One of the hottest topics in current crypto research is Post-Quantum Cryptography. This branch of cryptography addresses asymmetric crypto systems that are not prone to quantum computers.
Virtually all asymmetric crypto systems currently in use (Diffie-Hellman, RSA, DSA, and Elliptic Curve Crypto Systems) are not Post-Quantum. They will be useless, once advanced quantum computers will be available. Quantum computer technology has made considerable progress in recent years, with major organisations, like Google, NSA, and NASA, investing in it.
Post-Quantum Cryptography uses advanced mathematical concepts. Even if one knows the basics of current asymmetric cryptography (integer factorisation, discrete logarithms, …), Post-Quantum algorithms are hard to understand.
The goal of this presentation is to explain Post-Quantum Cryptography in a way that is comprehensible for non-mathematicians. Five families of crypto systems (as good as all known Post-Quantum algorithms belong to these) will be introduced:
Lattice-based systems:
The concept of lattice-based asymmetric encryption will be explained with a two-dimensional grid (real-world implementations use 250 dimensions and more). Some lattice-based ciphers (e.g., New Hope) make use of the Learning with Error (LWE) concept. I will demonstrate LWE encryption in a way that is understandable to somebody who knows Gaussian elimination (this is taught at middle school). Other lattice-based systems (especially NTRU) use truncated polynomials, which I will also explain in a simple way.
Code-based systems:
McEliece and a few other asymmetric ciphers are based on error correction codes. While teaching the whole McEliece algorithm might be too complex for a 44CON presentation, it is certainly possible to explain error correction codes and the main McEliece fundamentals.
Non-commutative systems:
There are nice ways to explain non-commutative groups and the crypto systems based on these, using everyday-life examples. Especially, twisting a Rubik’s Cube and plaiting a braid are easy-to-understand group operations a crypto system can be built on.
Multivariate systems:
Multivariate crypto can be explained to somebody who knows Gaussian elimination.
Hash-based signatures: If properly explained, Hash-based signatures are easier to understand than any other asymmetric crypto scheme.
I will explain these systems with cartoons, drawings, photographs, a Rubik’s Cube and other items.
In addition, I will give a short introduction to quantum computers and the current Post-Quantum Crypto Competition (organised by US authority NIST).
The document discusses digital logic design topics including:
1. Boolean algebra concepts such as binary operators, postulates, theorems, and switching functions.
2. Logic minimization techniques for reducing switching functions to canonical forms such as sum of products.
3. Combinational logic circuits including implementation of Boolean functions using gates.
4. Sequential logic circuits and algorithmic state machines.
The document describes a cryptography homework assignment involving decrypting a message encrypted with a Caesar cipher using a permuted alphabet. It provides the encrypted message, problem statement, and details on cryptanalysis methods to determine the permuted alphabet and decrypt the message. The cryptanalysis involves comparing letter frequencies in the encrypted message to expected English letter frequencies to estimate the permutation used. Code is provided to implement this cryptanalysis, including building a permuted alphabet from letter counts and sorting by frequency to map letters between alphabets.
The document summarizes a presentation titled "Yoyak" given by Heejong Lee at ScalaDays 2015. The presentation introduces Yoyak, a static analysis framework developed by the speaker. It covers the following topics:
- Static analysis and abstract interpretation theory
- Implementation highlights of the Yoyak framework
- Experiences using Scala in developing Yoyak
- The roadmap for future development of Yoyak
This document provides an overview of TensorFlow and how to implement machine learning models using TensorFlow. It discusses:
1) How to install TensorFlow either directly or within a virtual environment.
2) The key concepts of TensorFlow including computational graphs, sessions, placeholders, variables and how they are used to define and run computations.
3) An example one-layer perceptron model for MNIST image classification to demonstrate these concepts in action.
Presented at the European Bioinformatics Institute (17th March 2017)
We often talk about good code — that we would like to write it, that there isn't enough of it, that it should not be considered an optional attribute of a codebase. We often talk about it but, when it comes to being precise, we don't always agree what constitutes good code, nor do we necessarily share a common view on its value.
DRL (Deep Reinforcement Learning) challenge on Montezuma's Revenge is presented. The score and the rooms reached in A3C exceed that of DeepMind. This is English translation of my Japanese slide + some update. (updated 2017/7/22)
I changed http server. See following for result of experiment: http://35.197.57.214/
(I'd like to update slide, but re-upload function was already lost form SlideShare)
The document discusses digital logic design topics including:
1. Boolean algebra concepts such as binary operators, postulates, theorems, and switching functions.
2. Logic minimization techniques for reducing switching functions to canonical forms such as sum of products.
3. Combinational logic circuits including implementation of Boolean functions using gates.
4. Sequential logic circuits and algorithmic state machines.
The document describes a cryptography homework assignment involving decrypting a message encrypted with a Caesar cipher using a permuted alphabet. It provides the encrypted message, problem statement, and details on cryptanalysis methods to determine the permuted alphabet and decrypt the message. The cryptanalysis involves comparing letter frequencies in the encrypted message to expected English letter frequencies to estimate the permutation used. Code is provided to implement this cryptanalysis, including building a permuted alphabet from letter counts and sorting by frequency to map letters between alphabets.
The document summarizes a presentation titled "Yoyak" given by Heejong Lee at ScalaDays 2015. The presentation introduces Yoyak, a static analysis framework developed by the speaker. It covers the following topics:
- Static analysis and abstract interpretation theory
- Implementation highlights of the Yoyak framework
- Experiences using Scala in developing Yoyak
- The roadmap for future development of Yoyak
This document provides an overview of TensorFlow and how to implement machine learning models using TensorFlow. It discusses:
1) How to install TensorFlow either directly or within a virtual environment.
2) The key concepts of TensorFlow including computational graphs, sessions, placeholders, variables and how they are used to define and run computations.
3) An example one-layer perceptron model for MNIST image classification to demonstrate these concepts in action.
Presented at the European Bioinformatics Institute (17th March 2017)
We often talk about good code — that we would like to write it, that there isn't enough of it, that it should not be considered an optional attribute of a codebase. We often talk about it but, when it comes to being precise, we don't always agree what constitutes good code, nor do we necessarily share a common view on its value.
