SlideShare a Scribd company logo

Who’s right

R
Robert Dallas Gray

A presentation I gave as part of my studies on the Research Readings in Information Security course at Glasgow University, covering the recent scare over discovery of a vulnerability in online RSA keys.

TechnologyEducation
1 of 81
Download to read offline
Who’s Right? Recently-discovered Vulnerabilities in RSA Keys Robert Dallas Gray 1
The Problem ‣ 12 February 2012: ‘Ron was Wrong, Whit is Right’ 2
The Problem ‣ 12 February 2012: ‘Ron was Wrong, Whit is Right’ - A paper by Arjen K Lenstra et al 3
The Problem ‣ 12 February 2012: ‘Ron was Wrong, Whit is Right’ - A paper by Arjen K Lenstra et al - Found 0.2% of RSA keys ‘offered no security’ - Concluded that generating keys for ‘multiple secret’ cryptosystems is inherently riskier than for ‘single secret’ systems (e.g. ElGamal, DSA) 4
The Problem ‣ 12 February 2012: ‘Ron was Wrong, Whit is Right’ - A paper by Arjen K Lenstra et al - Found 0.2% of RSA keys ‘offered no security’ - Concluded that generating keys for ‘multiple secret’ cryptosystems is inherently riskier than for ‘single secret’ systems (e.g. ElGamal, DSA) 5
The Problem ‣ 12 February 2012: ‘Ron was Wrong, Whit is Right’ - A paper by Arjen K Lenstra et al - Found 0.2% of RSA keys ‘offered no security’ - Concluded that generating keys for ‘multiple secret’ cryptosystems is inherently riskier than for ‘single secret’ systems (e.g. ElGamal, DSA) 6
The Problem ‣ 12 February 2012: ‘Ron was Wrong, Whit is Right’ - A paper by Arjen K Lenstra et al - Found 0.2% of RSA keys ‘offered no security’ - Concluded that generating keys for ‘multiple secret’ cryptosystems is inherently riskier than for ‘single secret’ systems (e.g. ElGamal, DSA) 7
What is RSA? ‣ RSA is an algorithm for public key cryptography 8
What is RSA? ‣ RSA is an algorithm for public key cryptography ‣ First publicly described by Ron Rivest, Adi Shamir, Leonard Adleman, 1978 9
What is RSA? ‣ RSA is an algorithm for public key cryptography ‣ First publicly described by Ron Rivest, Adi Shamir, Leonard Adleman, 1978 ‣ Also the name of the security company founded by Rivest, Shamir and Adleman in 1982 10
What is RSA? ‣ RSA is an algorithm for public key cryptography ‣ First publicly described by Ron Rivest, Adi Shamir, