SlideShare a Scribd company logo

Expert guide driving license cryptography

Download as PPTX, PDF
team-WIBU
team-WIBU

Applying cryptography is like driving a car. Just as you first have to learn what all the controls are for before you can go zipping down the interstate, first you must become familiar with basic cryptographic methods. And just like yesterday’s trendy car is no longer in vogue today, obsolescence in security is accelerating. CodeMeter® offers a wide range of cryptographic methods and harnesses Wibu-Systems’ vast experience and knowledge. Nevertheless, even great technologies like CodeMeter may fail if they have been implemented poorly or without the necessary safety precautions. An essential key point is the secure storage of private and secret keys; the first question you should ask yourself is where you should be storing your licenses. CmDongle, the hardware-based protection vessel, offers an impenetrable fortress. CmActLicense, the software-based container, is available with a unique and proprietary technology, SmartBind®. The private and secret keys are stored in an encrypted license file whose key is the fingerprint of the specific PC to which the license file is bound. How to operate encryption is your second important decision; that should depend on the kind of application you have developed and the threat scenario you are going to face in your business model. Finally, there are many cool facts: did you know that in Counter Mode (CTR), encryption with AES is really just about XOR? For example, consider a database field with a Boolean value. A simple encryption with AES returns exactly two possible encrypted values. This means that an attacker would actually be able to derive the unencrypted value for all records by knowing just one record. In this presentation, we discuss: - HASH functions * SHA 256 * Symmetric encryption - AES 128 * Direct encryption in CmContainer * Indirect encryption * Encryption without CmContainer * Selection of the most appropriate operating mode - Asymmetric encryption * ECC 224 * RSA 2048 Watch the webinar: https://youtu.be/1YC-g_KYXfw

Software
1 of 34
Your driving license to expert cryptography Rüdiger Kügler | Professional Services ruediger.kuegler@wibu.com Alvaro Forero | Security Expert Alvaro.Forero@wibu.com CodeMeter
Epic Fails Female / Male flag encrypted Medical Records with AES-CTR Encrypted Picture with AES-ECB 2014-09-04 Your driving license to expert cryptography 2
Encrypted Female / Male Flag 2014-09-04 Your driving license to expert cryptography 3  Implementation:  Field gets filled with „0“  Field gets encrypted with AES  Mistake  Entropie of data is too low  IV and Padding with „0“  Hack  Guess the meaning of the encrypted field
Database Dump (Excerpt) 2014-09-04 Your driving license to expert cryptography 4 ID LastName Gender 442225 782B9CAB890DB937C3A48DBD39F426A4 E37CD363DD7C87A09AFF0E3E60E09C82 33273 4A453644D133566ADC04B7A478A5A5AD E37CD363DD7C87A09AFF0E3E60E09C82 483916 77CF3A86923DEB80434F16646DE7DB7F C6A13B37878F5B826F4F8162A1C8D879 137333 F7A846F8F336B511D2B01444BEFBA18B E37CD363DD7C87A09AFF0E3E60E09C82 147607 851DD615E24D586E0F232DD2FFC573A9 C6A13B37878F5B826F4F8162A1C8D879 303044 19B0930C53F45AC14360E2F3A3B04EF7 C6A13B37878F5B826F4F8162A1C8D879 916345 5BEBF00AF658C1256C0821553C35FAC3 E37CD363DD7C87A09AFF0E3E60E09C82 777169 19B0930C53F45AC14360E2F3A3B04EF7 C6A13B37878F5B826F4F8162A1C8D879 154800 19B0930C53F45AC14360E2F3A3B04EF7 C6A13B37878F5B826F4F8162A1C8D879
Encrypted Female / Male Flag 2014-09-04 Your driving license to expert cryptography 5  Implementation:  Field gets filled with „0“  Field gets encrypted with AES  Mistake  Entropie of data is too low  IV and Padding with „0“  Hack  Guess the meaning of the encrypted field Secure solution Data becomes more, either:  Initialization Vector,  Nonce or  Fill up to 16 bytes with random data.
Encrypted Medical Record 2014-09-04 Your driving license to expert cryptography 6  Implementation  Encryption of xml/docx with AES-CTR  Mistake  Implementation fault, Nonce was set to „0“  Hack  Steal encrypted database  Get own record as plain text  Record = MyPlainRecord XOR MyEncRecord XOR EncRecord EncRecord MyPlainRecord MyEncRecord Record
Encrypted Picture 2014-09-04 Your driving license to expert cryptography 7 Electronic Codebook Cipher-Block Chaining ECB does not hide structure of data.
Cryptography - Basics Symmetric Encryption Hash Functions Asymmetric Encryption 2014-09-04 Your driving license to expert cryptography 8
Symmetric Encryption Data Encrypted Data Encrypted Data Data Shared Key Shared Key 2014-09-04 Your driving license to expert cryptography 9
Hash Data Hash (Digest) Data Hash (Digest) 2014-09-04 Your driving license to expert cryptography 10
Hash with Salt Data Hash (Digest) Data Hash (Digest) Salt Salt 2014-09-04 Your driving license to expert cryptography 11
Signatures Data Private Key Hash (Digest) Signature Yes / No Public Key Data Hash (Digest)Signature Signature 2014-09-04 Your driving license to expert cryptography 12
Asymmetric Encryption Data Encrypted Data Encrypted Data Data Public Key Private Key 2014-09-04 Your driving license to expert cryptography 13
Block Cipher Modes Electronic Codebook (ECB) Cipher-Block Chaining (CBC) Counter (CTR) 2014-09-04 Your driving license to expert cryptography 14
Electronic Codebook (ECB) – Encryption 2014-09-04 Your driving license to expert cryptography 15 Plaintext Ciphertext AES Encryption Plaintext Ciphertext AES Encryption Plaintext Ciphertext AES Encryption
Electronic Codebook (ECB) – Decryption 2014-09-04 Your driving license to expert cryptography 16 Ciphertext Plaintext AES Decryption Ciphertext Plaintext AES Decryption Ciphertext Plaintext AES Decryption
Cipher-Block Chaining (CBC) – Encryption 2014-09-04 Your driving license to expert cryptography 17 Plaintext Ciphertext AES Encryption IV Plaintext Ciphertext AES Encryption Plaintext Ciphertext AES Encryption
Cipher-Block Chaining (CBC) – Decryption 2014-09-04 Your driving license to expert cryptography 18 Ciphertext Plaintext AES Decryption IV Ciphertext Plaintext AES Decryption Ciphertext Plaintext AES Decryption
Counter (CTR) – Encryption 2014-09-04 Your driving license to expert cryptography 19 Plaintext Ciphertext AES Encryption Counter (0) Nonce Add Plaintext Ciphertext AES Encryption Counter (1) Nonce Add Plaintext Ciphertext AES Encryption Counter (2) Nonce Add
Counter (CTR) – Decryption 2014-09-04 Your driving license to expert cryptography 20 Ciphertext Plaintext AES Encryption Counter (0) Nonce Add Ciphertext Plaintext AES Encryption Counter (1) Nonce Add Ciphertext Plaintext AES Encryption Counter (2) Nonce Add
CodeMeter API Encrypting Data Signature API Key Storage 2014-09-04 Your driving license to expert cryptography 21
CodeMeter API – Supported Algorithms  Symmetric Encryption: AES 128 bit  Asymmetric Encryption: ECC 224 bit  Signatures: ECC 224 bit (ECDSA)  Hash: SHA 256  Legacy: RSA 2048 bit 2014-09-04 Your driving license to expert cryptography 22
CodeMeter API – Key Sources  FirmKey with key derivation  Direct (ECB)  Indirect (ECB, CBC) using P1363 KDF2  Secret Data / Hidden Data with key derivation  Direct (ECB)  Indirect (ECB, CBC) using P1363 KDF2  Secret Data / Hidden Data without key derivation  Direct (ECB) 2014-09-04 Your driving license to expert cryptography 23
Key Derivation – Firm Key – Direct 2014-09-04 Your driving license to expert cryptography 24 Plaintext CmDongle AES ECBSHA 256 Firm Code Product Code Feature Code Release Data Encryption Code Enc. Code Options Feature Map Maint. Period Black Key Firm Key Ciphertext Product Code Firm Code
Key Derivation – Secret Data / Hidden Data – Direct 2014-09-04 Your driving license to expert cryptography 25 Plaintext CmDongle AES ECBSHA 256 Firm Code Product Code Feature Code Release Data Encryption Code Enc. Code Options Feature Map Maint. Period Black Key Secret Data Ciphertext Product Code Firm Code
Key Derivation – Firm Key – Indirect (Default Scheme) 2014-09-04 Your driving license to expert cryptography 26 InitKey Plaintext CmDongle AES ECBSHA 256 Firm Code Product Code Feature Code Release Data Encryption Code Enc. Code Options Feature Map Maint. Period Black Key Firm Key Ciphertext Product Code Firm Code KDF2 P1363 AES
Key Derivation – Secret Data / Hidden Data – Indirect 2014-09-04 Your driving license to expert cryptography 27 InitKey Plaintext CmDongle AES ECBSHA 256 Firm Code Product Code Feature Code Release Data Encryption Code Enc. Code Options Feature Map Maint. Period Black Key Secret Data Ciphertext Product Code Firm Code KDF2 P1363 AES
Without Key Derivation – Secret Data / Hidden Data – Direct 2014-09-04 Your driving license to expert cryptography 28 Plaintext CmDongle AES ECB Firm Code Product Code Feature Map Maint. Period Black Key Secret Data Ciphertext
CodeMeter Use Cases Challenge Response Check Known Shared Secret Encrypted Communication 2014-09-04 Your driving license to expert cryptography 29
Challenge Response Check  Make sure valid CmDongle is present  Private Key in CmDongle (with license, same for all customers)  Public Key in software  Software generates challenge  CmDongle signs challenge  Software checks response  Avoids record playback attacks on CmDongle  Avoids simulation of CmDongle 2014-09-04 Your driving license to expert cryptography 30
Known Shared Secret 2014-09-04 Your driving license to expert cryptography 31  Secure storage of AES key, which can be used on PC  Store AES key as Secret Data  Use Secret Data as key source for direct encryption  Sample scenario:  Communication between embedded device / cloud and PC  Keys on embedded device / cloud are already stored securely  Usage of dongle on PC  Avoids duplication of AES key on PC
Encrypted Communication 2014-09-04 Your driving license to expert cryptography 32  Transmitting fishing journal from fishing vessel to central server (satellite)  Requirements: Authentic & Confidential  Implementation:  Key pair on server / key pair on each vessel  Journal gets encrypted with public key of server  Journal gets signed with private key of vessel  Result: Authentic and Confidential journal 603 4711
Summary 2014-09-04 Your driving license to expert cryptography 33  Start with threat analysis  Select the right algorithm, right key length, right mode  Select the right key storage (dongle, software, cloud, …)  Avoid implementation faults  Monitor the security of your implementation Wibu Professional Services supports you during the whole process from analysis to implementation and monitoring.
Thank you very much WIBU-SYSTEMS AG www.wibu.com 2014-09-04 Your driving license to expert cryptography 34