DRL (Deep Reinforcement Learning) challenge on Montezuma's Revenge is presented. The score and the rooms reached in A3C exceed that of DeepMind. This is English translation of my Japanese slide + some update. (updated 2017/7/22)
I changed http server. See following for result of experiment: http://35.197.57.214/
(I'd like to update slide, but re-upload function was already lost form SlideShare)
There are two types of ciphers - Block and Stream. Block is used to .docxrelaine1
This document provides an overview of different modes of operation for ciphers including Electronic Code Book (ECB) mode, Cipher Block Chaining (CBC) mode, Output Feedback (OFB) mode, and Counter (CTR) mode. It explains the basic operations of each mode, such as how plaintext blocks are encrypted and how subsequent blocks depend on previous encrypted blocks. Weaknesses of the DES cipher are also discussed, noting it was withdrawn in 2005 due to insufficient security. The document then provides an example of applying CBC mode to DES encryption.
Prime numbers are important building blocks of mathematics. They are used in many encryption techniques because it is difficult to find the prime factors of a number but easy to multiply prime numbers. This property makes prime numbers suitable for ensuring secure communication and transactions. However, current primality tests that determine if a number is prime are probabilistic and have a small chance of error. Faster deterministic tests are needed to securely use larger prime numbers for stronger encryption.
The presentation is an introduction to AI (deep learning). The key to success with AI is “asking good questions.” The talk was given in "Seminar in Information Systems and Applications" at National Tsing Hua University in Taiwan. During this talk, we discussed what a good question is, how we use design thinking process to improve our question, and how can we “answer” the question by deep learning.
During the continuous mORMot refactoring, some core part of the framework was rewritten. In this session, we propose a journey to a refactoring of a single loop. It will take us from a naïve but working approach, to a 10 times faster Pascal rewrite, and then introduce how SSE2 and AVX2 assembly could boost the process even further – to reach more than 30 times improvement! No previous knowledge of assembly is needed: we will try to introduce how modern CPUs work, and will have some fun with algorithms and SIMD parallelism.
Cryptography for Developers provides an overview of cryptography concepts for developers. It defines cryptography as the encryption of plaintext into ciphertext and back again. It discusses symmetric and asymmetric cryptography, including examples like the Caesar cipher. It covers hashing of passwords for storage and discusses popular algorithms like MD5 and SHA-2. The document also summarizes public key cryptography techniques like RSA and references materials for further learning.
Engineering Fast Indexes for Big-Data Applications: Spark Summit East talk by...Spark Summit
Contemporary computing hardware offers massive new performance opportunities. Yet high-performance programming remains a daunting challenge.
We present some of the lessons learned while designing faster indexes, with a particular emphasis on compressed bitmap indexes. Compressed bitmap indexes accelerate queries in popular systems such as Apache Spark, Git, Elastic, Druid and Apache Kylin.
This document provides an overview of neural networks for classification and prediction tasks. It discusses the basic components of neural networks including inputs, labels, weights, biases, hidden layers, and activation functions. It also covers common algorithms like stochastic gradient descent for training neural networks to minimize a cost function. Popular tools for building neural networks like Torch, Theano, and Caffe are also mentioned.
Cryptography: way to Arkham - Andriy SavchenkoRuby Meditation
This document discusses cryptography concepts including one-way hash functions, symmetric encryption using the Vigenère cipher, and asymmetric encryption using a simple RSA example. It provides sample code to demonstrate encrypting and decrypting messages using a basic public/private key pair. The document also briefly outlines the Secure Remote Password protocol and some considerations for implementing cryptography protocols including using the correct algorithms, versions, and avoiding partial implementations.
This document discusses constraint satisfaction problems in artificial intelligence. It defines constraint satisfaction as a technique where a problem is solved when its variable values satisfy certain constraints or rules. Constraint satisfaction problems are composed of variables, domains that specify possible values for each variable, and constraints that define acceptable relationships between values. Common problems that can be solved using constraint satisfaction include cryptography problems, map coloring problems, the n-queen problem, and crossword puzzles. The document then provides an example of solving a cryptography problem using constraint satisfaction by systematically assigning values to letters to satisfy the constraints imposed by column-wise addition.
Tokyo APAC Groundbreakers tour - The Complete Java DeveloperConnor McDonald
A look at the techniques that middle tier developers can employ to get greater value out of their applications, simply by having an understanding of how the database works and how to make it sing.
How to Use Cryptography Properly: Common Mistakes People Make When Using Cry...All Things Open
Andy Watson gave a presentation on properly using cryptography in applications. He discussed random number generation, hashing, salting passwords, key derivation functions, symmetric encryption, and common mistakes made with cryptography. The presentation covered topics like cryptographically secure random number generation, choosing secure hash functions, adding salts to hashes, using functions like PBKDF2 for key derivation, different encryption modes like ECB and GCM, and real examples of cryptography mistakes from companies like LinkedIn.
Zero Knowledge Proofs: What they are and how they workAll Things Open
Title: Zero Knowledge Proofs: What they are and how they work
Presented at All Things Open 2022
Presented by Jim Zhang
Abstract: Have you ever wanted to convince the security guard at the bar that you are over the legal drinking age, but didn’t want to tell them how old you are? Use a zero knowledge proof! Zero knowledge proofs (or ZKPs) are a powerful cryptographic technology that are being used to build privacy-preserving blockchains, next-generation digital identities, and many other things. Come and learn more about what Zero Knowledge Proofs are and how they work.
Error detection enhanced decoding of difference set codes for memory applicat...Sherin Deena Sam
This document discusses error detection techniques for memory applications using difference set codes. It begins by introducing difference set codes and the (21,11) difference set code. It then describes the conventional decoder for this code and issues with silent data corruption when decoding words with 3 or more errors. The document proposes an error detection majority logic decoding technique that can detect errors in 3 cycles to reduce latency and detect uncorrectable errors. This approach avoids the issues with the conventional decoder while enhancing error detection capabilities for memory applications.
The document provides an overview of the Advanced Encryption Standard (AES) algorithm. It defines key terms like block, state, and XOR used in AES. It then describes the AES algorithm which works by repeating rounds that include byte substitution, shifting rows, mixing columns, and adding a round key. The number of rounds depends on the key size, being 10 for a 16-byte key and 14 for a 32-byte key. Encryption and decryption are similar processes performed in reverse order.
The RSA algorithm describes how to generate a public/private key pair for encryption. It involves choosing prime numbers p and q, computing n as their product, and using n to calculate the public and private keys. The Diffie-Hellman key exchange allows two parties to agree on a shared secret key over an insecure channel by each selecting a private value and computing a public value from it. They can then use the exchanged public values to independently derive the same shared key. MD5 and SHA-1 are cryptographic hash functions, with SHA-1 having a larger state size, more rounds, different bitwise functions, and preprocessing the message words differently than MD5.
This document summarizes Claire Le Goues' presentation on automatic patch generation. It discusses using genetic programming techniques like genetic algorithms to evolve program repairs by mutating candidate patches that represent AST-level edits to the program. Patches are validated against test cases to evaluate fitness. Approaches like GenProg use this to do a biased, random search for patches, while Angelix uses symbolic execution and constraint solving to determine an expression's angelic value that would make a test pass and then uses program synthesis to construct a replacement expression. The document provides examples of applying these techniques to automatically repair bugs like off-by-one errors and buffer overflows.
They're All Scorpions - Successful SecOps in a Hostile Workplace - Pete Herzo...44CON
Your job is to secure operations. But nobody listens to you. There’s no budget. Management keeps making bad security decisions that seem to sabotage your efforts. Do you flee or do you try harder? The security books, blogs, and tweeting pundits out there tell us we need to learn the language of business. We need to put risk in terms of money that management understands. We need to be like the management we’re trying to protect. And that’s where it all falls apart. The security to business relationship is often textbook abusive codependency. You do well and nobody notices. You fail and you get fired or worse- shamed by your peers over social media for whatever the company releases as the statement for the breach. So how do you do SecOps under those conditions? This talk will focus on new ways to approach SecOps to face the challenges you have today with business demands. We will look at new security research that will make a difference for how you do your job. Most of all we will show you technical security practices to help you sustain your new found stance.
Using SmartNICs to Provide Better Data Center Security - Jack Matheson - 44CO...44CON
This document discusses the capabilities of SmartNICs and how they can address challenges in modern data centers. It describes how SmartNICs can offload processing tasks from servers to improve efficiency. It also explains how SmartNICs provide security benefits through isolation and embedded computing functions. The document provides examples of how SmartNICs can implement network functions like firewalls through open virtual switch software and customized packet processing rules. It suggests SmartNICs could potentially access host memory to gain visibility into the server for monitoring and security applications while running analysis functions in an isolated trusted domain on the SmartNIC.
More Related Content
Similar to How to Explain Post-Quantum Cryptography to a Middle School Student - Klaus Schmeh - 44CON 2018
There are two types of ciphers - Block and Stream. Block is used to .docxrelaine1
This document provides an overview of different modes of operation for ciphers including Electronic Code Book (ECB) mode, Cipher Block Chaining (CBC) mode, Output Feedback (OFB) mode, and Counter (CTR) mode. It explains the basic operations of each mode, such as how plaintext blocks are encrypted and how subsequent blocks depend on previous encrypted blocks. Weaknesses of the DES cipher are also discussed, noting it was withdrawn in 2005 due to insufficient security. The document then provides an example of applying CBC mode to DES encryption.
Prime numbers are important building blocks of mathematics. They are used in many encryption techniques because it is difficult to find the prime factors of a number but easy to multiply prime numbers. This property makes prime numbers suitable for ensuring secure communication and transactions. However, current primality tests that determine if a number is prime are probabilistic and have a small chance of error. Faster deterministic tests are needed to securely use larger prime numbers for stronger encryption.
The presentation is an introduction to AI (deep learning). The key to success with AI is “asking good questions.” The talk was given in "Seminar in Information Systems and Applications" at National Tsing Hua University in Taiwan. During this talk, we discussed what a good question is, how we use design thinking process to improve our question, and how can we “answer” the question by deep learning.
During the continuous mORMot refactoring, some core part of the framework was rewritten. In this session, we propose a journey to a refactoring of a single loop. It will take us from a naïve but working approach, to a 10 times faster Pascal rewrite, and then introduce how SSE2 and AVX2 assembly could boost the process even further – to reach more than 30 times improvement! No previous knowledge of assembly is needed: we will try to introduce how modern CPUs work, and will have some fun with algorithms and SIMD parallelism.
Cryptography for Developers provides an overview of cryptography concepts for developers. It defines cryptography as the encryption of plaintext into ciphertext and back again. It discusses symmetric and asymmetric cryptography, including examples like the Caesar cipher. It covers hashing of passwords for storage and discusses popular algorithms like MD5 and SHA-2. The document also summarizes public key cryptography techniques like RSA and references materials for further learning.
Engineering Fast Indexes for Big-Data Applications: Spark Summit East talk by...Spark Summit
Contemporary computing hardware offers massive new performance opportunities. Yet high-performance programming remains a daunting challenge.
We present some of the lessons learned while designing faster indexes, with a particular emphasis on compressed bitmap indexes. Compressed bitmap indexes accelerate queries in popular systems such as Apache Spark, Git, Elastic, Druid and Apache Kylin.
This document provides an overview of neural networks for classification and prediction tasks. It discusses the basic components of neural networks including inputs, labels, weights, biases, hidden layers, and activation functions. It also covers common algorithms like stochastic gradient descent for training neural networks to minimize a cost function. Popular tools for building neural networks like Torch, Theano, and Caffe are also mentioned.
Cryptography: way to Arkham - Andriy SavchenkoRuby Meditation
This document discusses cryptography concepts including one-way hash functions, symmetric encryption using the Vigenère cipher, and asymmetric encryption using a simple RSA example. It provides sample code to demonstrate encrypting and decrypting messages using a basic public/private key pair. The document also briefly outlines the Secure Remote Password protocol and some considerations for implementing cryptography protocols including using the correct algorithms, versions, and avoiding partial implementations.
