SlideShare ist ein Scribd-Unternehmen logo

Cryptography for Smalltalkers 2

E
ESUG

Public Key Cryptography provides confidentiality, integrity, authentication, and non-repudiation through techniques like asymmetric encryption, digital signatures, hashes, and key exchange. It uses public/private key pairs based on hard mathematical problems like factoring and discrete logarithms. Common algorithms include RSA for encryption/signatures and Diffie-Hellman for key exchange. Signatures are generated with the private key and verified with the public key to authenticate messages and identities.

TechnologieBildung
1 von 25
Downloaden Sie, um offline zu lesen
Public Key CryptographyPublic Key Cryptography Martin Kobetic Cincom Smalltalk Development ESUG 2006
Public Key Algorithms Encryption (RSA) Key Establishment (RSA, DH) Signing Hashes (SHA, MD5) MACs (HMAC, CBC-MAC) Digital Signatures (RSA, DSA)
public and private key hard to compute private from the public sparse key space => much longer keys based on hard problems factoring, discrete logarithm much slower RSA, DSA, DH, ElGamal elliptic curves: ECDSA, ECDH,
provides: confidentiality symmetric (secret) key ciphers same (secret) key => encrypt and decrypt DES, AES, RC4 asymmetric (public) key ciphers public key => encrypt private key => decrypt RSA,ElGammal
RSA Security, PKCS #1 modulus n = product of 2 large primes p, q public: e = relatively prime to (p-1)(q-1) private: d = e-1 mod ((p-1)(q-1)) C = Pe mod n [ P < n ] P = Cd mod n small e => faster encryption
keys := RSAKeyGenerator keySize: 512. alice := RSA new publicKey: keys publicKey. ctxt := alice encrypt: 'Hello World' asByteArray. ctxt asHexString bob := RSA new privateKey: keys privateKey. (bob decrypt: ctxt) asString
keys := RSAKeyGenerator keySize: 512. alice := RSA new publicKey: keys publicKey. msg := 'Hello World' asByteArrayEncoding: # utf8. msg := alice encrypt: msg. bob := RSA new privateKey: keys privateKey. msg := bob decrypt: msg. msg asStringEncoding: # utf8
public key too slow for bulk encryption public key => secure symmetric key symmetric key => bulk encryption key exchange (RSA) generate one-time symmetric key public key => encrypt the symmetric key key agreement (DH) parties cooperate to generate a shared secret
key := DSSRandom default byteStream next: 40. msg := 'Hello World!' asByteArray. msg := (ARC4 key: key) encrypt: msg. alice := RSA new publicKey: keys publicKey. key := alice encrypt: key. bob := RSA new privateKey: keys privateKey. key := bob decrypt: key ((ARC4 key: key) decrypt: msg) asString.
shared secret over unprotected channel http://www.ietf.org/rfc/rfc2631.txt modulus p: large prime (>=512b) order q: large prime (>=160b) generator g: order q mod p private x: random 1 < x < q - 1 public y: g^ x mod p public y : other party s y = g^ x (mod p) shared secret: y ^ x = y^ x (mod p)
gen := DHParameterGenerator m: 160 l: 512. alice := DH p: gen p q: gen q g: gen g. ya := alice publicValue. bob := DH p: alice p q: alice q g: alice g. yb := bob publicValue. ss := bob sharedSecretUsing: ya ss = (alice sharedSecretUsing: yb)
bob := DH newFrom: gen. yb := bob publicValue. alice := DH newFrom: gen. ya := alice publicValue. ss := (alice sharedSecretUsing: yb) asByteArray. msg := 'Hello World!' asByteArray. msg := (ARC4 key: ss) encrypt: msg. ss := (bob sharedSecretUsing: ya) asByteArray. ((ARC4 key: ss) decrypt: msg) asString.
Provides: integrity (tamper evidence) authentication non-repudiation Hashes (SHA, MD5) Digital Signatures (RSA, DSA)
provides: data fingerprinting unlimited input size => fixed output size must be: one-way: h(m) => m collision resistant: m1,m2 => h(m1) = h(m2) MD2, MD4, MD5, SHA, RIPE-MD
compression function: M = M1, M2, hi = f(Mi, hi-1) MD-strengthening: include message length (in the padding) doesn t completely prevent length extension
http://www.ietf.org/rfc/rfc1321.txt (Ron Rivest) digest: 128-bits (16B) block: 512-bits (64B) padding: M | 10...0 | length (64bits) broken in 2004, avoid MD5!
(MD5 hash: 'Hello' asByteArray) asHexString (MD5 hash: # [1 2 3 4 5] from: 2 to: 4) asHexString input := # [1 2 3 4 5 6 7 8 9] readStream. (MD5 hashNext: 3 from: input) asHexString (MD5 hashFrom: input) asHexString
SHS - NIST FIPS PUB 180 digest: 160 bits (20B) block: 512 bits (64B) padding: M | 10...0 | length (64bits) FIPS 180-1: SHA-1 (1995) FIPS 180-2: SHA-256, 384, 512 (2002) SHA-1 broken in 2005!
input := 'Hello World!' asByteArray readStream. sha := SHA new. sha updateWithNext: 5 from: input. sha digest asHexString. sha updateFrom: input. sha digest asHexString. input reset. (SHA256 hashFrom: input) asHexString.
authentic, non-reusable, unalterable signing uses the private key message, key => signature verification uses the public key message, key, signature => true/false
signing: hash the plaintext encode digest encrypt digest with private key verifying: decrypt digest with public key decode digest hash the plaintext compare the digests
alice := RSA new privateKey: keys privateKey. msg := 'Hello World' asByteArray. sig := alice sign: msg. sig asHexString bob := RSA new publicKey: keys publicKey. bob verify: sig of: msg
NIST FIPS PUB 186 p prime (modulus): (512 + k* 64 <= 1024) q prime factor of p 1 (160 bits) g > 1; g^ q mod p = 1 (g has order q mod p) x < q (private key) y = g^ x mod p (public key) FIPS 186-1 (1998): RSA(X9.31) FIPS 186-2 (2001): ECDSA(X9.62) FIPS 186-3 (?2006): bigger keys up to 15K bits
keys := DSAKeyGenerator keySize: 512. alice := DSA new privateKey: keys privateKey. sig := alice sign: 'Hello World' asByteArray bob := DSA new publicKey: keys publicKey. bob verify: sig of: 'Hello World' asByteArray
[1] Anderson: Security Engineering [2] Ferguson, Schneier: Practical Cryptography [3] Kahn: The Codebreakers [4] Menezes, van Oorschot, Vanstone: Handbook of Applied Cryptography [5] Schneier: Applied Cryptography

