SlideShare a Scribd company logo

SMIMP Lightning Talk - DEFCON CryptoVillage

Download as PPTX, PDF
Adam Caudill
Adam Caudill

Short talk on the SMIMP project given at DEFCON.

Technology
1 of 9
SMIMP, Email, Superglue A discussion on the state of email security, and options for a path forward.
Email security today...
The Email Failfest ● Assumes network is trusted ● Assumes servers are trusted ● Assumes the sender is who they claim ● Doesn't prevent content modification ● Doesn't protect content
Torch it, or keep trying to fix it? Keep: ● Massive user base ● Deeply entrenched ● Universal support Torch: ● Do it right ● Strong crypto ● Better privacy
SMIMP: A Micro Introduction ● End-to-end Crypto (curve25519) ● Forward secrecy (loosely based on TextSecure) ● Integrated public key discovery ● Hash-chain to detect profile alteration ● Dynamic Hashcash-like proof of work ● Transported over HTTPS (firewall friendly, harder to block or inspect)
The Two Sides of SMIMP Identity ● Name ● Public Ed25519 key ● Web site ● Social profiles Messaging ● Multiple message types ● Whitelist / blacklist / anti-spam ● Simple JSON format
What's the status today? ● Spec work still ongoing ● No code written ● Needs more feedback
Thanks! smimp.org github.com/smimp/smimp_spec adam@adamcaudill.com @adamcaudill

Recommended

Security awareness training
Security awareness trainingSecurity awareness training
Security awareness trainingSumedt Jitpukdebodin
 
TSC Summit #4 - Howto get browser persitence and remote execution (JS)
TSC Summit #4 - Howto get browser persitence and remote execution (JS)TSC Summit #4 - Howto get browser persitence and remote execution (JS)
TSC Summit #4 - Howto get browser persitence and remote execution (JS)Mikal Villa
 
Trusted Types - Securing the DOM from the bottom up (JSNation Amsterdam)
Trusted Types - Securing the DOM from the bottom up (JSNation Amsterdam)Trusted Types - Securing the DOM from the bottom up (JSNation Amsterdam)
Trusted Types - Securing the DOM from the bottom up (JSNation Amsterdam)Krzysztof Kotowicz
 
Let's Encrypt
Let's EncryptLet's Encrypt
Let's EncryptAmjad Mashaal
 
Web security at Meteor (Pivotal Labs)
Web security at Meteor (Pivotal Labs)Web security at Meteor (Pivotal Labs)
Web security at Meteor (Pivotal Labs)Emily Stark
 
Rd mongo-meetup-2013-05-21
Rd mongo-meetup-2013-05-21Rd mongo-meetup-2013-05-21
Rd mongo-meetup-2013-05-21Claire Willett
 
Trusted Types and the end of DOM XSS
Trusted Types and the end of DOM XSSTrusted Types and the end of DOM XSS
Trusted Types and the end of DOM XSSKrzysztof Kotowicz
 
Security in PHP Applications: An absolute must!
Security in PHP Applications: An absolute must!Security in PHP Applications: An absolute must!
Security in PHP Applications: An absolute must!Mark Niebergall
 

Recommended

Security awareness training
Security awareness trainingSecurity awareness training
Security awareness trainingSumedt Jitpukdebodin
 
TSC Summit #4 - Howto get browser persitence and remote execution (JS)
TSC Summit #4 - Howto get browser persitence and remote execution (JS)TSC Summit #4 - Howto get browser persitence and remote execution (JS)
TSC Summit #4 - Howto get browser persitence and remote execution (JS)Mikal Villa
 
Trusted Types - Securing the DOM from the bottom up (JSNation Amsterdam)
Trusted Types - Securing the DOM from the bottom up (JSNation Amsterdam)Trusted Types - Securing the DOM from the bottom up (JSNation Amsterdam)
Trusted Types - Securing the DOM from the bottom up (JSNation Amsterdam)Krzysztof Kotowicz
 
Let's Encrypt
Let's EncryptLet's Encrypt
Let's EncryptAmjad Mashaal
 
Web security at Meteor (Pivotal Labs)
Web security at Meteor (Pivotal Labs)Web security at Meteor (Pivotal Labs)
Web security at Meteor (Pivotal Labs)Emily Stark
 
