SSL certificates used by APT1, a Chinese cyber espionage group, to encrypt malware communications. It provides 4 self-signed certificates - VIRTUALLYTHERE, IBM, WEBMAIL, and ALPHA - that contain information like issuer, validity period, subject, and public key. Detecting these certificates may indicate an APT1 malware infection.
This document contains a list of hexadecimal strings that are identifiers or codes for unknown items or entities. There are over 200 unique hexadecimal strings included ranging in length from 8 to 32 characters each.
This document contains a list of over 300 domain names. Many of the domain names contain misspellings of popular brands and websites like cnn, yahoo, firefox, and microsoft. The domains appear to be related to phishing or spreading malware by posing as legitimate websites or software updates.
The document provides joint doctrine for information operations planning, preparation, execution, and assessment to support joint operations and achieve information superiority, establishes the core capabilities of information operations as electronic warfare, computer network operations, psychological operations, military deception, and operations security, and provides guidance on intelligence support, command relationships, and planning considerations for information operations.
Zane lackey. security at scale. web application security in a continuous depl...Yury Chemerkin
Effective approaches to web application security at scale involve making things safe by default through universal output encoding, detecting risky functionality changes through automated alerts, automating tests to find simple issues, and monitoring metrics to identify attacks and problems off-hours through automated alerts on thresholds.
Windows 8. important considerations for computer forensics and electronic dis...Yury Chemerkin
Windows 8 stores email communications and contacts locally in a format that presents challenges for attorney review in litigation. The testing revealed that Windows 8 imports emails, contacts, and social media information from connected web accounts. Over 2,000 email files were found locally stored in EML format, but no files were found in common formats like MSG, PST, or MBOX. This local storage of email presents potential issues for efficiently processing the communications for discovery in litigation.
The stuxnet computer worm. harbinger of an emerging warfare capabilityYury Chemerkin
The document summarizes a Congressional Research Service report on the Stuxnet computer worm. It discusses how Stuxnet targeted Iranian nuclear facilities by infecting industrial control systems. It affected systems in several countries and demonstrated that cyber attacks could disrupt critical infrastructure. The report examines questions for Congress about national security, an international treaty on malicious software, and protecting critical infrastructure from cyber threats.
Trusted Execution Environment for Decentralized Process MiningLucaBarbaro3
Presentation of the paper "Trusted Execution Environment for Decentralized Process Mining" given during the CAiSE 2024 Conference in Cyprus on June 7, 2024.
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
Best 20 SEO Techniques To Improve Website Visibility In SERPPixlogix Infotech
Boost your website's visibility with proven SEO techniques! Our latest blog dives into essential strategies to enhance your online presence, increase traffic, and rank higher on search engines. From keyword optimization to quality content creation, learn how to make your site stand out in the crowded digital landscape. Discover actionable tips and expert insights to elevate your SEO game.
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slackshyamraj55
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
Main news related to the CCS TSI 2023 (2023/1695)Jakub Marek
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
A Comprehensive Guide to DeFi Development Services in 2024Intelisync
DeFi represents a paradigm shift in the financial industry. Instead of relying on traditional, centralized institutions like banks, DeFi leverages blockchain technology to create a decentralized network of financial services. This means that financial transactions can occur directly between parties, without intermediaries, using smart contracts on platforms like Ethereum.
In 2024, we are witnessing an explosion of new DeFi projects and protocols, each pushing the boundaries of what’s possible in finance.
In summary, DeFi in 2024 is not just a trend; it’s a revolution that democratizes finance, enhances security and transparency, and fosters continuous innovation. As we proceed through this presentation, we'll explore the various components and services of DeFi in detail, shedding light on how they are transforming the financial landscape.
At Intelisync, we specialize in providing comprehensive DeFi development services tailored to meet the unique needs of our clients. From smart contract development to dApp creation and security audits, we ensure that your DeFi project is built with innovation, security, and scalability in mind. Trust Intelisync to guide you through the intricate landscape of decentralized finance and unlock the full potential of blockchain technology.
Ready to take your DeFi project to the next level? Partner with Intelisync for expert DeFi development services today!