Empfohlen

AREA41 - Anatomy of attacks aimed at financial sector by the Lazarus group
AREA41 - Anatomy of attacks aimed at financial sector by the Lazarus groupAREA41 - Anatomy of attacks aimed at financial sector by the Lazarus group
AREA41 - Anatomy of attacks aimed at financial sector by the Lazarus groupSeongsuPark8
 
Cryptography for Smalltalkers
Cryptography for SmalltalkersCryptography for Smalltalkers
Cryptography for SmalltalkersESUG
 
State of the art logging
State of the art loggingState of the art logging
State of the art loggingBalaBit
 
SCaLE 2016 - syslog-ng: From Raw Data to Big Data
SCaLE 2016 - syslog-ng: From Raw Data to Big DataSCaLE 2016 - syslog-ng: From Raw Data to Big Data
SCaLE 2016 - syslog-ng: From Raw Data to Big DataBalaBit
 
VisualWorks Security Reloaded - STIC 2012
VisualWorks Security Reloaded - STIC 2012VisualWorks Security Reloaded - STIC 2012
VisualWorks Security Reloaded - STIC 2012Martin Kobetic
 
syslog-ng: from log collection to processing and information extraction
syslog-ng: from log collection to processing and information extractionsyslog-ng: from log collection to processing and information extraction
syslog-ng: from log collection to processing and information extractionBalaBit
 
2015. Libre Software Meeting - syslog-ng: from log collection to processing a...
2015. Libre Software Meeting - syslog-ng: from log collection to processing a...2015. Libre Software Meeting - syslog-ng: from log collection to processing a...
2015. Libre Software Meeting - syslog-ng: from log collection to processing a...BalaBit
 
LOADays 2015 - syslog-ng - from log collection to processing and infomation e...
LOADays 2015 - syslog-ng - from log collection to processing and infomation e...LOADays 2015 - syslog-ng - from log collection to processing and infomation e...
LOADays 2015 - syslog-ng - from log collection to processing and infomation e...BalaBit
 

Empfohlen

AREA41 - Anatomy of attacks aimed at financial sector by the Lazarus group
AREA41 - Anatomy of attacks aimed at financial sector by the Lazarus groupAREA41 - Anatomy of attacks aimed at financial sector by the Lazarus group
AREA41 - Anatomy of attacks aimed at financial sector by the Lazarus groupSeongsuPark8
 
Cryptography for Smalltalkers
Cryptography for SmalltalkersCryptography for Smalltalkers
Cryptography for SmalltalkersESUG
 
State of the art logging
State of the art loggingState of the art logging
State of the art loggingBalaBit
 
SCaLE 2016 - syslog-ng: From Raw Data to Big Data
SCaLE 2016 - syslog-ng: From Raw Data to Big DataSCaLE 2016 - syslog-ng: From Raw Data to Big Data
SCaLE 2016 - syslog-ng: From Raw Data to Big DataBalaBit
 
VisualWorks Security Reloaded - STIC 2012
VisualWorks Security Reloaded - STIC 2012VisualWorks Security Reloaded - STIC 2012
VisualWorks Security Reloaded - STIC 2012Martin Kobetic
 
syslog-ng: from log collection to processing and information extraction
syslog-ng: from log collection to processing and information extractionsyslog-ng: from log collection to processing and information extraction
syslog-ng: from log collection to processing and information extractionBalaBit
 
2015. Libre Software Meeting - syslog-ng: from log collection to processing a...
2015. Libre Software Meeting - syslog-ng: from log collection to processing a...2015. Libre Software Meeting - syslog-ng: from log collection to processing a...
2015. Libre Software Meeting - syslog-ng: from log collection to processing a...BalaBit
 
LOADays 2015 - syslog-ng - from log collection to processing and infomation e...
LOADays 2015 - syslog-ng - from log collection to processing and infomation e...LOADays 2015 - syslog-ng - from log collection to processing and infomation e...
LOADays 2015 - syslog-ng - from log collection to processing and infomation e...BalaBit
 
Apache Commons ソースリーディングの会:Codec
Apache Commons ソースリーディングの会:CodecApache Commons ソースリーディングの会:Codec
Apache Commons ソースリーディングの会:Codecmoai kids
 
0 to 31337 Real Quick: Lessons Learned by Reversing the Flare-On Challenge
0 to 31337 Real Quick: Lessons Learned by Reversing the Flare-On Challenge0 to 31337 Real Quick: Lessons Learned by Reversing the Flare-On Challenge
0 to 31337 Real Quick: Lessons Learned by Reversing the Flare-On ChallengeBlaine Stancill
 
Native or External?
Native or External?Native or External?
Native or External?ESUG
 
Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018)
Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018)Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018)
Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018)Svetlin Nakov
 