Rd mongo-meetup-2013-05-21
Rd mongo-meetup-2013-05-21Rd mongo-meetup-2013-05-21
Rd mongo-meetup-2013-05-21Claire Willett
 
Trusted Types and the end of DOM XSS
Trusted Types and the end of DOM XSSTrusted Types and the end of DOM XSS
Trusted Types and the end of DOM XSSKrzysztof Kotowicz
 
Security in PHP Applications: An absolute must!
Security in PHP Applications: An absolute must!Security in PHP Applications: An absolute must!
Security in PHP Applications: An absolute must!Mark Niebergall
 
Trusted Types @ W3C TPAC 2018
Trusted Types @ W3C TPAC 2018Trusted Types @ W3C TPAC 2018
Trusted Types @ W3C TPAC 2018Krzysztof Kotowicz
 
BlockChain Basic Concepts
BlockChain Basic ConceptsBlockChain Basic Concepts
BlockChain Basic ConceptsMuLearn
 
cross document messaging, html 5
cross document messaging, html 5cross document messaging, html 5
cross document messaging, html 5Kristoffer Snabb
 
22S kickoff 2.0 (kickoff + anonymity talk)
22S kickoff 2.0 (kickoff + anonymity talk)22S kickoff 2.0 (kickoff + anonymity talk)
22S kickoff 2.0 (kickoff + anonymity talk)UTD Computer Security Group
 
Ssl certificate in internet world
Ssl certificate in internet worldSsl certificate in internet world
Ssl certificate in internet worldjamesbarns729
 
UTD Computer Security Group - Cracking the domain
UTD Computer Security Group - Cracking the domainUTD Computer Security Group - Cracking the domain
UTD Computer Security Group - Cracking the domainUTD Computer Security Group
 
Java script, security and you - Tri-Cities Javascript Developers Group
Java script, security and you - Tri-Cities Javascript Developers GroupJava script, security and you - Tri-Cities Javascript Developers Group
Java script, security and you - Tri-Cities Javascript Developers GroupAdam Caudill
 
Body parts
Body partsBody parts
Body partsJuan Pablo Franco Perdomo
 
User research when you can’t reach your users
User research when you can’t reach your usersUser research when you can’t reach your users
User research when you can’t reach your usersDesign for Drupal, Boston
 
Responsive js
Responsive jsResponsive js
Responsive jsDesign for Drupal, Boston
 
Cooperatives and Collectives - Think Outside the Boss
Cooperatives and Collectives - Think Outside the BossCooperatives and Collectives - Think Outside the Boss
Cooperatives and Collectives - Think Outside the BossDesign for Drupal, Boston
 
Clothes
ClothesClothes
ClothesJuan Pablo Franco Perdomo
 
Fans fans sepakbola
Fans fans sepakbola Fans fans sepakbola
Fans fans sepakbola Apriyantowijaya
 
Oomph - Community, Drupal & Business
Oomph - Community, Drupal & BusinessOomph - Community, Drupal & Business
Oomph - Community, Drupal & BusinessDesign for Drupal, Boston
 
Real-Time Multi-Device Theming
Real-Time Multi-Device ThemingReal-Time Multi-Device Theming
Real-Time Multi-Device ThemingDesign for Drupal, Boston
 
Enhancing Design with Adaptive Content
Enhancing Design with Adaptive ContentEnhancing Design with Adaptive Content
Enhancing Design with Adaptive ContentDesign for Drupal, Boston
 
Body parts
Body partsBody parts
Body partsJuan Pablo Franco Perdomo
 
SC Magazine Congress Chicago - BadUSB & Beyond
SC Magazine Congress Chicago - BadUSB & BeyondSC Magazine Congress Chicago - BadUSB & Beyond
SC Magazine Congress Chicago - BadUSB & BeyondAdam Caudill
 
Coopify Feasbility Study
Coopify Feasbility StudyCoopify Feasbility Study
Coopify Feasbility StudyStephanie Nussbaum
 
DerbyCon 2014 - Making BadUSB Work For You
DerbyCon 2014 - Making BadUSB Work For YouDerbyCon 2014 - Making BadUSB Work For You
DerbyCon 2014 - Making BadUSB Work For YouAdam Caudill
 