This document discusses constraint satisfaction problems in artificial intelligence. It defines constraint satisfaction as a technique where a problem is solved when its variable values satisfy certain constraints or rules. Constraint satisfaction problems are composed of variables, domains that specify possible values for each variable, and constraints that define acceptable relationships between values. Common problems that can be solved using constraint satisfaction include cryptography problems, map coloring problems, the n-queen problem, and crossword puzzles. The document then provides an example of solving a cryptography problem using constraint satisfaction by systematically assigning values to letters to satisfy the constraints imposed by column-wise addition.
Tokyo APAC Groundbreakers tour - The Complete Java DeveloperConnor McDonald
A look at the techniques that middle tier developers can employ to get greater value out of their applications, simply by having an understanding of how the database works and how to make it sing.
How to Use Cryptography Properly: Common Mistakes People Make When Using Cry...All Things Open
Andy Watson gave a presentation on properly using cryptography in applications. He discussed random number generation, hashing, salting passwords, key derivation functions, symmetric encryption, and common mistakes made with cryptography. The presentation covered topics like cryptographically secure random number generation, choosing secure hash functions, adding salts to hashes, using functions like PBKDF2 for key derivation, different encryption modes like ECB and GCM, and real examples of cryptography mistakes from companies like LinkedIn.
Zero Knowledge Proofs: What they are and how they workAll Things Open
Title: Zero Knowledge Proofs: What they are and how they work
Presented at All Things Open 2022
Presented by Jim Zhang
Abstract: Have you ever wanted to convince the security guard at the bar that you are over the legal drinking age, but didn’t want to tell them how old you are? Use a zero knowledge proof! Zero knowledge proofs (or ZKPs) are a powerful cryptographic technology that are being used to build privacy-preserving blockchains, next-generation digital identities, and many other things. Come and learn more about what Zero Knowledge Proofs are and how they work.
Error detection enhanced decoding of difference set codes for memory applicat...Sherin Deena Sam
This document discusses error detection techniques for memory applications using difference set codes. It begins by introducing difference set codes and the (21,11) difference set code. It then describes the conventional decoder for this code and issues with silent data corruption when decoding words with 3 or more errors. The document proposes an error detection majority logic decoding technique that can detect errors in 3 cycles to reduce latency and detect uncorrectable errors. This approach avoids the issues with the conventional decoder while enhancing error detection capabilities for memory applications.
The document provides an overview of the Advanced Encryption Standard (AES) algorithm. It defines key terms like block, state, and XOR used in AES. It then describes the AES algorithm which works by repeating rounds that include byte substitution, shifting rows, mixing columns, and adding a round key. The number of rounds depends on the key size, being 10 for a 16-byte key and 14 for a 32-byte key. Encryption and decryption are similar processes performed in reverse order.
The RSA algorithm describes how to generate a public/private key pair for encryption. It involves choosing prime numbers p and q, computing n as their product, and using n to calculate the public and private keys. The Diffie-Hellman key exchange allows two parties to agree on a shared secret key over an insecure channel by each selecting a private value and computing a public value from it. They can then use the exchanged public values to independently derive the same shared key. MD5 and SHA-1 are cryptographic hash functions, with SHA-1 having a larger state size, more rounds, different bitwise functions, and preprocessing the message words differently than MD5.
This document summarizes Claire Le Goues' presentation on automatic patch generation. It discusses using genetic programming techniques like genetic algorithms to evolve program repairs by mutating candidate patches that represent AST-level edits to the program. Patches are validated against test cases to evaluate fitness. Approaches like GenProg use this to do a biased, random search for patches, while Angelix uses symbolic execution and constraint solving to determine an expression's angelic value that would make a test pass and then uses program synthesis to construct a replacement expression. The document provides examples of applying these techniques to automatically repair bugs like off-by-one errors and buffer overflows.
Similar to How to Explain Post-Quantum Cryptography to a Middle School Student - Klaus Schmeh - 44CON 2018 (20)
They're All Scorpions - Successful SecOps in a Hostile Workplace - Pete Herzo...44CON
Your job is to secure operations. But nobody listens to you. There’s no budget. Management keeps making bad security decisions that seem to sabotage your efforts. Do you flee or do you try harder? The security books, blogs, and tweeting pundits out there tell us we need to learn the language of business. We need to put risk in terms of money that management understands. We need to be like the management we’re trying to protect. And that’s where it all falls apart. The security to business relationship is often textbook abusive codependency. You do well and nobody notices. You fail and you get fired or worse- shamed by your peers over social media for whatever the company releases as the statement for the breach. So how do you do SecOps under those conditions? This talk will focus on new ways to approach SecOps to face the challenges you have today with business demands. We will look at new security research that will make a difference for how you do your job. Most of all we will show you technical security practices to help you sustain your new found stance.
Using SmartNICs to Provide Better Data Center Security - Jack Matheson - 44CO...44CON
This document discusses the capabilities of SmartNICs and how they can address challenges in modern data centers. It describes how SmartNICs can offload processing tasks from servers to improve efficiency. It also explains how SmartNICs provide security benefits through isolation and embedded computing functions. The document provides examples of how SmartNICs can implement network functions like firewalls through open virtual switch software and customized packet processing rules. It suggests SmartNICs could potentially access host memory to gain visibility into the server for monitoring and security applications while running analysis functions in an isolated trusted domain on the SmartNIC.
JARVIS never saw it coming: Hacking machine learning (ML) in speech, text and...44CON
Exploits, Backdoors, and Hacks: words we do not commonly hear when speaking of Machine Learning (ML). In this talk, I will present the relatively new field of hacking and manipulate machine learning systems and the potential these techniques pose for active offensive research.
The study of Adversarial ML allows us to leverage the techniques used by these algorithms to find weak points and exploit them in order to achieve:
Unexpected consequences (why did it decide this rifle is a banana?)