Big Data Day LA 2015 - Compiling DSLs for Diverse Execution Environments by Z...
Big Data Day LA 2015 - Compiling DSLs for Diverse Execution Environments by Z...Big Data Day LA 2015 - Compiling DSLs for Diverse Execution Environments by Z...
Big Data Day LA 2015 - Compiling DSLs for Diverse Execution Environments by Z...Data Con LA
 
Redis - for duplicate detection on real time stream
Redis - for duplicate detection on real time streamRedis - for duplicate detection on real time stream
Redis - for duplicate detection on real time streamCodemotion
 
“Technical Intro to Blockhain” by Yurijs Pimenovs from Paybis at CryptoCurren...
“Technical Intro to Blockhain” by Yurijs Pimenovs from Paybis at CryptoCurren...“Technical Intro to Blockhain” by Yurijs Pimenovs from Paybis at CryptoCurren...
“Technical Intro to Blockhain” by Yurijs Pimenovs from Paybis at CryptoCurren...Dace Barone
 
Paris Redis Meetup Introduction
Paris Redis Meetup IntroductionParis Redis Meetup Introduction
Paris Redis Meetup IntroductionGregory Boissinot
 
Cybersecurity cyberlab3
Cybersecurity cyberlab3Cybersecurity cyberlab3
Cybersecurity cyberlab3rayborg
 
Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)
Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)
Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)Svetlin Nakov
 
Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)
Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)
Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)Svetlin Nakov
 
Centralized Logging with syslog
Centralized Logging with syslogCentralized Logging with syslog
Centralized Logging with syslogamiable_indian
 
Cryptography for Absolute Beginners (May 2019)
Cryptography for Absolute Beginners (May 2019)Cryptography for Absolute Beginners (May 2019)
Cryptography for Absolute Beginners (May 2019)Svetlin Nakov
 
Monero Presentation by Justin Ehrenhofer - Stockholm, Sweden 2017
Monero Presentation by Justin Ehrenhofer - Stockholm, Sweden 2017Monero Presentation by Justin Ehrenhofer - Stockholm, Sweden 2017
Monero Presentation by Justin Ehrenhofer - Stockholm, Sweden 2017Justin Ehrenhofer
 
Monero Presentation by Justin Ehrenhofer - Copenhagen, Denmark 2017
Monero Presentation by Justin Ehrenhofer - Copenhagen, Denmark 2017Monero Presentation by Justin Ehrenhofer - Copenhagen, Denmark 2017
Monero Presentation by Justin Ehrenhofer - Copenhagen, Denmark 2017Justin Ehrenhofer
 
RedisConf17 - Redis as a JSON document store
RedisConf17 - Redis as a JSON document storeRedisConf17 - Redis as a JSON document store
RedisConf17 - Redis as a JSON document storeRedis Labs
 
Redis — The AK-47 of Post-relational Databases
Redis — The AK-47 of Post-relational DatabasesRedis — The AK-47 of Post-relational Databases
Redis — The AK-47 of Post-relational DatabasesKarel Minarik
 
Password Storage And Attacking In PHP - PHP Argentina
Password Storage And Attacking In PHP - PHP ArgentinaPassword Storage And Attacking In PHP - PHP Argentina
Password Storage And Attacking In PHP - PHP ArgentinaAnthony Ferrara
 
Monero Presentation by Justin Ehrenhofer - Oslo, Norway 2017
Monero Presentation by Justin Ehrenhofer - Oslo, Norway 2017Monero Presentation by Justin Ehrenhofer - Oslo, Norway 2017
Monero Presentation by Justin Ehrenhofer - Oslo, Norway 2017Justin Ehrenhofer
 
Password Storage and Attacking in PHP
Password Storage and Attacking in PHPPassword Storage and Attacking in PHP
Password Storage and Attacking in PHPAnthony Ferrara
 
Tide - The missing web framework
Tide - The missing web frameworkTide - The missing web framework
Tide - The missing web frameworkEsteban Lorenzano
 
Voyage by example
Voyage by exampleVoyage by example
Voyage by exampleESUG
 

Weitere ähnliche Inhalte

Was ist angesagt?

Apache Commons ソースリーディングの会:Codec
Apache Commons ソースリーディングの会:CodecApache Commons ソースリーディングの会:Codec
Apache Commons ソースリーディングの会:Codecmoai kids
 
0 to 31337 Real Quick: Lessons Learned by Reversing the Flare-On Challenge
0 to 31337 Real Quick: Lessons Learned by Reversing the Flare-On Challenge0 to 31337 Real Quick: Lessons Learned by Reversing the Flare-On Challenge
0 to 31337 Real Quick: Lessons Learned by Reversing the Flare-On ChallengeBlaine Stancill
 
Native or External?
Native or External?Native or External?
Native or External?ESUG
 
Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018)
Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018)Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018)
Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018)Svetlin Nakov
 
Big Data Day LA 2015 - Compiling DSLs for Diverse Execution Environments by Z...
Big Data Day LA 2015 - Compiling DSLs for Diverse Execution Environments by Z...Big Data Day LA 2015 - Compiling DSLs for Diverse Execution Environments by Z...
Big Data Day LA 2015 - Compiling DSLs for Diverse Execution Environments by Z...Data Con LA
 
Redis - for duplicate detection on real time stream
Redis - for duplicate detection on real time streamRedis - for duplicate detection on real time stream
Redis - for duplicate detection on real time streamCodemotion
 
“Technical Intro to Blockhain” by Yurijs Pimenovs from Paybis at CryptoCurren...
“Technical Intro to Blockhain” by Yurijs Pimenovs from Paybis at CryptoCurren...“Technical Intro to Blockhain” by Yurijs Pimenovs from Paybis at CryptoCurren...
“Technical Intro to Blockhain” by Yurijs Pimenovs from Paybis at CryptoCurren...Dace Barone
 