From User Personas to Testing: A Project Manager's Journey Towards Behat
From User Personas to Testing: A Project Manager's Journey Towards BehatFrom User Personas to Testing: A Project Manager's Journey Towards Behat
From User Personas to Testing: A Project Manager's Journey Towards BehatDesign for Drupal, Boston
 
Introduction to Web Application Security - Blackhoodie US 2018
Introduction to Web Application Security - Blackhoodie US 2018Introduction to Web Application Security - Blackhoodie US 2018
Introduction to Web Application Security - Blackhoodie US 2018Niranjanaa Ragupathy
 

More Related Content

What's hot

BlockChain Basic Concepts
BlockChain Basic ConceptsBlockChain Basic Concepts
BlockChain Basic ConceptsMuLearn
 
cross document messaging, html 5
cross document messaging, html 5cross document messaging, html 5
cross document messaging, html 5Kristoffer Snabb
 
Ssl certificate in internet world
Ssl certificate in internet worldSsl certificate in internet world
Ssl certificate in internet worldjamesbarns729
 
UTD Computer Security Group - Cracking the domain
UTD Computer Security Group - Cracking the domainUTD Computer Security Group - Cracking the domain
UTD Computer Security Group - Cracking the domainUTD Computer Security Group
 

What's hot (6)

Trusted Types @ W3C TPAC 2018
Trusted Types @ W3C TPAC 2018Trusted Types @ W3C TPAC 2018
Trusted Types @ W3C TPAC 2018
 
BlockChain Basic Concepts
BlockChain Basic ConceptsBlockChain Basic Concepts
BlockChain Basic Concepts
 
cross document messaging, html 5
cross document messaging, html 5cross document messaging, html 5
cross document messaging, html 5
 
22S kickoff 2.0 (kickoff + anonymity talk)
22S kickoff 2.0 (kickoff + anonymity talk)22S kickoff 2.0 (kickoff + anonymity talk)
22S kickoff 2.0 (kickoff + anonymity talk)
 
Ssl certificate in internet world
Ssl certificate in internet worldSsl certificate in internet world
Ssl certificate in internet world
 
UTD Computer Security Group - Cracking the domain
UTD Computer Security Group - Cracking the domainUTD Computer Security Group - Cracking the domain
UTD Computer Security Group - Cracking the domain
 

Viewers also liked

Java script, security and you - Tri-Cities Javascript Developers Group
Java script, security and you - Tri-Cities Javascript Developers GroupJava script, security and you - Tri-Cities Javascript Developers Group
Java script, security and you - Tri-Cities Javascript Developers GroupAdam Caudill
 
User research when you can’t reach your users
User research when you can’t reach your usersUser research when you can’t reach your users
User research when you can’t reach your usersDesign for Drupal, Boston
 
Cooperatives and Collectives - Think Outside the Boss
Cooperatives and Collectives - Think Outside the BossCooperatives and Collectives - Think Outside the Boss
Cooperatives and Collectives - Think Outside the BossDesign for Drupal, Boston
 
SC Magazine Congress Chicago - BadUSB & Beyond
SC Magazine Congress Chicago - BadUSB & BeyondSC Magazine Congress Chicago - BadUSB & Beyond
SC Magazine Congress Chicago - BadUSB & BeyondAdam Caudill
 
DerbyCon 2014 - Making BadUSB Work For You
DerbyCon 2014 - Making BadUSB Work For YouDerbyCon 2014 - Making BadUSB Work For You
DerbyCon 2014 - Making BadUSB Work For YouAdam Caudill
 
From User Personas to Testing: A Project Manager's Journey Towards Behat
From User Personas to Testing: A Project Manager's Journey Towards BehatFrom User Personas to Testing: A Project Manager's Journey Towards Behat
From User Personas to Testing: A Project Manager's Journey Towards BehatDesign for Drupal, Boston
 

Viewers also liked (15)

Java script, security and you - Tri-Cities Javascript Developers Group
Java script, security and you - Tri-Cities Javascript Developers GroupJava script, security and you - Tri-Cities Javascript Developers Group
Java script, security and you - Tri-Cities Javascript Developers Group
 