Digital Marketing Trends in 2024 | Guide for Staying AheadWask
https://www.wask.co/ebooks/digital-marketing-trends-in-2024
Feeling lost in the digital marketing whirlwind of 2024? Technology is changing, consumer habits are evolving, and staying ahead of the curve feels like a never-ending pursuit. This e-book is your compass. Dive into actionable insights to handle the complexities of modern marketing. From hyper-personalization to the power of user-generated content, learn how to build long-term relationships with your audience and unlock the secrets to success in the ever-shifting digital landscape.
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfChart Kalyan
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc
How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024?
In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores.
See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe.
This webinar will review:
- The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey
- The top challenges for privacy leaders, practitioners, and organizations in 2024
- Key themes to consider in developing and maintaining your privacy program
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...Tatiana Kojar
Skybuffer AI, built on the robust SAP Business Technology Platform (SAP BTP), is the latest and most advanced version of our AI development, reaffirming our commitment to delivering top-tier AI solutions. Skybuffer AI harnesses all the innovative capabilities of the SAP BTP in the AI domain, from Conversational AI to cutting-edge Generative AI and Retrieval-Augmented Generation (RAG). It also helps SAP customers safeguard their investments into SAP Conversational AI and ensure a seamless, one-click transition to SAP Business AI.
With Skybuffer AI, various AI models can be integrated into a single communication channel such as Microsoft Teams. This integration empowers business users with insights drawn from SAP backend systems, enterprise documents, and the expansive knowledge of Generative AI. And the best part of it is that it is all managed through our intuitive no-code Action Server interface, requiring no extensive coding knowledge and making the advanced AI accessible to more users.
5th LF Energy Power Grid Model Meet-up SlidesDanBrown980551
5th Power Grid Model Meet-up
It is with great pleasure that we extend to you an invitation to the 5th Power Grid Model Meet-up, scheduled for 6th June 2024. This event will adopt a hybrid format, allowing participants to join us either through an online Mircosoft Teams session or in person at TU/e located at Den Dolech 2, Eindhoven, Netherlands. The meet-up will be hosted by Eindhoven University of Technology (TU/e), a research university specializing in engineering science & technology.
Power Grid Model
The global energy transition is placing new and unprecedented demands on Distribution System Operators (DSOs). Alongside upgrades to grid capacity, processes such as digitization, capacity optimization, and congestion management are becoming vital for delivering reliable services.
Power Grid Model is an open source project from Linux Foundation Energy and provides a calculation engine that is increasingly essential for DSOs. It offers a standards-based foundation enabling real-time power systems analysis, simulations of electrical power grids, and sophisticated what-if analysis. In addition, it enables in-depth studies and analysis of the electrical power grid’s behavior and performance. This comprehensive model incorporates essential factors such as power generation capacity, electrical losses, voltage levels, power flows, and system stability.
Power Grid Model is currently being applied in a wide variety of use cases, including grid planning, expansion, reliability, and congestion studies. It can also help in analyzing the impact of renewable energy integration, assessing the effects of disturbances or faults, and developing strategies for grid control and optimization.
What to expect
For the upcoming meetup we are organizing, we have an exciting lineup of activities planned:
-Insightful presentations covering two practical applications of the Power Grid Model.
-An update on the latest advancements in Power Grid -Model technology during the first and second quarters of 2024.
-An interactive brainstorming session to discuss and propose new feature requests.
-An opportunity to connect with fellow Power Grid Model enthusiasts and users.
Gregor kopf , bernhard brehm. deniability in messaging protocols
1. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Secure Function Evaluation vs. Deniability
In OTR and Similar Protocols
bruhns, greg
CONFidence 2012
Secure Function Evaluation vs. Deniability
2. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
What and why?
OTR is a popular cryptographic protocol.
It features a number of properties, such as confidentiality,
integrity and also deniability.
We’re going to focus on the deniability aspect of the protocol.