Paris Redis Meetup Introduction
Paris Redis Meetup IntroductionParis Redis Meetup Introduction
Paris Redis Meetup IntroductionGregory Boissinot
 
Cybersecurity cyberlab3
Cybersecurity cyberlab3Cybersecurity cyberlab3
Cybersecurity cyberlab3rayborg
 
Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)
Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)
Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)Svetlin Nakov
 
Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)
Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)
Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)Svetlin Nakov
 
Centralized Logging with syslog
Centralized Logging with syslogCentralized Logging with syslog
Centralized Logging with syslogamiable_indian
 
Cryptography for Absolute Beginners (May 2019)
Cryptography for Absolute Beginners (May 2019)Cryptography for Absolute Beginners (May 2019)
Cryptography for Absolute Beginners (May 2019)Svetlin Nakov
 
Monero Presentation by Justin Ehrenhofer - Stockholm, Sweden 2017
Monero Presentation by Justin Ehrenhofer - Stockholm, Sweden 2017Monero Presentation by Justin Ehrenhofer - Stockholm, Sweden 2017
Monero Presentation by Justin Ehrenhofer - Stockholm, Sweden 2017Justin Ehrenhofer
 
Monero Presentation by Justin Ehrenhofer - Copenhagen, Denmark 2017
Monero Presentation by Justin Ehrenhofer - Copenhagen, Denmark 2017Monero Presentation by Justin Ehrenhofer - Copenhagen, Denmark 2017
Monero Presentation by Justin Ehrenhofer - Copenhagen, Denmark 2017Justin Ehrenhofer
 
RedisConf17 - Redis as a JSON document store
RedisConf17 - Redis as a JSON document storeRedisConf17 - Redis as a JSON document store
RedisConf17 - Redis as a JSON document storeRedis Labs
 
Redis — The AK-47 of Post-relational Databases
Redis — The AK-47 of Post-relational DatabasesRedis — The AK-47 of Post-relational Databases
Redis — The AK-47 of Post-relational DatabasesKarel Minarik
 
Password Storage And Attacking In PHP - PHP Argentina
Password Storage And Attacking In PHP - PHP ArgentinaPassword Storage And Attacking In PHP - PHP Argentina
Password Storage And Attacking In PHP - PHP ArgentinaAnthony Ferrara
 
Monero Presentation by Justin Ehrenhofer - Oslo, Norway 2017
Monero Presentation by Justin Ehrenhofer - Oslo, Norway 2017Monero Presentation by Justin Ehrenhofer - Oslo, Norway 2017
Monero Presentation by Justin Ehrenhofer - Oslo, Norway 2017Justin Ehrenhofer
 
Password Storage and Attacking in PHP
Password Storage and Attacking in PHPPassword Storage and Attacking in PHP
Password Storage and Attacking in PHPAnthony Ferrara
 

Was ist angesagt? (20)

Apache Commons ソースリーディングの会:Codec
Apache Commons ソースリーディングの会:CodecApache Commons ソースリーディングの会:Codec
Apache Commons ソースリーディングの会:Codec
 
0 to 31337 Real Quick: Lessons Learned by Reversing the Flare-On Challenge
0 to 31337 Real Quick: Lessons Learned by Reversing the Flare-On Challenge0 to 31337 Real Quick: Lessons Learned by Reversing the Flare-On Challenge
0 to 31337 Real Quick: Lessons Learned by Reversing the Flare-On Challenge
 
Native or External?
Native or External?Native or External?
Native or External?
 
Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018)
Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018)Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018)
Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018)
 
Big Data Day LA 2015 - Compiling DSLs for Diverse Execution Environments by Z...
Big Data Day LA 2015 - Compiling DSLs for Diverse Execution Environments by Z...Big Data Day LA 2015 - Compiling DSLs for Diverse Execution Environments by Z...
Big Data Day LA 2015 - Compiling DSLs for Diverse Execution Environments by Z...
 
Redis - for duplicate detection on real time stream
Redis - for duplicate detection on real time streamRedis - for duplicate detection on real time stream
Redis - for duplicate detection on real time stream
 
“Technical Intro to Blockhain” by Yurijs Pimenovs from Paybis at CryptoCurren...
“Technical Intro to Blockhain” by Yurijs Pimenovs from Paybis at CryptoCurren...“Technical Intro to Blockhain” by Yurijs Pimenovs from Paybis at CryptoCurren...
“Technical Intro to Blockhain” by Yurijs Pimenovs from Paybis at CryptoCurren...
 
Paris Redis Meetup Introduction
Paris Redis Meetup IntroductionParis Redis Meetup Introduction
Paris Redis Meetup Introduction
 
Cybersecurity cyberlab3
Cybersecurity cyberlab3Cybersecurity cyberlab3
Cybersecurity cyberlab3
 
Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)
Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)
Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)
 
Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)
Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)
Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)
 
Centralized Logging with syslog
Centralized Logging with syslogCentralized Logging with syslog
Centralized Logging with syslog
 
Cryptography for Absolute Beginners (May 2019)
Cryptography for Absolute Beginners (May 2019)Cryptography for Absolute Beginners (May 2019)
Cryptography for Absolute Beginners (May 2019)
 
Monero Presentation by Justin Ehrenhofer - Stockholm, Sweden 2017
Monero Presentation by Justin Ehrenhofer - Stockholm, Sweden 2017Monero Presentation by Justin Ehrenhofer - Stockholm, Sweden 2017
Monero Presentation by Justin Ehrenhofer - Stockholm, Sweden 2017
 