Recommended

Operation emmental appsec
Operation emmental appsecOperation emmental appsec
Operation emmental appsecCyber Security Alliance
 
A New Pairing Free ID Based Certificate Less Digital Signature (CL-DS) Scheme...
A New Pairing Free ID Based Certificate Less Digital Signature (CL-DS) Scheme...A New Pairing Free ID Based Certificate Less Digital Signature (CL-DS) Scheme...
A New Pairing Free ID Based Certificate Less Digital Signature (CL-DS) Scheme...IJCSIS Research Publications
 
Ccna PrepCenter - IP Subnetting from Networkers
Ccna PrepCenter - IP Subnetting from NetworkersCcna PrepCenter - IP Subnetting from Networkers
Ccna PrepCenter - IP Subnetting from Networkers🎯Renatho Sinuma MBA™®🎓
 
How Automated Vulnerability Analysis Discovered Hundreds of Android 0-days
How Automated Vulnerability Analysis Discovered Hundreds of Android 0-daysHow Automated Vulnerability Analysis Discovered Hundreds of Android 0-days
How Automated Vulnerability Analysis Discovered Hundreds of Android 0-daysPriyanka Aash
 
Presentation To Vo Ip Round Table V2
Presentation To Vo Ip Round Table V2Presentation To Vo Ip Round Table V2
Presentation To Vo Ip Round Table V2Warren Bent
 
Ccna sv2 instructor_ppt_ch4
Ccna sv2 instructor_ppt_ch4Ccna sv2 instructor_ppt_ch4
Ccna sv2 instructor_ppt_ch4SalmenHAJJI1
 
Shameful secrets of proprietary network protocols
Shameful secrets of proprietary network protocolsShameful secrets of proprietary network protocols
Shameful secrets of proprietary network protocolsSlawomir Jasek
 
Ccna sv2 instructor_ppt_ch2
Ccna sv2 instructor_ppt_ch2Ccna sv2 instructor_ppt_ch2
Ccna sv2 instructor_ppt_ch2SalmenHAJJI1
 

Recommended

Operation emmental appsec
Operation emmental appsecOperation emmental appsec
Operation emmental appsecCyber Security Alliance
 
A New Pairing Free ID Based Certificate Less Digital Signature (CL-DS) Scheme...
A New Pairing Free ID Based Certificate Less Digital Signature (CL-DS) Scheme...A New Pairing Free ID Based Certificate Less Digital Signature (CL-DS) Scheme...
A New Pairing Free ID Based Certificate Less Digital Signature (CL-DS) Scheme...IJCSIS Research Publications
 