Body parts
Body partsBody parts
Body parts
 
User research when you can’t reach your users
User research when you can’t reach your usersUser research when you can’t reach your users
User research when you can’t reach your users
 
Responsive js
Responsive jsResponsive js
Responsive js
 
Cooperatives and Collectives - Think Outside the Boss
Cooperatives and Collectives - Think Outside the BossCooperatives and Collectives - Think Outside the Boss
Cooperatives and Collectives - Think Outside the Boss
 
Clothes
ClothesClothes
Clothes
 
Fans fans sepakbola
Fans fans sepakbola Fans fans sepakbola
Fans fans sepakbola
 
Oomph - Community, Drupal & Business
Oomph - Community, Drupal & BusinessOomph - Community, Drupal & Business
Oomph - Community, Drupal & Business
 
Real-Time Multi-Device Theming
Real-Time Multi-Device ThemingReal-Time Multi-Device Theming
Real-Time Multi-Device Theming
 
Enhancing Design with Adaptive Content
Enhancing Design with Adaptive ContentEnhancing Design with Adaptive Content
Enhancing Design with Adaptive Content
 
Body parts
Body partsBody parts
Body parts
 
SC Magazine Congress Chicago - BadUSB & Beyond
SC Magazine Congress Chicago - BadUSB & BeyondSC Magazine Congress Chicago - BadUSB & Beyond
SC Magazine Congress Chicago - BadUSB & Beyond
 
Coopify Feasbility Study
Coopify Feasbility StudyCoopify Feasbility Study
Coopify Feasbility Study
 
DerbyCon 2014 - Making BadUSB Work For You
DerbyCon 2014 - Making BadUSB Work For YouDerbyCon 2014 - Making BadUSB Work For You
DerbyCon 2014 - Making BadUSB Work For You
 
From User Personas to Testing: A Project Manager's Journey Towards Behat
From User Personas to Testing: A Project Manager's Journey Towards BehatFrom User Personas to Testing: A Project Manager's Journey Towards Behat
From User Personas to Testing: A Project Manager's Journey Towards Behat
 

Similar to SMIMP Lightning Talk - DEFCON CryptoVillage

Introduction to Web Application Security - Blackhoodie US 2018
Introduction to Web Application Security - Blackhoodie US 2018Introduction to Web Application Security - Blackhoodie US 2018
Introduction to Web Application Security - Blackhoodie US 2018Niranjanaa Ragupathy
 
Course_Presentation cyber --------------.pptx
Course_Presentation cyber --------------.pptxCourse_Presentation cyber --------------.pptx
Course_Presentation cyber --------------.pptxssuser020436
 
Security .NET.pdf
Security .NET.pdfSecurity .NET.pdf
Security .NET.pdfAbhi Jain
 
Are you weak in the middle?
Are you weak in the middle?Are you weak in the middle?
Are you weak in the middle?FSCONS
 
Echoworx Encryption Delivery Methods
Echoworx Encryption Delivery MethodsEchoworx Encryption Delivery Methods
Echoworx Encryption Delivery MethodsEchoworx
 
BSides Rochester 2018: Chaim Sanders: How the Cookie Crumbles: Modern HTTP St...
BSides Rochester 2018: Chaim Sanders: How the Cookie Crumbles: Modern HTTP St...BSides Rochester 2018: Chaim Sanders: How the Cookie Crumbles: Modern HTTP St...
BSides Rochester 2018: Chaim Sanders: How the Cookie Crumbles: Modern HTTP St...JosephTesta9
 
curl and new technologies
curl and new technologiescurl and new technologies
curl and new technologiesDaniel Stenberg
 
Tuenti: Web Application Security
Tuenti: Web Application SecurityTuenti: Web Application Security
Tuenti: Web Application SecurityTuenti
 
Tuenti: Web Application Security
Tuenti: Web Application SecurityTuenti: Web Application Security
Tuenti: Web Application SecurityGuille -bisho-
 
CISSP Week 13
CISSP Week 13CISSP Week 13
CISSP Week 13jemtallon
 
Trusted Email Server DKIM, SPF, DMARC, RDNS
Trusted Email Server DKIM, SPF, DMARC, RDNSTrusted Email Server DKIM, SPF, DMARC, RDNS
Trusted Email Server DKIM, SPF, DMARC, RDNSGLC Networks
 
apsec SEPPmail Email Security Gateway
apsec SEPPmail Email Security Gatewayapsec SEPPmail Email Security Gateway
apsec SEPPmail Email Security Gatewayandreasschuster
 