Secure Function Evaluation vs. Deniability
3. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
TOC
1 Introduction
2 OTR
3 Deniability
4 Secure Function Evaluation
5 Putting It All Together
6 The End
Secure Function Evaluation vs. Deniability
4. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
OTR
Secure Function Evaluation vs. Deniability
5. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
OTR
Off-the-Record Messaging
Cryptographic protocol for instant messaging
Interesting properties
Confidentiality
Integrity
Forward Secrecy
Mutual authentication using SMP
Deniability
Secure Function Evaluation vs. Deniability
6. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Security Properties
General setting: Alice ↔ Eve ↔ Bob
Confidentiality & Integrity
Eve cannot decipher any of Bob’s or Alice’s messages. Neither can
she modify any of those messages (without Alice or Bob noticing
that).
Forward Secrecy
Suppose Alice looses her private key. Eve should not be able to
decipher any messages that has already been sent in a prior
conversation between Alice and Bob.
Mutual authentication
Alice and Bob can authenticate each other.
Secure Function Evaluation vs. Deniability
7. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Security Properties
General setting: Alice ↔ Eve ↔ Bob
Confidentiality & Integrity
Eve cannot decipher any of Bob’s or Alice’s messages. Neither can
she modify any of those messages (without Alice or Bob noticing
that).
Forward Secrecy
Suppose Alice looses her private key. Eve should not be able to
decipher any messages that has already been sent in a prior
conversation between Alice and Bob.
Mutual authentication
Alice and Bob can authenticate each other.
Secure Function Evaluation vs. Deniability
8. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Security Properties
General setting: Alice ↔ Eve ↔ Bob
Confidentiality & Integrity
Eve cannot decipher any of Bob’s or Alice’s messages. Neither can
she modify any of those messages (without Alice or Bob noticing
that).
Forward Secrecy
Suppose Alice looses her private key. Eve should not be able to
decipher any messages that has already been sent in a prior
conversation between Alice and Bob.
Mutual authentication
Alice and Bob can authenticate each other.
Secure Function Evaluation vs. Deniability
9. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Security Properties
General setting: Alice ↔ Eve ↔ Bob
Confidentiality & Integrity
Eve cannot decipher any of Bob’s or Alice’s messages. Neither can
she modify any of those messages (without Alice or Bob noticing
that).
Forward Secrecy
Suppose Alice looses her private key. Eve should not be able to
decipher any messages that has already been sent in a prior
conversation between Alice and Bob.
Mutual authentication
Alice and Bob can authenticate each other.
Secure Function Evaluation vs. Deniability
10. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Security Properties
General setting: Alice ↔ Eve ↔ Bob
Deniability
Both, Alice and Bob are hackers and talk about serious stuff (TM)
using OTR. Now Alice turns evil and wants to backstab on Bob.
Debiability means that Alice can not prove that Bob was really the
author of any message he sent (yet, during the conversation Alice
is still sure that she talks to Bob).
Secure Function Evaluation vs. Deniability
11. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Key Exchange & Message Crypto
Simplified version of the protocol:
Each party has an asymmetric key pair, which we’ll call
master key
Use Diffie-Hellman to establish a common set of encryption
and authentication keys. Alice and Bob sign their
Diffie-Hellman messages with their master keys.
→ Authentication and Forward Secrecy
→ Deniability (weak)
Messages are encrypted (AES-CTR) and MACed (HMAC)
using the symmtric keys that have been generated.
→ Confidentiality and integrity
Secure Function Evaluation vs. Deniability
12. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Key Exchange & Message Crypto
Each message contains a new DH key exchange proposal (also
MACed of course). As soon as new keys have been
established, the old MAC keys are made public.
→ Deniability (strong)
Secure Function Evaluation vs. Deniability
13. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Re-Keying
Both parties frequently re-key the symmetric primitives.
The re-keying procedure is significantly simpler than the initial
key-exchange - we already have key material exchanged.
General approach: Perform a DH key-exchange and use
already established MAC keys to authenticate the
communication.
Advantage: We can publish the “old” MAC keys, as they are
not longer used. We will not disclose our encryption keys,
though!
Secure Function Evaluation vs. Deniability
14. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Deniability
Secure Function Evaluation vs. Deniability
15. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Deniability
How could Alice attack Bob’s deniability?
+-------+ "I pwn3d XYZ", sig(..) +-------+
| Alice | <-----------------------> | Bob |
+-------+ +-------+
^
| "Bob pwn3d XYZ, here’s a proof" +-------+
+---------------------------------> | Judge |
+-------+
Simple offline attack
Bob will argue that Alice just made up the signature. She can do
that, because OTR is deniable (more on that later).