Ccna PrepCenter - IP Subnetting from Networkers
Ccna PrepCenter - IP Subnetting from NetworkersCcna PrepCenter - IP Subnetting from Networkers
Ccna PrepCenter - IP Subnetting from Networkers🎯Renatho Sinuma MBA™®🎓
 
How Automated Vulnerability Analysis Discovered Hundreds of Android 0-days
How Automated Vulnerability Analysis Discovered Hundreds of Android 0-daysHow Automated Vulnerability Analysis Discovered Hundreds of Android 0-days
How Automated Vulnerability Analysis Discovered Hundreds of Android 0-daysPriyanka Aash
 
Presentation To Vo Ip Round Table V2
Presentation To Vo Ip Round Table V2Presentation To Vo Ip Round Table V2
Presentation To Vo Ip Round Table V2Warren Bent
 
Ccna sv2 instructor_ppt_ch4
Ccna sv2 instructor_ppt_ch4Ccna sv2 instructor_ppt_ch4
Ccna sv2 instructor_ppt_ch4SalmenHAJJI1
 
Shameful secrets of proprietary network protocols
Shameful secrets of proprietary network protocolsShameful secrets of proprietary network protocols
Shameful secrets of proprietary network protocolsSlawomir Jasek
 
Ccna sv2 instructor_ppt_ch2
Ccna sv2 instructor_ppt_ch2Ccna sv2 instructor_ppt_ch2
Ccna sv2 instructor_ppt_ch2SalmenHAJJI1
 
Encryption symmetric key
Encryption symmetric keyEncryption symmetric key
Encryption symmetric keymdhar123
 
Easy public-private-keys-strong-authentication-using-u2 f
Easy public-private-keys-strong-authentication-using-u2 fEasy public-private-keys-strong-authentication-using-u2 f
Easy public-private-keys-strong-authentication-using-u2 fCyber Security Alliance
 
Ccna security v2 instructor_ppt_ch11
Ccna security v2 instructor_ppt_ch11Ccna security v2 instructor_ppt_ch11
Ccna security v2 instructor_ppt_ch11SalmenHAJJI1
 
Ccna sv2 instructor_ppt_ch8
Ccna sv2 instructor_ppt_ch8Ccna sv2 instructor_ppt_ch8
Ccna sv2 instructor_ppt_ch8Babaa Naya
 
Ccna sv2 instructor_ppt_ch5
Ccna sv2 instructor_ppt_ch5Ccna sv2 instructor_ppt_ch5
Ccna sv2 instructor_ppt_ch5SalmenHAJJI1
 
Ccna sv2 instructor_ppt_ch1
Ccna sv2 instructor_ppt_ch1Ccna sv2 instructor_ppt_ch1
Ccna sv2 instructor_ppt_ch1SalmenHAJJI1
 
Ccna sv2 instructor_ppt_ch6
Ccna sv2 instructor_ppt_ch6Ccna sv2 instructor_ppt_ch6
Ccna sv2 instructor_ppt_ch6SalmenHAJJI1
 
Ccna sv2 instructor_ppt_ch3
Ccna sv2 instructor_ppt_ch3Ccna sv2 instructor_ppt_ch3
Ccna sv2 instructor_ppt_ch3SalmenHAJJI1
 
Ccna security v2 instructor_ppt_ch10
Ccna security v2 instructor_ppt_ch10Ccna security v2 instructor_ppt_ch10
Ccna security v2 instructor_ppt_ch10SalmenHAJJI1
 
Ccna sv2 instructor_ppt_ch7
Ccna sv2 instructor_ppt_ch7Ccna sv2 instructor_ppt_ch7
Ccna sv2 instructor_ppt_ch7SalmenHAJJI1
 
DEVNET-1190 Targeted Threat (APT) Defense for Hosted Applications
DEVNET-1190 Targeted Threat (APT) Defense for Hosted ApplicationsDEVNET-1190 Targeted Threat (APT) Defense for Hosted Applications
DEVNET-1190 Targeted Threat (APT) Defense for Hosted ApplicationsCisco DevNet
 
אוכל מוכן לחגים
אוכל מוכן לחגיםאוכל מוכן לחגים
אוכל מוכן לחגיםהמזווה של ג'ייקוב
 
Driving license assistant
Driving license assistant Driving license assistant
Driving license assistant Gopal Yadav
 
Learners test a
Learners test aLearners test a
Learners test aKAubreyM
 
Sukanya samriddhi account new saving scheme
Sukanya samriddhi account new saving schemeSukanya samriddhi account new saving scheme
Sukanya samriddhi account new saving schemeBloggingGyaan
 
National Food Security Bill
National Food Security BillNational Food Security Bill
National Food Security BillShrinwanti Banerjee
 
How Users Can Get their Digital Driving License & Vehicle Registration from D...
How Users Can Get their Digital Driving License & Vehicle Registration from D...How Users Can Get their Digital Driving License & Vehicle Registration from D...
How Users Can Get their Digital Driving License & Vehicle Registration from D...DigiLocker
 
Secure Channels Presentation
Secure Channels PresentationSecure Channels Presentation
Secure Channels PresentationRichard Blech
 
Symmetric key encryption
Symmetric key encryptionSymmetric key encryption
Symmetric key encryptionmdhar123
 
(SEC325) Satisfy PCI Obligations While Continuing to Innovate
(SEC325) Satisfy PCI Obligations While Continuing to Innovate(SEC325) Satisfy PCI Obligations While Continuing to Innovate
(SEC325) Satisfy PCI Obligations While Continuing to InnovateAmazon Web Services
 
6DCP Presentation 2016
6DCP Presentation 20166DCP Presentation 2016
6DCP Presentation 2016Eddie Cohen
 
Analyzing 1.2 Million Network Packets per Second in Real-time
Analyzing 1.2 Million Network Packets per Second in Real-timeAnalyzing 1.2 Million Network Packets per Second in Real-time
Analyzing 1.2 Million Network Packets per Second in Real-timeDataWorks Summit
 

More Related Content

What's hot

Encryption symmetric key
Encryption symmetric keyEncryption symmetric key
Encryption symmetric keymdhar123
 
Easy public-private-keys-strong-authentication-using-u2 f
Easy public-private-keys-strong-authentication-using-u2 fEasy public-private-keys-strong-authentication-using-u2 f
Easy public-private-keys-strong-authentication-using-u2 fCyber Security Alliance
 
Ccna security v2 instructor_ppt_ch11
Ccna security v2 instructor_ppt_ch11Ccna security v2 instructor_ppt_ch11
Ccna security v2 instructor_ppt_ch11SalmenHAJJI1
 
Ccna sv2 instructor_ppt_ch8
Ccna sv2 instructor_ppt_ch8Ccna sv2 instructor_ppt_ch8
Ccna sv2 instructor_ppt_ch8Babaa Naya
 