Data leakage (how did they know Joe has diabetes)
Memory corruption and other exploitation techniques (boom! RCE)
Influence the output
In other words, while ML is great at identifying and classifying patterns, an attacker can take advantage of this and take control of the system.
This talk is an extension of research made by many people, including presenters at DefCon, CCC, and others – a live demo will be shown on stage!
Garbage In, RCE Out :)
Reverse Engineering and Bug Hunting on KMDF Drivers - Enrique Nissim - 44CON ...44CON
Numerous technical articles, presentations, and even books exists about reverse engineering the Windows Driver Model (WDM) for purposes that vary from simply understanding how a specific driver works, to malware analysis and bug hunting. On the other hand, Microsoft has been providing the Kernel Mode Driver Framework (KMDF) for quite a while and we now see more and more drivers shifting to this framework instead of interacting directly with the OS like in the old WDM times. Yet, there is close to no information on how to approach this model from a reverse engineering and offensive standpoint.
In this presentation, I will first do a quick recap on WDM drivers, its common structures, and how to identify its entry points. Then I’ll introduce KMDF with all its relevant functions for reverse engineering through a set of case-studies. I’ll describe how to interact with a KMDF device object through SetupDI api and how to find and analyze the different IO queues dispatch routines. Does the framework actually enhances security? We’ll come to a conclusion after revealing some major vendor implementation problems.
Armed with this knowledge, you will be able to run your own bug hunting session over any KMDF driver.
The UK's Code of Practice for Security in Consumer IoT Products and Services ...44CON
The document discusses the UK's Code of Practice for Consumer IoT Security. It provides context on why the code was developed, including to address risks from poorly secured IoT devices. The code outlines 13 security practices for IoT manufacturers, including not using default passwords and keeping software updated. The document also discusses options for regulating adherence to the code and challenges in enforcing security standards.
Weak analogies make poor realities – are we sitting on a Security Debt Crisis...44CON
Cyber Security is often framed in terms of ‘Risk’- the possibility of suffering harm or loss – and the ‘Management’ of Risk to reduce uncertainty. This is familiar territory for businesses. Cyber Security falls in neatly under Risk Management, is assigned a suitable place on the organigramme, tossed some spare budget and granted a few paragraphs in the board report. NIST defines Risk as a ‘function of the likelihood of a given threat-source’s exercising a particular potential vulnerability, and the resulting impact of that adverse event on the organisation’.
Key theme:
This presentation explores the idea that making cyber security analogous to risk is holding us back. How about we talk about security ‘debt’ instead? Technical Debt is already a well understood concept in software development – the cost of additional rework caused by choosing an easy solution now instead of using a better approach that would take longer or cost more. Changing our language changes how we think and how we behave. This presentation argues that such a change could have a significant impact on software security.
In this presentation we will comment on the power of ‘analogies’ and how they’ve shaped our industry. We’ll then consider the difference between the ‘security as risk’ and the ‘security as debt’ paradigms and explore how changing paradigms may change the way we think about, talk about and measure software security. We believe this could have a very empowering effect on development managers and other security professionals who are struggling to articulate the relative benefits of security (or a lack of security) to a software product.
Con speakers fear the Nerf gun. Overrun your talk time at your peril; Steve will shoot your arse with extreme prejudice until you STFU. We had to find a way to pwn the gun and shoot him back.
That’s when we found the Nerf Terrascout: a remote tank gun controlled over 2.4GHz, with a video feed to the remote, complete with crosshairs.
At first, we thought this would be a trivial job: figure out the RF and take control. It turned in to a mammoth hardware, firmware and RF reversing project.
This puppy is so over-specced it would drive you to tears.
The talk will cover the fails, hair loss and eventual success. There won’t be any smart dildos in it, though some of the techniques used are equally suited to teledildonics exploitation, if that’s your thing.
Reversing RF in a high frequency environment using SDRs is challenging. We’ll discuss how we worked around these issues using hardware reversing skills.
We had to import hardware from China for this project, which we could then programme ourselves using SPI, impersonate the legitimate controller and ‘jack the tank gun.
This talk will of course include a live demonstration of hijacking the tank gun and (possibly) shooting Steve.
Security module for php7 – Killing bugclasses and virtual-patching the rest! ...44CON
Presented by: Julien Voisin and Thibault Koechlin
Suhosin is a great PHP module, but unfortunately, it’s getting old, new ways have been found to compromise PHP applications, and some aren’t working anymore; and it doesn’t play well with the shiny new PHP 7. As a secure web-hosting company, we needed a reliable and future-proof solution to address the flow of new vulnerabilities that are published every day. This is why we developed Snuffleupagus, a new (and open-source!) PHP security module, that provides several features that we needed: passively killing several PHP-specific bug classes, but also implementing virtual-patching at the PHP level, allowing to patch vulnerabilities in a precise, false-positive-free, ultra-low overhead way, without even touching the applications’ code.
44CON London 2015 - Stegosploit - Drive-by Browser Exploits using only Images44CON
Saumil Shah presents Stegosploit, a technique for hiding browser exploits in images using steganography. The encoded exploit payload is hidden in the least significant bits of image pixels. When the image is loaded in a browser, the encoded exploit is automatically decoded and triggered without any visual distortion of the image. This allows delivering browser exploits covertly via innocent-looking images. Shah outlines various techniques for encoding exploits in JPEG and PNG images while overcoming lossy compression. The presentation concludes with discussions on the offensive opportunities and defensive challenges of such image-based attacks.
44CON London 2015 - Is there an EFI monster inside your apple?44CON
This document discusses EFI (Extensible Firmware Interface) and potential threats from EFI rootkits. It begins with an introduction to EFI and how it has replaced BIOS. It describes how EFI initializes systems at a low level and provides modular and feature-rich access. It then discusses potential malicious actions such as persisting across operating system reinstalls and bypassing full-disk encryption. It provides examples of real EFI rootkits and vulnerabilities discovered. It discusses tools and techniques for dumping and analyzing EFI contents, including the different regions stored in flash memory. Finally, it outlines the EFI boot process and programming interfaces.