But Alice might try something else. . .
Secure Function Evaluation vs. Deniability
16. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Deniability
How could Alice attack Bob’s deniability?
+-------+ "I pwn3d XYZ", sig(..) +-------+
| Alice | <-----------------------> | Bob |
+-------+ ^ +-------+
^ |
| +---- Sniff ------------+
| |
| "See? Bob really said he pwn3d XYZ." +-------+
+------------------------------------> | Judge |
+-------+
If the judge sniffs all traffic, he knows that Bob said. Alice can give
him the encryption/MAC key and he can verify that.
Hard to implement (especially if Alice/Bob use an anonymizer).
Secure Function Evaluation vs. Deniability
17. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Deniability
How could Alice attack Bob’s deniability?
+-------+ +-------+
| Alice |<-+ +->| Bob |
+-------+ | | +-------+
| |
v v
+-------+
| Judge |
+-------+
Online attack: Alice forwards all traffic to the judge. Also won’t
work: Bob will again argue that Alice faked the messages.
Alice gives her master key to the judge, who will act as a proxy for
Alice. He will read all messages, check integrity and authentication.
Secure Function Evaluation vs. Deniability
18. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Deniability
How could Alice attack Bob’s deniability?
+-------+ +-------+
| Alice |<-+ +->| Bob |
+-------+ | | +-------+
| |
v v
+-------+
| Judge |
+-------+
But now the judge can impersonate Alice and Alice doesn’t really
trust the judge.
What if there was a party that both, Alice and the judge, trust?
Secure Function Evaluation vs. Deniability
19. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Deniability
How could Alice attack Bob’s deniability?
+-------+ +-------+
| Alice |<-+ +->| Bob |
+-------+ | | +-------+
| |
v v
+----------------+ +-------+
| Alice’s Lawyer | <---> | Judge |
+----------------+ +-------+
Alice just gives her master keys to her lawyer.
That looks pretty good. But Alice has some doubts. . .
Does the judge really trust her lawyer?
Worse: does she really trust her lawyer?
Secure Function Evaluation vs. Deniability
20. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Deniability
How could Alice attack Bob’s deniability?
+-------+ +-------+
| Alice |<-+ +->| Bob |
+-------+ | | +-------+
| |
v v
+----------------+ +-------+
| Alice’s Lawyer | <---> | Judge |
+----------------+ +-------+
Lucky us: We’re all paranoid and there is no trusted third party.
Alice’s goal: get rid of the lawyer!
Secure Function Evaluation vs. Deniability
21. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Deniability
There are actually two concepts of deniability: weak and
strong deniability.
Weak deniability: If one party discloses a message sent by the
other party, the other party can claim that the message was
actually faked by the disclosing party.
Strong deniability: If a message gets disclosed, each party can
claim that anybody could have faked that message.
Weak deniability is pretty obvious: both parties are in
possession of encryption and MAC keys, so there is no way to
distinguish who actually sent a message.
Attacks can be offline (observer not involved in the
conversation) and online (observer is involved in the
conversation).
Secure Function Evaluation vs. Deniability
22. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Strong Deniability
That’s a bit harder. The main idea here is that after each
re-keying, the old MAC keys are disclosed.
In order to fake a message, we need to know two things: MAC
key (is public) and encryption key. The encryption key is never
disclosed to the public, because that would violate the
confidentiality.
But using the MAC key, we can create a fake re-keying event,
so that encryption and MAC keys are generated, which we
know.
Now we can forge any message transcript.
Secure Function Evaluation vs. Deniability
23. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
What Does OTR Offer?
OTR claims strong deniability.
Deniability does not protect against someone who was evil
right from the beginning! Such individuals could just share
their master keys with any agency.
If they are able to sniff your traffic, you’re screwed, too: they
know, which messages you sent.
But sniffing each and every network communication doesn’t
scale well. Also, if your peer wasn’t evil right from the
beginning, we cannot assume a trust relation between him and
the attacker(s).