Ccna sv2 instructor_ppt_ch5
Ccna sv2 instructor_ppt_ch5Ccna sv2 instructor_ppt_ch5
Ccna sv2 instructor_ppt_ch5SalmenHAJJI1
 
Ccna sv2 instructor_ppt_ch1
Ccna sv2 instructor_ppt_ch1Ccna sv2 instructor_ppt_ch1
Ccna sv2 instructor_ppt_ch1SalmenHAJJI1
 
Ccna sv2 instructor_ppt_ch6
Ccna sv2 instructor_ppt_ch6Ccna sv2 instructor_ppt_ch6
Ccna sv2 instructor_ppt_ch6SalmenHAJJI1
 
Ccna sv2 instructor_ppt_ch3
Ccna sv2 instructor_ppt_ch3Ccna sv2 instructor_ppt_ch3
Ccna sv2 instructor_ppt_ch3SalmenHAJJI1
 
Ccna security v2 instructor_ppt_ch10
Ccna security v2 instructor_ppt_ch10Ccna security v2 instructor_ppt_ch10
Ccna security v2 instructor_ppt_ch10SalmenHAJJI1
 
Ccna sv2 instructor_ppt_ch7
Ccna sv2 instructor_ppt_ch7Ccna sv2 instructor_ppt_ch7
Ccna sv2 instructor_ppt_ch7SalmenHAJJI1
 
DEVNET-1190 Targeted Threat (APT) Defense for Hosted Applications
DEVNET-1190 Targeted Threat (APT) Defense for Hosted ApplicationsDEVNET-1190 Targeted Threat (APT) Defense for Hosted Applications
DEVNET-1190 Targeted Threat (APT) Defense for Hosted ApplicationsCisco DevNet
 

What's hot (11)

Encryption symmetric key
Encryption symmetric keyEncryption symmetric key
Encryption symmetric key
 
Easy public-private-keys-strong-authentication-using-u2 f
Easy public-private-keys-strong-authentication-using-u2 fEasy public-private-keys-strong-authentication-using-u2 f
Easy public-private-keys-strong-authentication-using-u2 f
 
Ccna security v2 instructor_ppt_ch11
Ccna security v2 instructor_ppt_ch11Ccna security v2 instructor_ppt_ch11
Ccna security v2 instructor_ppt_ch11
 
Ccna sv2 instructor_ppt_ch8
Ccna sv2 instructor_ppt_ch8Ccna sv2 instructor_ppt_ch8
Ccna sv2 instructor_ppt_ch8
 
Ccna sv2 instructor_ppt_ch5
Ccna sv2 instructor_ppt_ch5Ccna sv2 instructor_ppt_ch5
Ccna sv2 instructor_ppt_ch5
 
Ccna sv2 instructor_ppt_ch1
Ccna sv2 instructor_ppt_ch1Ccna sv2 instructor_ppt_ch1
Ccna sv2 instructor_ppt_ch1
 
Ccna sv2 instructor_ppt_ch6
Ccna sv2 instructor_ppt_ch6Ccna sv2 instructor_ppt_ch6
Ccna sv2 instructor_ppt_ch6
 
Ccna sv2 instructor_ppt_ch3
Ccna sv2 instructor_ppt_ch3Ccna sv2 instructor_ppt_ch3
Ccna sv2 instructor_ppt_ch3
 
Ccna security v2 instructor_ppt_ch10
Ccna security v2 instructor_ppt_ch10Ccna security v2 instructor_ppt_ch10
Ccna security v2 instructor_ppt_ch10
 
Ccna sv2 instructor_ppt_ch7
Ccna sv2 instructor_ppt_ch7Ccna sv2 instructor_ppt_ch7
Ccna sv2 instructor_ppt_ch7
 
DEVNET-1190 Targeted Threat (APT) Defense for Hosted Applications
DEVNET-1190 Targeted Threat (APT) Defense for Hosted ApplicationsDEVNET-1190 Targeted Threat (APT) Defense for Hosted Applications
DEVNET-1190 Targeted Threat (APT) Defense for Hosted Applications
 

Viewers also liked

Driving license assistant
Driving license assistant Driving license assistant
Driving license assistant Gopal Yadav
 
Learners test a
Learners test aLearners test a
Learners test aKAubreyM
 
Sukanya samriddhi account new saving scheme
Sukanya samriddhi account new saving schemeSukanya samriddhi account new saving scheme
Sukanya samriddhi account new saving schemeBloggingGyaan
 
How Users Can Get their Digital Driving License & Vehicle Registration from D...
How Users Can Get their Digital Driving License & Vehicle Registration from D...How Users Can Get their Digital Driving License & Vehicle Registration from D...
How Users Can Get their Digital Driving License & Vehicle Registration from D...DigiLocker
 

Viewers also liked (6)

אוכל מוכן לחגים
אוכל מוכן לחגיםאוכל מוכן לחגים
אוכל מוכן לחגים
 
Driving license assistant
Driving license assistant Driving license assistant
Driving license assistant
 
Learners test a
Learners test aLearners test a
Learners test a
 
Sukanya samriddhi account new saving scheme
Sukanya samriddhi account new saving schemeSukanya samriddhi account new saving scheme
Sukanya samriddhi account new saving scheme
 
National Food Security Bill
National Food Security BillNational Food Security Bill
National Food Security Bill
 
How Users Can Get their Digital Driving License & Vehicle Registration from D...
How Users Can Get their Digital Driving License & Vehicle Registration from D...How Users Can Get their Digital Driving License & Vehicle Registration from D...
How Users Can Get their Digital Driving License & Vehicle Registration from D...
 

Similar to Expert guide driving license cryptography

Secure Channels Presentation
Secure Channels PresentationSecure Channels Presentation
Secure Channels PresentationRichard Blech
 
Symmetric key encryption
Symmetric key encryptionSymmetric key encryption
Symmetric key encryptionmdhar123
 
(SEC325) Satisfy PCI Obligations While Continuing to Innovate
(SEC325) Satisfy PCI Obligations While Continuing to Innovate(SEC325) Satisfy PCI Obligations While Continuing to Innovate
(SEC325) Satisfy PCI Obligations While Continuing to InnovateAmazon Web Services
 
6DCP Presentation 2016
6DCP Presentation 20166DCP Presentation 2016
6DCP Presentation 2016Eddie Cohen
 
Analyzing 1.2 Million Network Packets per Second in Real-time
Analyzing 1.2 Million Network Packets per Second in Real-timeAnalyzing 1.2 Million Network Packets per Second in Real-time
Analyzing 1.2 Million Network Packets per Second in Real-timeDataWorks Summit
 
Wireless Pentesting: It's more than cracking WEP
Wireless Pentesting: It's more than cracking WEPWireless Pentesting: It's more than cracking WEP
Wireless Pentesting: It's more than cracking WEPJoe McCray
 