Monero Presentation by Justin Ehrenhofer - Copenhagen, Denmark 2017
Monero Presentation by Justin Ehrenhofer - Copenhagen, Denmark 2017Monero Presentation by Justin Ehrenhofer - Copenhagen, Denmark 2017
Monero Presentation by Justin Ehrenhofer - Copenhagen, Denmark 2017
 
RedisConf17 - Redis as a JSON document store
RedisConf17 - Redis as a JSON document storeRedisConf17 - Redis as a JSON document store
RedisConf17 - Redis as a JSON document store
 
Redis — The AK-47 of Post-relational Databases
Redis — The AK-47 of Post-relational DatabasesRedis — The AK-47 of Post-relational Databases
Redis — The AK-47 of Post-relational Databases
 
Password Storage And Attacking In PHP - PHP Argentina
Password Storage And Attacking In PHP - PHP ArgentinaPassword Storage And Attacking In PHP - PHP Argentina
Password Storage And Attacking In PHP - PHP Argentina
 
Monero Presentation by Justin Ehrenhofer - Oslo, Norway 2017
Monero Presentation by Justin Ehrenhofer - Oslo, Norway 2017Monero Presentation by Justin Ehrenhofer - Oslo, Norway 2017
Monero Presentation by Justin Ehrenhofer - Oslo, Norway 2017
 
Password Storage and Attacking in PHP
Password Storage and Attacking in PHPPassword Storage and Attacking in PHP
Password Storage and Attacking in PHP
 

Andere mochten auch

Tide - The missing web framework
Tide - The missing web frameworkTide - The missing web framework
Tide - The missing web frameworkEsteban Lorenzano
 
Voyage by example
Voyage by exampleVoyage by example
Voyage by exampleESUG
 
Advanced Seaside
Advanced SeasideAdvanced Seaside
Advanced SeasideESUG
 
MongoTalk/Voyage
MongoTalk/VoyageMongoTalk/Voyage
MongoTalk/VoyageESUG
 
Why do *you* need a strong open-source Smalltalk!
Why do *you* need a strong open-source Smalltalk!Why do *you* need a strong open-source Smalltalk!
Why do *you* need a strong open-source Smalltalk!Pharo
 
Make It Better Together: コミュニティを主体としたLibreOffice翻訳 / : Community-centered Lib...
Make It Better Together: コミュニティを主体としたLibreOffice翻訳 / : Community-centered Lib...Make It Better Together: コミュニティを主体としたLibreOffice翻訳 / : Community-centered Lib...
Make It Better Together: コミュニティを主体としたLibreOffice翻訳 / : Community-centered Lib...Naruhiko Ogasawara
 

Andere mochten auch (6)

Tide - The missing web framework
Tide - The missing web frameworkTide - The missing web framework
Tide - The missing web framework
 
Voyage by example
Voyage by exampleVoyage by example
Voyage by example
 
Advanced Seaside
Advanced SeasideAdvanced Seaside
Advanced Seaside
 
MongoTalk/Voyage
MongoTalk/VoyageMongoTalk/Voyage
MongoTalk/Voyage
 
Why do *you* need a strong open-source Smalltalk!
Why do *you* need a strong open-source Smalltalk!Why do *you* need a strong open-source Smalltalk!
Why do *you* need a strong open-source Smalltalk!
 
Make It Better Together: コミュニティを主体としたLibreOffice翻訳 / : Community-centered Lib...
Make It Better Together: コミュニティを主体としたLibreOffice翻訳 / : Community-centered Lib...Make It Better Together: コミュニティを主体としたLibreOffice翻訳 / : Community-centered Lib...
Make It Better Together: コミュニティを主体としたLibreOffice翻訳 / : Community-centered Lib...
 

Ähnlich wie Cryptography for Smalltalkers 2

Cryptography for Smalltalkers 2 - ESUG 2006
Cryptography for Smalltalkers 2 - ESUG 2006Cryptography for Smalltalkers 2 - ESUG 2006
Cryptography for Smalltalkers 2 - ESUG 2006Martin Kobetic
 
Cryptography and SSL in Smalltalk - StS 2003
Cryptography and SSL in Smalltalk - StS 2003Cryptography and SSL in Smalltalk - StS 2003
Cryptography and SSL in Smalltalk - StS 2003Martin Kobetic
 
introduction to cryptography
introduction to cryptographyintroduction to cryptography
introduction to cryptographyPriyamvada Singh
 
introduction to cryptography (basics of it)
introduction to cryptography (basics of it)introduction to cryptography (basics of it)
introduction to cryptography (basics of it)neonaveen
 
Everything I always wanted to know about crypto, but never thought I'd unders...
Everything I always wanted to know about crypto, but never thought I'd unders...Everything I always wanted to know about crypto, but never thought I'd unders...
Everything I always wanted to know about crypto, but never thought I'd unders...Codemotion
 
TLS/SSL Internet Security Talk
TLS/SSL Internet Security TalkTLS/SSL Internet Security Talk
TLS/SSL Internet Security TalkNisheed KM
 

Ähnlich wie Cryptography for Smalltalkers 2 (20)

Cryptography for Smalltalkers 2 - ESUG 2006
Cryptography for Smalltalkers 2 - ESUG 2006Cryptography for Smalltalkers 2 - ESUG 2006
Cryptography for Smalltalkers 2 - ESUG 2006
 
Cryptography and SSL in Smalltalk - StS 2003
Cryptography and SSL in Smalltalk - StS 2003Cryptography and SSL in Smalltalk - StS 2003
Cryptography and SSL in Smalltalk - StS 2003
 
introduction to cryptography
introduction to cryptographyintroduction to cryptography
introduction to cryptography
 
crypto1.ppt
crypto1.pptcrypto1.ppt
crypto1.ppt
 
needed.ppt
needed.pptneeded.ppt
needed.ppt
 
introduction to cryptography (basics of it)
introduction to cryptography (basics of it)introduction to cryptography (basics of it)
introduction to cryptography (basics of it)
 
crypto.ppt
crypto.pptcrypto.ppt
crypto.ppt
 
6.hash mac
6.hash mac6.hash mac
6.hash mac
 
Django cryptography
Django cryptographyDjango cryptography
Django cryptography
 
Everything I always wanted to know about crypto, but never thought I'd unders...
Everything I always wanted to know about crypto, but never thought I'd unders...Everything I always wanted to know about crypto, but never thought I'd unders...
Everything I always wanted to know about crypto, but never thought I'd unders...
 