44CON London 2015 - Indicators of Compromise: From malware analysis to eradic...44CON
This document discusses detecting and analyzing indicators of compromise from a malware infection. It describes collecting data from firewalls, IDS/IPS, proxies, DNS logs, and system logs to detect suspicious activity. Once a potential malware sample is acquired, static and dynamic analysis techniques are used to analyze its behavior and identify indicators that can be used to detect infected machines, like created files, registry keys, and network traffic. These indicators are expressed using tools like Yara rules and Snort signatures to enable detection of the compromise across an environment.
44CON London 2015 - How to drive a malware analyst crazy44CON
This document discusses techniques that malware authors use to frustrate malware analysts, including inserting breakpoints, manipulating timing functions, exploiting Windows internals, anti-dumping measures, and virtual machine detection. The author then provides recommendations for malware analysts to identify and circumvent these anti-analysis techniques.
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis44CON
This document summarizes a talk on conducting a 15-minute Linux live analysis to determine if a system has been hacked with minimal disturbance. The talk discusses opening a case, collecting key system data like processes and users through scripted network listeners, and analyzing the data to look for signs of compromise. It also covers next steps like dead analysis if evidence of hacking is found. The goal is to quickly identify breaches while preserving evidence through an automated and mostly non-invasive process.
44CON London 2015 - Going AUTH the Rails on a Crazy Train44CON
This document provides an overview of authentication and authorization in Ruby on Rails applications. It discusses how Rails handles authentication and authorization out of the box, as well as common gems used to add these capabilities like Devise and CanCan. It also covers topics like session management, password resets, and potential security issues to consider like the password reset type confusion vulnerability.
44CON London 2015 - Software Defined Networking (SDN) Security44CON
This document provides an overview of software-defined networking (SDN) security. It begins with an introduction to SDN and explains how decoupling the control plane from the data plane creates new attack surfaces. It then discusses recent SDN vulnerabilities in controllers like OpenDaylight and ONOS. Defensive technologies like Topoguard and security-mode ONOS are presented. The document concludes with recommendations for secure SDN development practices and a vision for improving the security of OpenDaylight.
44CON London 2015 - DDoS mitigation EPIC FAIL collection44CON
This document discusses strategies for conducting distributed denial-of-service (DDoS) attacks and bypassing common DDoS mitigation tactics. It begins with an introduction to DDoS and then outlines four pillars of amplification attacks: amplification factors, network usage, CPU usage, memory usage, and storage usage. The document then discusses 10 common DDoS mitigation practices and provides recommendations for how to bypass each one through various amplification techniques, protocol abuse, and other attack methods. It concludes by noting that effective DDoS mitigation requires a holistic approach and cannot be solved through any single technology.
44CON London 2015 - Hunting Asynchronous Vulnerabilities44CON
This document discusses asynchronous vulnerabilities and callback-oriented hacking techniques. It describes how asynchronous issues are often invisible and outlines solutions using callbacks, such as through DNS requests. It provides examples of payload techniques for issues like SQL injection, command injection, and XSS that call out to an external domain to confirm exploitation. Finally, it notes hazards like friendly fire and ways adversaries may detect the callbacks.
44CON London 2015 - Reverse engineering and exploiting font rasterizers: the ...44CON
A stack-based buffer overflow vulnerability was discovered in FreeType's CFF rasterizer during fuzz testing. The vulnerability occurs when building the hintmap data structure in the cf2_hintmap_build function. By analyzing the source code, it appears the vulnerability is caused by insufficient bounds checking when accessing the hint mask array via the maskPtr pointer, allowing writes beyond the end of the allocated buffer. This highlights the ongoing need to fuzz test font parsing libraries given the complexity of font formats and opportunity for security issues.
44CON London 2015 - Jtagsploitation: 5 wires, 5 ways to root44CON
The document discusses 5 ways to exploit JTAG (Joint Test Action Group) interfaces to gain unauthorized access or privileges on a system. The 5 techniques are: 1) Accessing non-volatile storage like flash memory via boundary scan, 2) Scraping memory for offline forensic analysis, 3) Patching boot arguments to change how the system boots, 4) Directly patching the kernel by modifying code or function pointers in memory, and 5) Patching a specific process by searching memory for its code and modifying it. While some techniques like memory scraping are slow, others like boot argument patching or kernel patching can be done quickly and provide privileged access. JTAG interfaces provide I/O, execution control, and memory access that enable
44CON London 2015 - reverse reverse engineering44CON
This document discusses techniques for reverse engineering obfuscated Ruby bytecode. It introduces Unrubby, a tool that hooks into the Ruby VM to intercept and dump bytecode as it is executed. By leveraging the dynamic nature of Ruby, Unrubby is able to "unfurl" metaprogramming and expose dynamically generated methods. The author demonstrates using Unrubby to deobfuscate code and discusses challenges in defeating such a tool.
Things to Consider When Choosing a Website Developer for your Website | FODUUFODUU
Choosing the right website developer is crucial for your business. This article covers essential factors to consider, including experience, portfolio, technical skills, communication, pricing, reputation & reviews, cost and budget considerations and post-launch support. Make an informed decision to ensure your website meets your business goals.
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
OpenID AuthZEN Interop Read Out - AuthorizationDavid Brossard
During Identiverse 2024 and EIC 2024, members of the OpenID AuthZEN WG got together and demoed their authorization endpoints conforming to the AuthZEN API
Infrastructure Challenges in Scaling RAG with Custom AI modelsZilliz
Building Retrieval-Augmented Generation (RAG) systems with open-source and custom AI models is a complex task. This talk explores the challenges in productionizing RAG systems, including retrieval performance, response synthesis, and evaluation. We’ll discuss how to leverage open-source models like text embeddings, language models, and custom fine-tuned models to enhance RAG performance. Additionally, we’ll cover how BentoML can help orchestrate and scale these AI components efficiently, ensuring seamless deployment and management of RAG systems in the cloud.
Generating privacy-protected synthetic data using Secludy and MilvusZilliz
During this demo, the founders of Secludy will demonstrate how their system utilizes Milvus to store and manipulate embeddings for generating privacy-protected synthetic data. Their approach not only maintains the confidentiality of the original data but also enhances the utility and scalability of LLMs under privacy constraints. Attendees, including machine learning engineers, data scientists, and data managers, will witness first-hand how Secludy's integration with Milvus empowers organizations to harness the power of LLMs securely and efficiently.