Identity based proxy-oriented data uploading and
Identity based proxy-oriented data uploading andIdentity based proxy-oriented data uploading and
Identity based proxy-oriented data uploading andKamal Spring
 
Workshop on 03 11-2012
Workshop on 03 11-2012Workshop on 03 11-2012
Workshop on 03 11-2012Gaurav Gautam
 
Writing RPG Applications Using Cryptographic Services APIs
Writing RPG Applications Using Cryptographic Services APIsWriting RPG Applications Using Cryptographic Services APIs
Writing RPG Applications Using Cryptographic Services APIsCarsten Flensburg
 
Securing your Rails application
Securing your Rails applicationSecuring your Rails application
Securing your Rails applicationclucasKrof
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldCisco Canada
 
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...JPCERT Coordination Center
 
"Crypto wallets security. For developers", Julia Potapenko
"Crypto wallets security. For developers", Julia Potapenko"Crypto wallets security. For developers", Julia Potapenko
"Crypto wallets security. For developers", Julia PotapenkoFwdays
 
The Mainframe's Role in Enterprise Security Management - Jean-Marc Darees
The Mainframe's Role in Enterprise Security Management - Jean-Marc DareesThe Mainframe's Role in Enterprise Security Management - Jean-Marc Darees
The Mainframe's Role in Enterprise Security Management - Jean-Marc DareesNRB
 
Security, Privacy and Trust - Lecture 11 - Web Information Systems (4011474FNR)
Security, Privacy and Trust - Lecture 11 - Web Information Systems (4011474FNR) Security, Privacy and Trust - Lecture 11 - Web Information Systems (4011474FNR)
Security, Privacy and Trust - Lecture 11 - Web Information Systems (4011474FNR)Beat Signer
 
Sqrrl February Webinar: Breaking Down Data Silos
Sqrrl February Webinar: Breaking Down Data SilosSqrrl February Webinar: Breaking Down Data Silos
Sqrrl February Webinar: Breaking Down Data SilosSqrrl
 
Digital%20 signatures%20overview
Digital%20 signatures%20overviewDigital%20 signatures%20overview
Digital%20 signatures%20overviewrajesh123
 
During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...Cisco Canada
 
Symantec’s View of the Current State of ECDSA on the Web
Symantec’s View of the Current State of ECDSA on the WebSymantec’s View of the Current State of ECDSA on the Web
Symantec’s View of the Current State of ECDSA on the WebCASCouncil
 

Similar to Expert guide driving license cryptography (20)

Secure Channels Presentation
Secure Channels PresentationSecure Channels Presentation
Secure Channels Presentation
 
Symmetric key encryption
Symmetric key encryptionSymmetric key encryption
Symmetric key encryption
 
(SEC325) Satisfy PCI Obligations While Continuing to Innovate
(SEC325) Satisfy PCI Obligations While Continuing to Innovate(SEC325) Satisfy PCI Obligations While Continuing to Innovate
(SEC325) Satisfy PCI Obligations While Continuing to Innovate
 
6DCP Presentation 2016
6DCP Presentation 20166DCP Presentation 2016
6DCP Presentation 2016
 
Analyzing 1.2 Million Network Packets per Second in Real-time
Analyzing 1.2 Million Network Packets per Second in Real-timeAnalyzing 1.2 Million Network Packets per Second in Real-time
Analyzing 1.2 Million Network Packets per Second in Real-time
 
Wireless Pentesting: It's more than cracking WEP
Wireless Pentesting: It's more than cracking WEPWireless Pentesting: It's more than cracking WEP
Wireless Pentesting: It's more than cracking WEP
 
Identity based proxy-oriented data uploading and
Identity based proxy-oriented data uploading andIdentity based proxy-oriented data uploading and
Identity based proxy-oriented data uploading and
 
Workshop on 03 11-2012
Workshop on 03 11-2012Workshop on 03 11-2012
Workshop on 03 11-2012
 
Writing RPG Applications Using Cryptographic Services APIs
Writing RPG Applications Using Cryptographic Services APIsWriting RPG Applications Using Cryptographic Services APIs
Writing RPG Applications Using Cryptographic Services APIs
 
Securing your Rails application
Securing your Rails applicationSecuring your Rails application
Securing your Rails application
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real World
 
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...
 
"Crypto wallets security. For developers", Julia Potapenko
"Crypto wallets security. For developers", Julia Potapenko"Crypto wallets security. For developers", Julia Potapenko
"Crypto wallets security. For developers", Julia Potapenko
 
Atelier Technique CISCO ACSS 2018
Atelier Technique CISCO ACSS 2018Atelier Technique CISCO ACSS 2018
Atelier Technique CISCO ACSS 2018
 
The Mainframe's Role in Enterprise Security Management - Jean-Marc Darees
The Mainframe's Role in Enterprise Security Management - Jean-Marc DareesThe Mainframe's Role in Enterprise Security Management - Jean-Marc Darees
The Mainframe's Role in Enterprise Security Management - Jean-Marc Darees
 
Security, Privacy and Trust - Lecture 11 - Web Information Systems (4011474FNR)
Security, Privacy and Trust - Lecture 11 - Web Information Systems (4011474FNR) Security, Privacy and Trust - Lecture 11 - Web Information Systems (4011474FNR)
Security, Privacy and Trust - Lecture 11 - Web Information Systems (4011474FNR)
 
Sqrrl February Webinar: Breaking Down Data Silos
Sqrrl February Webinar: Breaking Down Data SilosSqrrl February Webinar: Breaking Down Data Silos
Sqrrl February Webinar: Breaking Down Data Silos
 
Digital%20 signatures%20overview
Digital%20 signatures%20overviewDigital%20 signatures%20overview
Digital%20 signatures%20overview
 
During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...
 
Symantec’s View of the Current State of ECDSA on the Web
Symantec’s View of the Current State of ECDSA on the WebSymantec’s View of the Current State of ECDSA on the Web
Symantec’s View of the Current State of ECDSA on the Web
 

More from team-WIBU

Post Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on IdentityPost Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on Identityteam-WIBU
 
Unlocking the Future: Empowering Industrial Security
Unlocking the Future: Empowering Industrial SecurityUnlocking the Future: Empowering Industrial Security
Unlocking the Future: Empowering Industrial Securityteam-WIBU
 
The Power of Partnership: Enabling Success Together
The Power of Partnership: Enabling Success TogetherThe Power of Partnership: Enabling Success Together
The Power of Partnership: Enabling Success Togetherteam-WIBU
 
Unleash the Power of CodeMeter - CodeMeter Basics
Unleash the Power of CodeMeter - CodeMeter BasicsUnleash the Power of CodeMeter - CodeMeter Basics
Unleash the Power of CodeMeter - CodeMeter Basicsteam-WIBU
 