Secure Function Evaluation vs. Deniability
24. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Secure Function Evaluation
Secure Function Evaluation vs. Deniability
25. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Secure Function Evaluation
Remember: Alice wanted to get rid of the lawyer. Doesn’t
look like an easy task.
But isn’t there any way to “emulate” that trusted third party?
Crypto teaches us the surprising result: there actually is!
It’s called Secure Function Evaluation (SFE).
Secure Function Evaluation vs. Deniability
26. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
SFE
A method for securely computing f (x, y ), where you know x,
your peer knows y and neither you nor your peer want the
other to learn x or y .
Different approaches for implementing SFE
(Partially) homomorphic cryptosystems
Yao’s Garbled Circuits
Secure Function Evaluation vs. Deniability
27. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Oblivious Transfer
Bob knows two values, x0 and x1 . He is willing to share
exactly one with Alice.
Alice wants one of those values, but doesn’t want to tell Bob,
which one she wants.
This problem is solved by oblivious transfer.
There are many OT schemes out there, often based on
trapdoor one-way functions. You can imagine those as
instances of RSA, where f is the encryption function and f −1
the decryption function (keys are fixed).
Secure Function Evaluation vs. Deniability
28. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
OT: Compact Version
Bob knows x0 and x1 , Alice wants to receive one of them (xb with
b ∈ {0, 1})
A B
Pick f , f −1 , r0 , r1
f ,r0 ,r1
←− − − − − − − −
− − − − − − − −−
Pick k
compute z = f (k)
z=f (k)⊕rb
−− − − − − − − −
− − − − − − − −→
Compute candidates
k0 = f −1 (z ⊕ r0 ) and k1
x0 ⊕f −1 (z⊕r0 ),x1 ⊕f −1 (z⊕r1 )
←−−−−−−−−
−−−−−−−−−
Secure Function Evaluation vs. Deniability
29. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
OT: Compact Version
Bob knows x0 and x1 , Alice wants to receive one of them (xb with
b ∈ {0, 1})
A B
Pick f , f −1 , r0 , r1
f ,r0 ,r1
←− − − − − − − −
− − − − − − − −−
Pick k
compute z = f (k)
z=f (k)⊕rb
−− − − − − − − −
− − − − − − − −→
Compute candidates
k0 = f −1 (z ⊕ r0 ) and k1
x0 ⊕f −1 (z⊕r0 ),x1 ⊕f −1 (z⊕r1 )
←−−−−−−−−
−−−−−−−−−
Secure Function Evaluation vs. Deniability
30. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
OT: Compact Version
Bob knows x0 and x1 , Alice wants to receive one of them (xb with
b ∈ {0, 1})
A B
Pick f , f −1 , r0 , r1
f ,r0 ,r1
←− − − − − − − −
− − − − − − − −−
Pick k
compute z = f (k)
z=f (k)⊕rb
−− − − − − − − −
− − − − − − − −→
Compute candidates
k0 = f −1 (z ⊕ r0 ) and k1
x0 ⊕f −1 (z⊕r0 ),x1 ⊕f −1 (z⊕r1 )
←−−−−−−−−
−−−−−−−−−
Secure Function Evaluation vs. Deniability
31. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
OT: Compact Version
Bob knows x0 and x1 , Alice wants to receive one of them (xb with
b ∈ {0, 1})
A B
Pick f , f −1 , r0 , r1
f ,r0 ,r1
←− − − − − − − −
− − − − − − − −−
Pick k
compute z = f (k)
z=f (k)⊕rb
−− − − − − − − −
− − − − − − − −→
Compute candidates
k0 = f −1 (z ⊕ r0 ) and k1
x0 ⊕f −1 (z⊕r0 ),x1 ⊕f −1 (z⊕r1 )
←−−−−−−−−
−−−−−−−−−
Secure Function Evaluation vs. Deniability
32. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
OT: Compact Version
Bob knows x0 and x1 , Alice wants to receive one of them (xb with
b ∈ {0, 1})
A B
Pick f , f −1 , r0 , r1
f ,r0 ,r1
←− − − − − − − −
− − − − − − − −−
Pick k
compute z = f (k)
z=f (k)⊕rb
−− − − − − − − −
− − − − − − − −→
Compute candidates