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc
How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024?
In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores.
See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe.
This webinar will review:
- The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey
- The top challenges for privacy leaders, practitioners, and organizations in 2024
- Key themes to consider in developing and maintaining your privacy program
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
Your One-Stop Shop for Python Success: Top 10 US Python Development Providersakankshawande
Simplify your search for a reliable Python development partner! This list presents the top 10 trusted US providers offering comprehensive Python development services, ensuring your project's success from conception to completion.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slackshyamraj55
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
Monitoring and Managing Anomaly Detection on OpenShift.pdfTosin Akinosho
Monitoring and Managing Anomaly Detection on OpenShift
Overview
Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices.
Key Topics Covered
1. Introduction to Anomaly Detection
- Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems.
2. Understanding Edge (IoT)
- Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source.
3. What is ArgoCD?
- Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices.
4. Deployment Using ArgoCD for Edge Devices
- Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD.
5. Introduction to Apache Kafka and S3
- Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions.
6. Viewing Kafka Messages in the Data Lake
- Learn how to view and analyze Kafka messages stored in a data lake for better insights.
7. What is Prometheus?
- Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices.
8. Monitoring Application Metrics with Prometheus
- Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system.
9. What is Camel K?
- Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes.
10. Configuring Camel K Integrations for Data Pipelines
- Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow.
11. What is a Jupyter Notebook?
- Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text.
12. Jupyter Notebooks with Code Examples
- Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.
Fueling AI with Great Data with Airbyte WebinarZilliz
This talk will focus on how to collect data from a variety of sources, leveraging this data for RAG and other GenAI use cases, and finally charting your course to productionalization.
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/building-and-scaling-ai-applications-with-the-nx-ai-manager-a-presentation-from-network-optix/
Robin van Emden, Senior Director of Data Science at Network Optix, presents the “Building and Scaling AI Applications with the Nx AI Manager,” tutorial at the May 2024 Embedded Vision Summit.
In this presentation, van Emden covers the basics of scaling edge AI solutions using the Nx tool kit. He emphasizes the process of developing AI models and deploying them globally. He also showcases the conversion of AI models and the creation of effective edge AI pipelines, with a focus on pre-processing, model conversion, selecting the appropriate inference engine for the target hardware and post-processing.
van Emden shows how Nx can simplify the developer’s life and facilitate a rapid transition from concept to production-ready applications.He provides valuable insights into developing scalable and efficient edge AI solutions, with a strong focus on practical implementation.
Best 20 SEO Techniques To Improve Website Visibility In SERPPixlogix Infotech
Boost your website's visibility with proven SEO techniques! Our latest blog dives into essential strategies to enhance your online presence, increase traffic, and rank higher on search engines. From keyword optimization to quality content creation, learn how to make your site stand out in the crowded digital landscape. Discover actionable tips and expert insights to elevate your SEO game.
8. Prime Multiplication
1723 = ? 377 = ??
Prime Factorization
easy difficult
Prime Multiplication
is a one-way
function
9. RSA crypto system is based
on prime multiplication
1723 =
391
Alice's public keyAlice's private key
Prime numbers used in
practice have >500 digits
10. Up to a key
length of 5 bits.
Future versions will be
more powerful.
I can break RSA within
seconds.
12. We need to study quantum-
proof alternatives!
RSA and some other encryption methods can
be broken by a quantum computer!
13. Six crypto system families are
believed to be quantum proof.
lattice-based
crypto
non-commutative
crypto
multivariate
crypto
code-based
crypto
hash-based
crypto
None of them is in
wide-spread use so far.
isogeny-based
crypto
I can only cover
four today.
14. US authority NIST has
started a competition! NIST post quantum competition
69 algorithms submitted
The best ones shall be
chosen until around 2023
20. The "closest
lettuce" problem
Which lettuce point is
closest to the snail?
a
b Easy to answer, if good
base is known
d
c
Hard to answer, if only
bad base is known
Easy to answer for two-
dimensional lettuce fields
But if we deal with
250 dimensions?
21. This can be
regarded as one-
way function
Placing a snail next to
a lattuce point is easy
Finding the closest
lattuce point is difficult
(if only bad base is
available)
d
c
22. Goldreich–Goldwasser–Halevi (GGH) encryption
Let's now look at a
lettuce-based
encryption scheme!
Message
b
a
Alice's private key
good base
d
c
Alice's public key
bad base
Bob
Alice can decrypt
because she
knows good base
23. Can GGH be broken with a
quantum computer?
No.
24. Is GGH a good
scheme? No, it is broken.
But there are
other lettuce
methods.
25. For instance Learning with
Errors (LWE) methods.
At first sight, LWE
has nothing to do
with lattices ...
26. 294·x + 629·y + 321·z = 38 (mod 797)
701·x + 29·y + 91·z = 462 (mod 797)
613·x + 339·y + 201·z = 636 (mod 797)
256·x + 94·y + 115·z = 522 (mod 797)
704·x + 629·y + 322·z = 477 (mod 797)
391·x + 23·y + 743·z = 213 (mod 797)
290·x + 620·y + 201·z = 40 (mod 797)
211·x + 339·y + 381·z = 510 (mod 797)
Let's look at this
system of equations!
There are
more
equations
than
variables
It is solvable anyway: x=3,
y=7, z=6!
28. 294·x + 629·y + 321·z = 38 (mod 797)
701·x + 29·y + 91·z = 462 (mod 797)
613·x + 339·y + 201·z = 636 (mod 797)
256·x + 94·y + 115·z = 522 (mod 797)
704·x + 629·y + 322·z = 477 (mod 797)
391·x + 23·y + 743·z = 213 (mod 797)
290·x + 620·y + 201·z = 40 (mod 797)
211·x + 339·y + 381·z = 510 (mod 797)
+1
-2
+1
-1
+1
+2
Can the errors be
detected without
knowing x, y, and
z?