Keine Zeit für Leerlauf – Lizenzverfügbarkeit für Geschäftskontinuität
Keine Zeit für Leerlauf – Lizenzverfügbarkeit für GeschäftskontinuitätKeine Zeit für Leerlauf – Lizenzverfügbarkeit für Geschäftskontinuität
Keine Zeit für Leerlauf – Lizenzverfügbarkeit für Geschäftskontinuitätteam-WIBU
 
No Time to Idle – License availability for business continuity
No Time to Idle – License availability for business continuityNo Time to Idle – License availability for business continuity
No Time to Idle – License availability for business continuityteam-WIBU
 
Cloud-Based Licensing in Offline Scenarios
Cloud-Based Licensing in Offline ScenariosCloud-Based Licensing in Offline Scenarios
Cloud-Based Licensing in Offline Scenariosteam-WIBU
 
Optimizing Cloud Licensing: Strategies and Best Practices
Optimizing Cloud Licensing: Strategies and Best PracticesOptimizing Cloud Licensing: Strategies and Best Practices
Optimizing Cloud Licensing: Strategies and Best Practicesteam-WIBU
 
For a Few Licenses More
For a Few Licenses MoreFor a Few Licenses More
For a Few Licenses Moreteam-WIBU
 
App Management on the Edge
App Management on the EdgeApp Management on the Edge
App Management on the Edgeteam-WIBU
 
Protecting and Licensing .NET Applications
Protecting and Licensing .NET ApplicationsProtecting and Licensing .NET Applications
Protecting and Licensing .NET Applicationsteam-WIBU
 
A Bit of License Management Magic
A Bit of License Management MagicA Bit of License Management Magic
A Bit of License Management Magicteam-WIBU
 
The first step is always the most decisive
The first step is always the most decisiveThe first step is always the most decisive
The first step is always the most decisiveteam-WIBU
 
Protection and monetization of 3D printed objects in the spare parts business...
Protection and monetization of 3D printed objects in the spare parts business...Protection and monetization of 3D printed objects in the spare parts business...
Protection and monetization of 3D printed objects in the spare parts business...team-WIBU
 
Authenticate and authorize your IIoTdevices
Authenticate and authorize your IIoTdevicesAuthenticate and authorize your IIoTdevices
Authenticate and authorize your IIoTdevicesteam-WIBU
 
How and Why to Create and Sell Consumption-Based Licenses
How and Why to Create and Sell Consumption-Based LicensesHow and Why to Create and Sell Consumption-Based Licenses
How and Why to Create and Sell Consumption-Based Licensesteam-WIBU
 
Serving Up Features-on-Demand for Every Appetite
Serving Up Features-on-Demand for Every AppetiteServing Up Features-on-Demand for Every Appetite
Serving Up Features-on-Demand for Every Appetiteteam-WIBU
 
Security and Protection for Machine Learning.pptx
Security and Protection for Machine Learning.pptxSecurity and Protection for Machine Learning.pptx
Security and Protection for Machine Learning.pptxteam-WIBU
 
License Portal - The DIY Solution
License Portal - The DIY SolutionLicense Portal - The DIY Solution
License Portal - The DIY Solutionteam-WIBU
 
Running code in secure hardware or cloud environments
Running code in secure hardware or cloud environmentsRunning code in secure hardware or cloud environments
Running code in secure hardware or cloud environmentsteam-WIBU
 

More from team-WIBU (20)

Post Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on IdentityPost Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on Identity
 
Unlocking the Future: Empowering Industrial Security
Unlocking the Future: Empowering Industrial SecurityUnlocking the Future: Empowering Industrial Security
Unlocking the Future: Empowering Industrial Security
 
The Power of Partnership: Enabling Success Together
The Power of Partnership: Enabling Success TogetherThe Power of Partnership: Enabling Success Together
The Power of Partnership: Enabling Success Together
 
Unleash the Power of CodeMeter - CodeMeter Basics
Unleash the Power of CodeMeter - CodeMeter BasicsUnleash the Power of CodeMeter - CodeMeter Basics
Unleash the Power of CodeMeter - CodeMeter Basics
 
Keine Zeit für Leerlauf – Lizenzverfügbarkeit für Geschäftskontinuität
Keine Zeit für Leerlauf – Lizenzverfügbarkeit für GeschäftskontinuitätKeine Zeit für Leerlauf – Lizenzverfügbarkeit für Geschäftskontinuität
Keine Zeit für Leerlauf – Lizenzverfügbarkeit für Geschäftskontinuität
 
No Time to Idle – License availability for business continuity
No Time to Idle – License availability for business continuityNo Time to Idle – License availability for business continuity
No Time to Idle – License availability for business continuity
 
Cloud-Based Licensing in Offline Scenarios
Cloud-Based Licensing in Offline ScenariosCloud-Based Licensing in Offline Scenarios
Cloud-Based Licensing in Offline Scenarios
 
Optimizing Cloud Licensing: Strategies and Best Practices
Optimizing Cloud Licensing: Strategies and Best PracticesOptimizing Cloud Licensing: Strategies and Best Practices
Optimizing Cloud Licensing: Strategies and Best Practices
 
For a Few Licenses More
For a Few Licenses MoreFor a Few Licenses More
For a Few Licenses More
 
App Management on the Edge
App Management on the EdgeApp Management on the Edge
App Management on the Edge
 
Protecting and Licensing .NET Applications
Protecting and Licensing .NET ApplicationsProtecting and Licensing .NET Applications
Protecting and Licensing .NET Applications
 
A Bit of License Management Magic
A Bit of License Management MagicA Bit of License Management Magic
A Bit of License Management Magic
 
The first step is always the most decisive
The first step is always the most decisiveThe first step is always the most decisive
The first step is always the most decisive
 
Protection and monetization of 3D printed objects in the spare parts business...
Protection and monetization of 3D printed objects in the spare parts business...Protection and monetization of 3D printed objects in the spare parts business...
Protection and monetization of 3D printed objects in the spare parts business...
 