Similar to SMIMP Lightning Talk - DEFCON CryptoVillage (20)

Introduction to Web Application Security - Blackhoodie US 2018
Introduction to Web Application Security - Blackhoodie US 2018Introduction to Web Application Security - Blackhoodie US 2018
Introduction to Web Application Security - Blackhoodie US 2018
 
Course_Presentation cyber --------------.pptx
Course_Presentation cyber --------------.pptxCourse_Presentation cyber --------------.pptx
Course_Presentation cyber --------------.pptx
 
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail SecurityCRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
 
Forward Secrecy
Forward SecrecyForward Secrecy
Forward Secrecy
 
Security .NET.pdf
Security .NET.pdfSecurity .NET.pdf
Security .NET.pdf
 
Are you weak in the middle?
Are you weak in the middle?Are you weak in the middle?
Are you weak in the middle?
 
email.ppt
email.pptemail.ppt
email.ppt
 
Email2
Email2Email2
Email2
 
Protobuff and gRPC
Protobuff and gRPCProtobuff and gRPC
Protobuff and gRPC
 
Echoworx Encryption Delivery Methods
Echoworx Encryption Delivery MethodsEchoworx Encryption Delivery Methods
Echoworx Encryption Delivery Methods
 
BSides Rochester 2018: Chaim Sanders: How the Cookie Crumbles: Modern HTTP St...
BSides Rochester 2018: Chaim Sanders: How the Cookie Crumbles: Modern HTTP St...BSides Rochester 2018: Chaim Sanders: How the Cookie Crumbles: Modern HTTP St...
BSides Rochester 2018: Chaim Sanders: How the Cookie Crumbles: Modern HTTP St...
 
curl and new technologies
curl and new technologiescurl and new technologies
curl and new technologies
 
Tuenti: Web Application Security
Tuenti: Web Application SecurityTuenti: Web Application Security
Tuenti: Web Application Security
 
Tuenti: Web Application Security
Tuenti: Web Application SecurityTuenti: Web Application Security
Tuenti: Web Application Security
 
CISSP Week 13
CISSP Week 13CISSP Week 13
CISSP Week 13
 
Trusted Email Server DKIM, SPF, DMARC, RDNS
Trusted Email Server DKIM, SPF, DMARC, RDNSTrusted Email Server DKIM, SPF, DMARC, RDNS
Trusted Email Server DKIM, SPF, DMARC, RDNS
 
Websec
WebsecWebsec
Websec
 
Web security 101
Web security 101Web security 101
Web security 101
 
apsec SEPPmail Email Security Gateway
apsec SEPPmail Email Security Gatewayapsec SEPPmail Email Security Gateway
apsec SEPPmail Email Security Gateway
 
Email security
Email securityEmail security
Email security
 

Recently uploaded

🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 

Recently uploaded (20)

🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 

SMIMP Lightning Talk - DEFCON CryptoVillage

  • 1.
  • 2. SMIMP, Email, Superglue A discussion on the state of email security, and options for a path forward.
  • 4. The Email Failfest ● Assumes network is trusted ● Assumes servers are trusted ● Assumes the sender is who they claim ● Doesn't prevent content modification ● Doesn't protect content
  • 5. Torch it, or keep trying to fix it? Keep: ● Massive user base ● Deeply entrenched ● Universal support Torch: ● Do it right ● Strong crypto ● Better privacy
  • 6. SMIMP: A Micro Introduction ● End-to-end Crypto (curve25519) ● Forward secrecy (loosely based on TextSecure) ● Integrated public key discovery ● Hash-chain to detect profile alteration ● Dynamic Hashcash-like proof of work ● Transported over HTTPS (firewall friendly, harder to block or inspect)
  • 7. The Two Sides of SMIMP Identity ● Name ● Public Ed25519 key ● Web site ● Social profiles Messaging ● Multiple message types ● Whitelist / blacklist / anti-spam ● Simple JSON format
  • 8. What's the status today? ● Spec work still ongoing ● No code written ● Needs more feedback