Python Cryptography & Security
Python Cryptography & SecurityPython Cryptography & Security
Python Cryptography & Security
 
TLS/SSL Internet Security Talk
TLS/SSL Internet Security TalkTLS/SSL Internet Security Talk
TLS/SSL Internet Security Talk
 
Hashfunction
HashfunctionHashfunction
Hashfunction
 
Hashfunction
HashfunctionHashfunction
Hashfunction
 
Hashfunction
HashfunctionHashfunction
Hashfunction
 
Hash function
Hash functionHash function
Hash function
 
Hashfunction
HashfunctionHashfunction
Hashfunction
 
Hashfunction
HashfunctionHashfunction
Hashfunction
 
Hashfunction
HashfunctionHashfunction
Hashfunction
 
Ch12
Ch12Ch12
Ch12
 

Mehr von ESUG

Workshop: Identifying concept inventories in agile programming
Workshop: Identifying concept inventories in agile programmingWorkshop: Identifying concept inventories in agile programming
Workshop: Identifying concept inventories in agile programmingESUG
 
Technical documentation support in Pharo
Technical documentation support in PharoTechnical documentation support in Pharo
Technical documentation support in PharoESUG
 
The Pharo Debugger and Debugging tools: Advances and Roadmap
The Pharo Debugger and Debugging tools: Advances and RoadmapThe Pharo Debugger and Debugging tools: Advances and Roadmap
The Pharo Debugger and Debugging tools: Advances and RoadmapESUG
 
Sequence: Pipeline modelling in Pharo
Sequence: Pipeline modelling in PharoSequence: Pipeline modelling in Pharo
Sequence: Pipeline modelling in PharoESUG
 
Migration process from monolithic to micro frontend architecture in mobile ap...
Migration process from monolithic to micro frontend architecture in mobile ap...Migration process from monolithic to micro frontend architecture in mobile ap...
Migration process from monolithic to micro frontend architecture in mobile ap...ESUG
 
Analyzing Dart Language with Pharo: Report and early results
Analyzing Dart Language with Pharo: Report and early resultsAnalyzing Dart Language with Pharo: Report and early results
Analyzing Dart Language with Pharo: Report and early resultsESUG
 
Transpiling Pharo Classes to JS ECMAScript 5 versus ECMAScript 6
Transpiling Pharo Classes to JS ECMAScript 5 versus ECMAScript 6Transpiling Pharo Classes to JS ECMAScript 5 versus ECMAScript 6
Transpiling Pharo Classes to JS ECMAScript 5 versus ECMAScript 6ESUG
 
A Unit Test Metamodel for Test Generation
A Unit Test Metamodel for Test GenerationA Unit Test Metamodel for Test Generation
A Unit Test Metamodel for Test GenerationESUG
 
Creating Unit Tests Using Genetic Programming
Creating Unit Tests Using Genetic ProgrammingCreating Unit Tests Using Genetic Programming
Creating Unit Tests Using Genetic ProgrammingESUG
 
Threaded-Execution and CPS Provide Smooth Switching Between Execution Modes
Threaded-Execution and CPS Provide Smooth Switching Between Execution ModesThreaded-Execution and CPS Provide Smooth Switching Between Execution Modes
Threaded-Execution and CPS Provide Smooth Switching Between Execution ModesESUG
 
Exploring GitHub Actions through EGAD: An Experience Report
Exploring GitHub Actions through EGAD: An Experience ReportExploring GitHub Actions through EGAD: An Experience Report
Exploring GitHub Actions through EGAD: An Experience ReportESUG
 
Pharo: a reflective language A first systematic analysis of reflective APIs
Pharo: a reflective language A first systematic analysis of reflective APIsPharo: a reflective language A first systematic analysis of reflective APIs
Pharo: a reflective language A first systematic analysis of reflective APIsESUG
 
Garbage Collector Tuning
Garbage Collector TuningGarbage Collector Tuning
Garbage Collector TuningESUG
 
Improving Performance Through Object Lifetime Profiling: the DataFrame Case
Improving Performance Through Object Lifetime Profiling: the DataFrame CaseImproving Performance Through Object Lifetime Profiling: the DataFrame Case
Improving Performance Through Object Lifetime Profiling: the DataFrame CaseESUG
 
Pharo DataFrame: Past, Present, and Future
Pharo DataFrame: Past, Present, and FuturePharo DataFrame: Past, Present, and Future
Pharo DataFrame: Past, Present, and FutureESUG
 
thisContext in the Debugger
thisContext in the DebuggerthisContext in the Debugger
thisContext in the DebuggerESUG
 
Websockets for Fencing Score
Websockets for Fencing ScoreWebsockets for Fencing Score
Websockets for Fencing ScoreESUG
 
ShowUs: PharoJS.org Develop in Pharo, Run on JavaScript
ShowUs: PharoJS.org Develop in Pharo, Run on JavaScriptShowUs: PharoJS.org Develop in Pharo, Run on JavaScript
ShowUs: PharoJS.org Develop in Pharo, Run on JavaScriptESUG
 