Authenticate and authorize your IIoTdevices
Authenticate and authorize your IIoTdevicesAuthenticate and authorize your IIoTdevices
Authenticate and authorize your IIoTdevices
 
How and Why to Create and Sell Consumption-Based Licenses
How and Why to Create and Sell Consumption-Based LicensesHow and Why to Create and Sell Consumption-Based Licenses
How and Why to Create and Sell Consumption-Based Licenses
 
Serving Up Features-on-Demand for Every Appetite
Serving Up Features-on-Demand for Every AppetiteServing Up Features-on-Demand for Every Appetite
Serving Up Features-on-Demand for Every Appetite
 
Security and Protection for Machine Learning.pptx
Security and Protection for Machine Learning.pptxSecurity and Protection for Machine Learning.pptx
Security and Protection for Machine Learning.pptx
 
License Portal - The DIY Solution
License Portal - The DIY SolutionLicense Portal - The DIY Solution
License Portal - The DIY Solution
 
Running code in secure hardware or cloud environments
Running code in secure hardware or cloud environmentsRunning code in secure hardware or cloud environments
Running code in secure hardware or cloud environments
 

Recently uploaded

SAM Training Session - How to use EXCEL ?
SAM Training Session - How to use EXCEL ?SAM Training Session - How to use EXCEL ?
SAM Training Session - How to use EXCEL ?Alexandre Beguel
 
Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...Rob Geurden
 
How to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion ApplicationHow to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion ApplicationBradBedford3
 
Sending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdfSending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdf31events.com
 
SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at RuntimeSpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtimeandrehoraa
 
2024 DevNexus Patterns for Resiliency: Shuffle shards
2024 DevNexus Patterns for Resiliency: Shuffle shards2024 DevNexus Patterns for Resiliency: Shuffle shards
2024 DevNexus Patterns for Resiliency: Shuffle shardsChristopher Curtin
 
VictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News UpdateVictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News UpdateVictoriaMetrics
 
VictoriaMetrics Anomaly Detection Updates: Q1 2024
VictoriaMetrics Anomaly Detection Updates: Q1 2024VictoriaMetrics Anomaly Detection Updates: Q1 2024
VictoriaMetrics Anomaly Detection Updates: Q1 2024VictoriaMetrics
 
Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...
Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...
Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...OnePlan Solutions
 
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdf
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdfEnhancing Supply Chain Visibility with Cargo Cloud Solutions.pdf
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdfRTS corp
 
Amazon Bedrock in Action - presentation of the Bedrock's capabilities
Amazon Bedrock in Action - presentation of the Bedrock's capabilitiesAmazon Bedrock in Action - presentation of the Bedrock's capabilities
Amazon Bedrock in Action - presentation of the Bedrock's capabilitiesKrzysztofKkol1
 
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdf
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdfExploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdf
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdfkalichargn70th171
 
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...Cizo Technology Services
 
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...Bert Jan Schrijver
 
Effectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryErrorEffectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryErrorTier1 app
 
Large Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and RepairLarge Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and RepairLionel Briand
 
Salesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZSalesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZABSYZ Inc
 
Strategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero resultsStrategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero resultsJean Silva
 
Powering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data StreamsPowering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data StreamsSafe Software
 
Precise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalPrecise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalLionel Briand
 

Recently uploaded (20)

SAM Training Session - How to use EXCEL ?
SAM Training Session - How to use EXCEL ?SAM Training Session - How to use EXCEL ?
SAM Training Session - How to use EXCEL ?
 
Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...
 
How to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion ApplicationHow to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion Application
 
Sending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdfSending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdf
 
SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at RuntimeSpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtime
 
2024 DevNexus Patterns for Resiliency: Shuffle shards
2024 DevNexus Patterns for Resiliency: Shuffle shards2024 DevNexus Patterns for Resiliency: Shuffle shards
2024 DevNexus Patterns for Resiliency: Shuffle shards
 
VictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News UpdateVictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News Update
 
VictoriaMetrics Anomaly Detection Updates: Q1 2024
VictoriaMetrics Anomaly Detection Updates: Q1 2024VictoriaMetrics Anomaly Detection Updates: Q1 2024
VictoriaMetrics Anomaly Detection Updates: Q1 2024
 
Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...
Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...
Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...
 
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdf
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdfEnhancing Supply Chain Visibility with Cargo Cloud Solutions.pdf
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdf
 
Amazon Bedrock in Action - presentation of the Bedrock's capabilities
Amazon Bedrock in Action - presentation of the Bedrock's capabilitiesAmazon Bedrock in Action - presentation of the Bedrock's capabilities
Amazon Bedrock in Action - presentation of the Bedrock's capabilities
 
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdf
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdfExploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdf
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdf
 
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
 
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
 
Effectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryErrorEffectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryError
 
Large Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and RepairLarge Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and Repair
 
Salesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZSalesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZ
 
Strategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero resultsStrategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero results
 
Powering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data StreamsPowering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data Streams
 
Precise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalPrecise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive Goal
 