39
460
523
212
42
511
636
477
Let's assume, only the
incorrect results are
known.
Learning with Errors (LWE) problem
Yes, but it's laborious!
29. This leads us to a
one-way function!
Adding errors to an equation system is simple Finding these errors is difficult
This can be used for asymmetric encryption!
Learning with Errors one-way function
32. If Bob wants to encrypt 0:
he adds 1 to the result
If Bob wants to encrypt 1:
he adds 399 to the result
How Bob encrypts one bit
400·x + 791·y + 723·z = 718 (mod 797) 400·x + 791·y + 723·z = 319 (mod 797)
400·x + 791·y + 723·z = 717 (mod 797)
Knows x,y and z
She can easily check if error in result
(718 or 319) is small or great
Alice
Bob
Attacker needs to solve the LWE problem
small error great error
33. Nice algorithm, but it
encrypts only one bit.
Yes, but there are more
powerful LWE schemes.
34. An what has Regev to do
with lattices?
I'll show
you.
35. An equation system
can be thought of
as lettuce field.
Each
column
is a
vector
Attacker needs to solve the closest lettuce problem
Encryption
0: snail close to lettuce
1: halfway between two lettuces
Decryption
Alice knows x, y and z
she knows the lettuce point
She can tell if message is 0 or 1
Message=0
Message=1
36. Are there other lettuce-
based systems? Yes, NTRU, Peikert,
New Hope, ...
37. There are many of this kind
in the competition. NIST post quantum competition
69 algorithms submitted
Lattice
27
Lettuce
43. Transmit-three-times code
01010010 01010010 01010010
Error correction code
We need better error correction
codes than this one.
This isn't rocket
science!
Error correction code
44. 1 0 1 0 1 1 1 1 1 0 1 0 1 1
Linear error
correction code
5 bit 9 bit
1 0 1 0 1 1 1 1 0 1 0 1 1 0
Linear error
correction code
4 bit 10 bit
Maximum of errors corrected: overhead/2
Linear error
correction codes
46. Adding errors
is easy
Here is a one-
way function!
Finding these
errors is difficult
1011001010101010010101 ... 100
Error
correction
code
01001010 ... 010 0 0 1
In general, there
are exceptions
48. Here's how
to encrypt
Ciphertext
10100110101011011101111011010011010101101110111101
Random number
010111101010110111011110110100010111101010110111011110110001101010110111011110111010101101110111101
McEliece Encryption
Difficult error
correction code
Alices public key
0 0 0 0 0111 1 1
Bob
Introduces errors
(plaintext)
1 0 1 0 1 1 0 1
1 0 1 0 1 1 0 1
0 0 1 0 0 1 0 1
0 0 1 0 1 0 0 1
1 0 1 0 1 1 0 1
Can find errors
(=plaintext) with easy
error correction code
Alice
49. overhead: 1547 bit
5413 bit
Alices Public Key
0101111010101101110111101101000101111010101101110111101100011010101..............1110111010101101110111101
6960 bit
Bob introduces 119 errors
0 0 0 0 0111 1 1
010111101010110111011110110101011011101111011000110101011011................10101101110111101
Size of public key: about 1MB
Parameters
in practice
50. NIST post quantum competition
69 algorithms submitted
Lattice
Code
27
21
Lettuce
21 algorithms in the
competition are code-based.
51. NIST post quantum competition
69 algorithms submitted
Lattice
Code
27
21
Lettuce
Thanks for coming,
Mr. rocket scientist.
59. Move Sequence Negation
A
A-A
Move sequences
can be negated.
elimination
-A
(opposite moves, reverse order)
A-A = 0
eliminations
elimination
60. Conjugacy Problem
Difficult to solve it
Here's a one-
way function.
A: move sequence
B: move sequence
A B
=
-XX
? ? ? ???
Find X, for which X+A-X = B
Easy to set up such a problem
61. Equal
Can be used
as key
Stickel Key Exchange
Eavesdropper needs to solve
the conjugacy problem
Alice
Private key:
m, n
Bob
Private key:
r,s
m A + n B
r A + s B
K = mA+rA + sB+nB K = rA+mA + nB+sB
A quantum-
proof key
exchange
A: move sequence
B: move sequence
Similar to
Diffie-Hellman
(not quantum-
proof)
62. NIST post quantum competition
69 algorithms submitted
Lattice
Code
Non-commutative
27
21
1 Lettuce
Only one non-commutative algorithm,
but no Rubik's Cube algorithm.
66. Yes. But can I
look at it first?
Would you like to
buy an island?
$10000
$15000
67.
68. Yes, I buy / No, I don't
Both can cheat!
Alice can send a yes and
later say it was a no.
The salesman can say "it was a yes",
though it was a no.
69. Yes, I buy.
Alice
No, I don't buy.
Alice
Safe 1 Safe 2
Combination safe 1
or
Combination safe 2
Alices
private
key
Alices
public
key
Alice has to reveal half of
her private key
=> She can use it only once
70. No, I don't buy.
Alice
Yes, I buy.
Alice
This scheme can also be
used in a digital way.
Hash-based signatures
One-way function
(e.g. SHA-2)
Random number 2
Random number 2
Hashing value of
random number 1
Hashing value of
random number 2
For signing a bit, Alice publishes
message 1 or message 2
Alices
private
key
Alices
public
key
72. NIST post quantum competition
69 algorithms submitted
Lattice
Code
Non-commutative
Hash
27
21
2 Lettuce1
Two of the algorithms in the
competition are hash-based.
73. NIST post quantum competition
69 algorithms submitted
Thanks, Mr.
salesman!
Lattice
Code
Non-commutative
Hash
27
21
2 Lettuce1
74. One more look at
the competition NIST post quantum competition
69 algorithms submitted
Lattice
Code
Multivariate
Non-commutative
Hash
Others
27
21
11
1
62
Isogeny
Lettuce
75. This was our post
quantum overview. NIST post quantum competition
69 algorithms submitted
Lattice
Code
Multivariate
Non-commutative
Hash
Others
27
21
11
1
62
I'm sure, we'll see
some of these
algorithms in practice.
Isogeny
Lettuce