Advanced Object- Oriented Design Mooc
Advanced Object- Oriented Design MoocAdvanced Object- Oriented Design Mooc
Advanced Object- Oriented Design MoocESUG
 
A New Architecture Reconciling Refactorings and Transformations
A New Architecture Reconciling Refactorings and TransformationsA New Architecture Reconciling Refactorings and Transformations
A New Architecture Reconciling Refactorings and TransformationsESUG
 

Mehr von ESUG (20)

Workshop: Identifying concept inventories in agile programming
Workshop: Identifying concept inventories in agile programmingWorkshop: Identifying concept inventories in agile programming
Workshop: Identifying concept inventories in agile programming
 
Technical documentation support in Pharo
Technical documentation support in PharoTechnical documentation support in Pharo
Technical documentation support in Pharo
 
The Pharo Debugger and Debugging tools: Advances and Roadmap
The Pharo Debugger and Debugging tools: Advances and RoadmapThe Pharo Debugger and Debugging tools: Advances and Roadmap
The Pharo Debugger and Debugging tools: Advances and Roadmap
 
Sequence: Pipeline modelling in Pharo
Sequence: Pipeline modelling in PharoSequence: Pipeline modelling in Pharo
Sequence: Pipeline modelling in Pharo
 
Migration process from monolithic to micro frontend architecture in mobile ap...
Migration process from monolithic to micro frontend architecture in mobile ap...Migration process from monolithic to micro frontend architecture in mobile ap...
Migration process from monolithic to micro frontend architecture in mobile ap...
 
Analyzing Dart Language with Pharo: Report and early results
Analyzing Dart Language with Pharo: Report and early resultsAnalyzing Dart Language with Pharo: Report and early results
Analyzing Dart Language with Pharo: Report and early results
 
Transpiling Pharo Classes to JS ECMAScript 5 versus ECMAScript 6
Transpiling Pharo Classes to JS ECMAScript 5 versus ECMAScript 6Transpiling Pharo Classes to JS ECMAScript 5 versus ECMAScript 6
Transpiling Pharo Classes to JS ECMAScript 5 versus ECMAScript 6
 
A Unit Test Metamodel for Test Generation
A Unit Test Metamodel for Test GenerationA Unit Test Metamodel for Test Generation
A Unit Test Metamodel for Test Generation
 
Creating Unit Tests Using Genetic Programming
Creating Unit Tests Using Genetic ProgrammingCreating Unit Tests Using Genetic Programming
Creating Unit Tests Using Genetic Programming
 
Threaded-Execution and CPS Provide Smooth Switching Between Execution Modes
Threaded-Execution and CPS Provide Smooth Switching Between Execution ModesThreaded-Execution and CPS Provide Smooth Switching Between Execution Modes
Threaded-Execution and CPS Provide Smooth Switching Between Execution Modes
 
Exploring GitHub Actions through EGAD: An Experience Report
Exploring GitHub Actions through EGAD: An Experience ReportExploring GitHub Actions through EGAD: An Experience Report
Exploring GitHub Actions through EGAD: An Experience Report
 
Pharo: a reflective language A first systematic analysis of reflective APIs
Pharo: a reflective language A first systematic analysis of reflective APIsPharo: a reflective language A first systematic analysis of reflective APIs
Pharo: a reflective language A first systematic analysis of reflective APIs
 
Garbage Collector Tuning
Garbage Collector TuningGarbage Collector Tuning
Garbage Collector Tuning
 
Improving Performance Through Object Lifetime Profiling: the DataFrame Case
Improving Performance Through Object Lifetime Profiling: the DataFrame CaseImproving Performance Through Object Lifetime Profiling: the DataFrame Case
Improving Performance Through Object Lifetime Profiling: the DataFrame Case
 
Pharo DataFrame: Past, Present, and Future
Pharo DataFrame: Past, Present, and FuturePharo DataFrame: Past, Present, and Future
Pharo DataFrame: Past, Present, and Future
 
thisContext in the Debugger
thisContext in the DebuggerthisContext in the Debugger
thisContext in the Debugger
 
Websockets for Fencing Score
Websockets for Fencing ScoreWebsockets for Fencing Score
Websockets for Fencing Score
 
ShowUs: PharoJS.org Develop in Pharo, Run on JavaScript
ShowUs: PharoJS.org Develop in Pharo, Run on JavaScriptShowUs: PharoJS.org Develop in Pharo, Run on JavaScript
ShowUs: PharoJS.org Develop in Pharo, Run on JavaScript
 
Advanced Object- Oriented Design Mooc
Advanced Object- Oriented Design MoocAdvanced Object- Oriented Design Mooc
Advanced Object- Oriented Design Mooc
 
A New Architecture Reconciling Refactorings and Transformations
A New Architecture Reconciling Refactorings and TransformationsA New Architecture Reconciling Refactorings and Transformations
A New Architecture Reconciling Refactorings and Transformations
 

Kürzlich hochgeladen

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024The Digital Insurer
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfOverkill Security
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 

Kürzlich hochgeladen (20)