Expert guide driving license cryptography

  • 1. Your driving license to expert cryptography Rüdiger Kügler | Professional Services ruediger.kuegler@wibu.com Alvaro Forero | Security Expert Alvaro.Forero@wibu.com CodeMeter
  • 2. Epic Fails Female / Male flag encrypted Medical Records with AES-CTR Encrypted Picture with AES-ECB 2014-09-04 Your driving license to expert cryptography 2
  • 3. Encrypted Female / Male Flag 2014-09-04 Your driving license to expert cryptography 3  Implementation:  Field gets filled with „0“  Field gets encrypted with AES  Mistake  Entropie of data is too low  IV and Padding with „0“  Hack  Guess the meaning of the encrypted field
  • 4. Database Dump (Excerpt) 2014-09-04 Your driving license to expert cryptography 4 ID LastName Gender 442225 782B9CAB890DB937C3A48DBD39F426A4 E37CD363DD7C87A09AFF0E3E60E09C82 33273 4A453644D133566ADC04B7A478A5A5AD E37CD363DD7C87A09AFF0E3E60E09C82 483916 77CF3A86923DEB80434F16646DE7DB7F C6A13B37878F5B826F4F8162A1C8D879 137333 F7A846F8F336B511D2B01444BEFBA18B E37CD363DD7C87A09AFF0E3E60E09C82 147607 851DD615E24D586E0F232DD2FFC573A9 C6A13B37878F5B826F4F8162A1C8D879 303044 19B0930C53F45AC14360E2F3A3B04EF7 C6A13B37878F5B826F4F8162A1C8D879 916345 5BEBF00AF658C1256C0821553C35FAC3 E37CD363DD7C87A09AFF0E3E60E09C82 777169 19B0930C53F45AC14360E2F3A3B04EF7 C6A13B37878F5B826F4F8162A1C8D879 154800 19B0930C53F45AC14360E2F3A3B04EF7 C6A13B37878F5B826F4F8162A1C8D879
  • 5. Encrypted Female / Male Flag 2014-09-04 Your driving license to expert cryptography 5  Implementation:  Field gets filled with „0“  Field gets encrypted with AES  Mistake  Entropie of data is too low  IV and Padding with „0“  Hack  Guess the meaning of the encrypted field Secure solution Data becomes more, either:  Initialization Vector,  Nonce or  Fill up to 16 bytes with random data.
  • 6. Encrypted Medical Record 2014-09-04 Your driving license to expert cryptography 6  Implementation  Encryption of xml/docx with AES-CTR  Mistake  Implementation fault, Nonce was set to „0“  Hack  Steal encrypted database  Get own record as plain text  Record = MyPlainRecord XOR MyEncRecord XOR EncRecord EncRecord MyPlainRecord MyEncRecord Record
  • 7. Encrypted Picture 2014-09-04 Your driving license to expert cryptography 7 Electronic Codebook Cipher-Block Chaining ECB does not hide structure of data.
  • 8. Cryptography - Basics Symmetric Encryption Hash Functions Asymmetric Encryption 2014-09-04 Your driving license to expert cryptography 8
  • 10. Hash Data Hash (Digest) Data Hash (Digest) 2014-09-04 Your driving license to expert cryptography 10
  • 11. Hash with Salt Data Hash (Digest) Data Hash (Digest) Salt Salt 2014-09-04 Your driving license to expert cryptography 11
  • 12. Signatures Data Private Key Hash (Digest) Signature Yes / No Public Key Data Hash (Digest)Signature Signature 2014-09-04 Your driving license to expert cryptography 12
  • 14. Block Cipher Modes Electronic Codebook (ECB) Cipher-Block Chaining (CBC) Counter (CTR) 2014-09-04 Your driving license to expert cryptography 14
  • 15. Electronic Codebook (ECB) – Encryption 2014-09-04 Your driving license to expert cryptography 15 Plaintext Ciphertext AES Encryption Plaintext Ciphertext AES Encryption Plaintext Ciphertext AES Encryption
  • 16. Electronic Codebook (ECB) – Decryption 2014-09-04 Your driving license to expert cryptography 16 Ciphertext Plaintext AES Decryption Ciphertext Plaintext AES Decryption Ciphertext Plaintext AES Decryption
  • 17. Cipher-Block Chaining (CBC) – Encryption 2014-09-04 Your driving license to expert cryptography 17 Plaintext Ciphertext AES Encryption IV Plaintext Ciphertext AES Encryption Plaintext Ciphertext AES Encryption
  • 18. Cipher-Block Chaining (CBC) – Decryption 2014-09-04 Your driving license to expert cryptography 18 Ciphertext Plaintext AES Decryption IV Ciphertext Plaintext AES Decryption Ciphertext Plaintext AES Decryption
  • 19. Counter (CTR) – Encryption 2014-09-04 Your driving license to expert cryptography 19 Plaintext Ciphertext AES Encryption Counter (0) Nonce Add Plaintext Ciphertext AES Encryption Counter (1) Nonce Add Plaintext Ciphertext AES Encryption Counter (2) Nonce Add
  • 20. Counter (CTR) – Decryption 2014-09-04 Your driving license to expert cryptography 20 Ciphertext Plaintext AES Encryption Counter (0) Nonce Add Ciphertext Plaintext AES Encryption Counter (1) Nonce Add Ciphertext Plaintext AES Encryption Counter (2) Nonce Add
  • 21. CodeMeter API Encrypting Data Signature API Key Storage 2014-09-04 Your driving license to expert cryptography 21
  • 22. CodeMeter API – Supported Algorithms  Symmetric Encryption: AES 128 bit  Asymmetric Encryption: ECC 224 bit  Signatures: ECC 224 bit (ECDSA)  Hash: SHA 256  Legacy: RSA 2048 bit 2014-09-04 Your driving license to expert cryptography 22
  • 23. CodeMeter API – Key Sources  FirmKey with key derivation  Direct (ECB)  Indirect (ECB, CBC) using P1363 KDF2  Secret Data / Hidden Data with key derivation  Direct (ECB)  Indirect (ECB, CBC) using P1363 KDF2  Secret Data / Hidden Data without key derivation  Direct (ECB) 2014-09-04 Your driving license to expert cryptography 23
  • 24. Key Derivation – Firm Key – Direct 2014-09-04 Your driving license to expert cryptography 24 Plaintext CmDongle AES ECBSHA 256 Firm Code Product Code Feature Code Release Data Encryption Code Enc. Code Options Feature Map Maint. Period Black Key Firm Key Ciphertext Product Code Firm Code
  • 25. Key Derivation – Secret Data / Hidden Data – Direct 2014-09-04 Your driving license to expert cryptography 25 Plaintext CmDongle AES ECBSHA 256 Firm Code Product Code Feature Code Release Data Encryption Code Enc. Code Options Feature Map Maint. Period Black Key Secret Data Ciphertext Product Code Firm Code
  • 26. Key Derivation – Firm Key – Indirect (Default Scheme) 2014-09-04 Your driving license to expert cryptography 26 InitKey Plaintext CmDongle AES ECBSHA 256 Firm Code Product Code Feature Code Release Data Encryption Code Enc. Code Options Feature Map Maint. Period Black Key Firm Key Ciphertext Product Code Firm Code KDF2 P1363 AES
  • 27. Key Derivation – Secret Data / Hidden Data – Indirect 2014-09-04 Your driving license to expert cryptography 27 InitKey Plaintext CmDongle AES ECBSHA 256 Firm Code Product Code Feature Code Release Data Encryption Code Enc. Code Options Feature Map Maint. Period Black Key Secret Data Ciphertext Product Code Firm Code KDF2 P1363 AES
  • 28. Without Key Derivation – Secret Data / Hidden Data – Direct 2014-09-04 Your driving license to expert cryptography 28 Plaintext CmDongle AES ECB Firm Code Product Code Feature Map Maint. Period Black Key Secret Data Ciphertext
  • 29. CodeMeter Use Cases Challenge Response Check Known Shared Secret Encrypted Communication 2014-09-04 Your driving license to expert cryptography 29
  • 30. Challenge Response Check  Make sure valid CmDongle is present  Private Key in CmDongle (with license, same for all customers)  Public Key in software  Software generates challenge  CmDongle signs challenge  Software checks response  Avoids record playback attacks on CmDongle  Avoids simulation of CmDongle 2014-09-04 Your driving license to expert cryptography 30
  • 31. Known Shared Secret 2014-09-04 Your driving license to expert cryptography 31  Secure storage of AES key, which can be used on PC  Store AES key as Secret Data  Use Secret Data as key source for direct encryption  Sample scenario:  Communication between embedded device / cloud and PC  Keys on embedded device / cloud are already stored securely  Usage of dongle on PC  Avoids duplication of AES key on PC
  • 32. Encrypted Communication 2014-09-04 Your driving license to expert cryptography 32  Transmitting fishing journal from fishing vessel to central server (satellite)  Requirements: Authentic & Confidential  Implementation:  Key pair on server / key pair on each vessel  Journal gets encrypted with public key of server  Journal gets signed with private key of vessel  Result: Authentic and Confidential journal 603 4711
  • 33. Summary 2014-09-04 Your driving license to expert cryptography 33  Start with threat analysis  Select the right algorithm, right key length, right mode  Select the right key storage (dongle, software, cloud, …)  Avoid implementation faults  Monitor the security of your implementation Wibu Professional Services supports you during the whole process from analysis to implementation and monitoring.
  • 34. Thank you very much WIBU-SYSTEMS AG www.wibu.com 2014-09-04 Your driving license to expert cryptography 34