k0 = f −1 (z ⊕ r0 ) and k1
x0 ⊕f −1 (z⊕r0 ),x1 ⊕f −1 (z⊕r1 )
←−−−−−−−−
−−−−−−−−−
Secure Function Evaluation vs. Deniability
33. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
OT: Compact Version
Bob knows x0 and x1 , Alice wants to receive one of them (xb with
b ∈ {0, 1})
A B
Pick f , f −1 , r0 , r1
f ,r0 ,r1
←− − − − − − − −
− − − − − − − −−
Pick k
compute z = f (k)
z=f (k)⊕rb
−− − − − − − − −
− − − − − − − −→
Compute candidates
k0 = f −1 (z ⊕ r0 ) and k1
x0 ⊕f −1 (z⊕r0 ),x1 ⊕f −1 (z⊕r1 )
←−−−−−−−−
−−−−−−−−−
Secure Function Evaluation vs. Deniability
34. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
OT: Compact Version
Bob knows x0 and x1 , Alice wants to receive one of them (xb with
b ∈ {0, 1})
A B
Pick f , f −1 , r0 , r1
f ,r0 ,r1
←− − − − − − − −
− − − − − − − −−
Pick k
compute z = f (k)
z=f (k)⊕rb
−− − − − − − − −
− − − − − − − −→
Compute candidates
k0 = f −1 (z ⊕ r0 ) and k1
x0 ⊕f −1 (z⊕r0 ),x1 ⊕f −1 (z⊕r1 )
←−−−−−−−−
−−−−−−−−−
Secure Function Evaluation vs. Deniability
35. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
General OT Approach
Bob choses f , f −1 (trapdoor one-way!) and sends f to Alice.
Also, Bob picks two random values r0 and r1 , which he also
sends to Alice.
Alice wants to retrieve value xb from Bob. She first generates
a random value k and computes z = f (k) ⊕ rb , which she
sends to Bob.
Bob computes k0 = f −1 (z ⊕ r0 ) and k1 = f −1 (z ⊕ r1 ). He can
be sure that one of those k values is correct and the other one
is junk. He computes x0 = x0 ⊕ k0 and x1 = x1 ⊕ k1 , which he
sends to Alice.
Alice receives x0 and x1 , but she can only decrypt one of
them, because she only knows one k value.
Secure Function Evaluation vs. Deniability
36. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
GC SFE
Evalution of boolean circuits (non-uniform computation)
Functions can be modeled as circuits.
That’s what happens when you program an FPGA.
A circuit consists of gates and wires connecting those gates.
Alice and Bob agree on a circuit. Alice “garbles” it and Bob
evaluates the garbled circuit.
Gates can be represented by their truth tables. For example:
0 1
0 0 0
1 0 1
Secure Function Evaluation vs. Deniability
37. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Garbling a Gate
Main idea: replace the binary inputs by (long) random strings.
Instead of 1 or 0, we use keys like 350d5ea01e8a1f407cf or
763581eb6cea7ec4b9a6e.
Pick such random keys for each value of each wire (if we have
inputs a and b, we’ll call the keys ka0 , ka1 , kb0 and kb1 ).
Encrypt the truth table of the gate using the generated keys.
Pick an encryption function E , decryption function D. Let D
be built in such a way that it will complain if wrong keys are
used (instead of just decrypting junk).
0 1 0 1
0 0 0 → 0 Eka0 (Ekb0 (0)) Eka1 (Ekb0 (0))
1 0 1 1 Eka0 (Ekb1 (0)) Eka1 (Ekb1 (1))
Secure Function Evaluation vs. Deniability
38. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Garbling a Circuit
Out When you have the input keys, just try to
| decrypt all entries in a garbled gate until
+------+ one operation succeeds.
| G1 | In1 , In2 and In4 are known (will cover that
+------+ later)
| | But where to get In3 from? Simple trick:
In_3 | | We put the key In3 into the garbled table
| | of G 2.
+---+ In_4 0 1
|G2 | 0 Eka0 (Ekb0 (In30 )) Eka1 (Ekb0 (In30 ))
+---+ 1 Eka0 (Ekb1 (In30 )) Eka1 (Ekb1 (In31 ))
|
In_1 In_2
Secure Function Evaluation vs. Deniability
39. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Evaluating a GC
Where to get the input keys from?