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 

Cryptography for Smalltalkers 2

  • 1. Public Key CryptographyPublic Key Cryptography Martin Kobetic Cincom Smalltalk Development ESUG 2006
  • 2. Public Key Algorithms Encryption (RSA) Key Establishment (RSA, DH) Signing Hashes (SHA, MD5) MACs (HMAC, CBC-MAC) Digital Signatures (RSA, DSA)
  • 3. public and private key hard to compute private from the public sparse key space => much longer keys based on hard problems factoring, discrete logarithm much slower RSA, DSA, DH, ElGamal elliptic curves: ECDSA, ECDH,
  • 4. provides: confidentiality symmetric (secret) key ciphers same (secret) key => encrypt and decrypt DES, AES, RC4 asymmetric (public) key ciphers public key => encrypt private key => decrypt RSA,ElGammal
  • 5. RSA Security, PKCS #1 modulus n = product of 2 large primes p, q public: e = relatively prime to (p-1)(q-1) private: d = e-1 mod ((p-1)(q-1)) C = Pe mod n [ P < n ] P = Cd mod n small e => faster encryption
  • 6. keys := RSAKeyGenerator keySize: 512. alice := RSA new publicKey: keys publicKey. ctxt := alice encrypt: 'Hello World' asByteArray. ctxt asHexString bob := RSA new privateKey: keys privateKey. (bob decrypt: ctxt) asString
  • 7. keys := RSAKeyGenerator keySize: 512. alice := RSA new publicKey: keys publicKey. msg := 'Hello World' asByteArrayEncoding: # utf8. msg := alice encrypt: msg. bob := RSA new privateKey: keys privateKey. msg := bob decrypt: msg. msg asStringEncoding: # utf8
  • 8. public key too slow for bulk encryption public key => secure symmetric key symmetric key => bulk encryption key exchange (RSA) generate one-time symmetric key public key => encrypt the symmetric key key agreement (DH) parties cooperate to generate a shared secret
  • 9. key := DSSRandom default byteStream next: 40. msg := 'Hello World!' asByteArray. msg := (ARC4 key: key) encrypt: msg. alice := RSA new publicKey: keys publicKey. key := alice encrypt: key. bob := RSA new privateKey: keys privateKey. key := bob decrypt: key ((ARC4 key: key) decrypt: msg) asString.
  • 10. shared secret over unprotected channel http://www.ietf.org/rfc/rfc2631.txt modulus p: large prime (>=512b) order q: large prime (>=160b) generator g: order q mod p private x: random 1 < x < q - 1 public y: g^ x mod p public y : other party s y = g^ x (mod p) shared secret: y ^ x = y^ x (mod p)
  • 11. gen := DHParameterGenerator m: 160 l: 512. alice := DH p: gen p q: gen q g: gen g. ya := alice publicValue. bob := DH p: alice p q: alice q g: alice g. yb := bob publicValue. ss := bob sharedSecretUsing: ya ss = (alice sharedSecretUsing: yb)
  • 12. bob := DH newFrom: gen. yb := bob publicValue. alice := DH newFrom: gen. ya := alice publicValue. ss := (alice sharedSecretUsing: yb) asByteArray. msg := 'Hello World!' asByteArray. msg := (ARC4 key: ss) encrypt: msg. ss := (bob sharedSecretUsing: ya) asByteArray. ((ARC4 key: ss) decrypt: msg) asString.
  • 14. provides: data fingerprinting unlimited input size => fixed output size must be: one-way: h(m) => m collision resistant: m1,m2 => h(m1) = h(m2) MD2, MD4, MD5, SHA, RIPE-MD
  • 15. compression function: M = M1, M2, hi = f(Mi, hi-1) MD-strengthening: include message length (in the padding) doesn t completely prevent length extension
  • 16. http://www.ietf.org/rfc/rfc1321.txt (Ron Rivest) digest: 128-bits (16B) block: 512-bits (64B) padding: M | 10...0 | length (64bits) broken in 2004, avoid MD5!
  • 17. (MD5 hash: 'Hello' asByteArray) asHexString (MD5 hash: # [1 2 3 4 5] from: 2 to: 4) asHexString input := # [1 2 3 4 5 6 7 8 9] readStream. (MD5 hashNext: 3 from: input) asHexString (MD5 hashFrom: input) asHexString
  • 18. SHS - NIST FIPS PUB 180 digest: 160 bits (20B) block: 512 bits (64B) padding: M | 10...0 | length (64bits) FIPS 180-1: SHA-1 (1995) FIPS 180-2: SHA-256, 384, 512 (2002) SHA-1 broken in 2005!
  • 19. input := 'Hello World!' asByteArray readStream. sha := SHA new. sha updateWithNext: 5 from: input. sha digest asHexString. sha updateFrom: input. sha digest asHexString. input reset. (SHA256 hashFrom: input) asHexString.
  • 20. authentic, non-reusable, unalterable signing uses the private key message, key => signature verification uses the public key message, key, signature => true/false
  • 21. signing: hash the plaintext encode digest encrypt digest with private key verifying: decrypt digest with public key decode digest hash the plaintext compare the digests
  • 22. alice := RSA new privateKey: keys privateKey. msg := 'Hello World' asByteArray. sig := alice sign: msg. sig asHexString bob := RSA new publicKey: keys publicKey. bob verify: sig of: msg
  • 23. NIST FIPS PUB 186 p prime (modulus): (512 + k* 64 <= 1024) q prime factor of p 1 (160 bits) g > 1; g^ q mod p = 1 (g has order q mod p) x < q (private key) y = g^ x mod p (public key) FIPS 186-1 (1998): RSA(X9.31) FIPS 186-2 (2001): ECDSA(X9.62) FIPS 186-3 (?2006): bigger keys up to 15K bits
  • 24. keys := DSAKeyGenerator keySize: 512. alice := DSA new privateKey: keys privateKey. sig := alice sign: 'Hello World' asByteArray bob := DSA new publicKey: keys publicKey. bob verify: sig of: 'Hello World' asByteArray
  • 25. [1] Anderson: Security Engineering [2] Ferguson, Schneier: Practical Cryptography [3] Kahn: The Codebreakers [4] Menezes, van Oorschot, Vanstone: Handbook of Applied Cryptography [5] Schneier: Applied Cryptography