Alice can hard-code her inputs into the circuit when garbling
it.
Bob however doesn’t know the keys for his inputs.
Bob could just ask Alice to give him the keys for his input
values. But either he tells Alice what his input values are or
Alice gives him the keys for all input values. Neither is
acceptable.
Solution: Oblivious transfer
After Bob obliviously received his garbled input values, he
evaluates the circuit, sends the result over to Alice and Alice
de-garbles it.
Secure Function Evaluation vs. Deniability
40. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Putting It All Together
Secure Function Evaluation vs. Deniability
41. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
The Attack Idea
SFE can be used to emulate a trusted third party.
That is: Instead of letting a trusted third party compute some
function for us, we can just do that ourselves and still have
the same security properties.
Use SFE to emulate a trusted third party: Somehow (TM)
share our keys with that “third party”.
Secure Function Evaluation vs. Deniability
42. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Sharing is Caring
We want to backstab our peer, therefore we collaborate with
an observing party O (a.k.a. the judge or simply them).
We keep our asymmetric master keys for ourselves.
But every DH key exchange, we compute together with O.
The resulting MAC keys are shared between O and us (i.e.
neither O nor we know the keys, details later).
The encryption keys are only known to us (otherwise, O could
learn the plain text).
To verify a message’s integrity, we collaborate with O. For
signing a message, we also collaborate with O.
Secure Function Evaluation vs. Deniability
43. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Recap: Diffie-Hellman
A and B publicly agree on a prime p and a generator g of a
large cyclic subgroup of Zp .
A picks a random a, computes g a . Same for B.
A and B exchange g a and g b , but keep a and b secret.
A computes k = (g b )a , B computes k = (g a )b . Both keys are
the same k = g ab = g ba .
An attacker cannot compute g ab from g a and g b alone
(Diffie-Hellman problem).
Secure Function Evaluation vs. Deniability
44. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
The Attack Implementation
Cooperative key-exchange: consider three parties A, B and O
(Alice, Bob and the observing party). A and O cooperate.
O A B
ga
←− − − − −
− − − − −−
go
−− − − − −
− − − − −→
g ao
−− − − − −
− − − − −→
gb
←− − − − −
− − − − −−
B now knows g abo , but neither A not O can compute that
value.
Proof idea: A knows g b , g o and a. Computing g oab ↔
computing g bo , equivalent to the Diffie-Hellman problem.
Secure Function Evaluation vs. Deniability
45. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
The Attack Implementation
No SFE up to here!
A and O both know g b . With their private exponents, A and
O can compute g abo . But A and O don’t want to share a and
o.
From g abo , A and B can compute the encryption and MAC
keys (those are generated by hasing g abo in various ways).
The function that A and O want to compute is
f (a, b) = (kE , kM ) = (HASHE (((g b )a )o ), HASHM (((g b )a )o )).
Inputs of the function are the private exponents a and o.
The circuit for that is rather big. . .
Secure Function Evaluation vs. Deniability
46. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Cleanup
But now O knows the MAC key and could impersonate A and
B. . .
Fix: A has to get kE and A, O have to share kM !
Easily possible by using a circuit that blinds some of its outputs
with a key only known to one party: The circuit takes an
additional input x and instead of kM it really computes kM ⊕ x.
A will know kx := kM ⊕ x and O will know x.
For every MAC computation, A and O will jointly compute
f (kx , x, m) = HMAC (m, kx ⊕ x).
Secure Function Evaluation vs. Deniability
47. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
The Big Picture: Key Exchange
O A B
go
−− − − − − − − −
− − − − − − − −→
ga
←− − − − − − − −
− − − − − − − −−
g ao
−−−−−−−−−
−−−−−−−−→
gb
←− − − − − − − −
− − − − − − − −−
f ,r0 ,r1
←− − − − − − − −
− − − − − − − −−
z=f (k)⊕rb
−− − − − − − − −
− − − − − − − −→
x0 ⊕f −1 (z⊕r0 ),x1 ⊕f −1 (z⊕r1 )
←−−−−−−−−
−−−−−−−−−
.
.
.
C
←−−−−−−−−
−−−−−−−−
eval(C )=kE ,kM ⊕x
−− − − − − − − −
− − − − − − − −→
Secure Function Evaluation vs. Deniability
48. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
The Big Picture: Message Exchange
O A B
E (m),HMAC (E (m))
←− − − − − − − −
− − − − − − − −−
C ,f ,r0 ,r1
←−−−−−−−
−−−−−−−
z=f (k)⊕rb
−− − − − − − −→
−−−−−−−−
x0 ⊕f −1 (z⊕r0 ),x1 ⊕f −1 (z⊕r1 )
←−−−−−−−−
−−−−−−−−−
.
.
.
eval(C )=HMAC (E (m))
−− − − − − − − − −
− − − − − − − − −→
Secure Function Evaluation vs. Deniability
49. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Security Properties of Our Scheme
O will never see any plain text, so confidentiality stays.
Without our help, O cannot sign or verify any message, so
integrity also stays intact.
Forward secrecy also remains OK, because O won’t learn any
decryption keys anyway.
Secure Function Evaluation vs. Deniability
50. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Security Properties of Our Scheme
But deniability is gone: As we need the help of O to verify the
messages of our peer, O learns about the integrity of the
messages at the same time as we do.
Messages that are created afterwards will be rejected by O,
just because O has not seen those during the conversation.
Even worse: We can selectively disclose any message content
to O, just by telling O the decryption key for that particular
message!
This scheme can be extended to other protocols as well!
Secure Function Evaluation vs. Deniability
51. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
What’s the Benefit of Our Scenario?
No trust relationship with O is required (on no side).
O doesn’t have to sniff anything.
You don’t have to disclose everything you or your peer said.
No “evil” intentions required.
People might use it as a defense: “just to be sure.. if my peer
turns evil at some point in time then I’ll disclose everything he
said!”
Secure Function Evaluation vs. Deniability
52. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Closing remarks
“So who is that obverving party?”
They might be the NSA or anybody else.
Probably the adversary you’re most afraid of.
“Yeah, but you know what: they still cannot prove anything to
(yet) another party. And in my country, you actually need to
prove stuff in court!!1”
Might be (are you sure?)
But what if they are the judges / the jury?
Cooperating “just to be safe” → prisoners dilemma
Secure Function Evaluation vs. Deniability
53. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Implementation Considerations
A real-world implementation would be more complicated
(OTR has some restrictions that we left out) but can be done.
You need some SFE framework (try TASTY and/or Fairplay).
SFE comes with some performance impact, so think about
additional optimizations.
Also, some SFE schemes are by default only secure against
honest-but-curious attackers. Need to add zero-knowledge or
other tricks to improve that.
For additional details, please check out our article in Phrack
#68.
Secure Function Evaluation vs. Deniability
54. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
OTR Related Details
OTR mandates kM = Hash(kE ), so A is not allowed to know
kE . Can be solved by also sharing kE with O and cooperating
for encryption and decryption.
A needs to convince O that she doesn’t do re-keyings that O
doesn’t know about (can be done by using zero-knowledge
proofs).
OTR mandates you should publish your MAC keys when you
won’t use them anymore. The current implementation doesn’t
check that but if it would, we’d also need to do that
cooperatively.
Secure Function Evaluation vs. Deniability
55. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Optimizing DH
Computing modular exponentiation is expensive. Even more
so in a circuit. Fortunately, DH can be tweaked, so that we
only need to do a multiplication in SFE.
A picks some random value j and does the following:
O A B
gb
←− −−
−−−
g ab+j
←−−−−−−
−−−−−−
go
−− − − − −
− − − − −→
O computes (g ab+j )o = g abo+jo
A computes g −jo (trivial to invert g j )
Using SFE, A and O compute g abo = g abo+jo · g −jo
Secure Function Evaluation vs. Deniability
56. Introduction
OTR
Deniability
Secure Function Evaluation
Putting It All Together
The End
Questions?
Get in touch:
Mail: ping@gregorkopf.de, twitter: teh gerg
Mail: bbrehm@math.fu-berlin.de, twitter: bruhn5
Secure Function Evaluation vs. Deniability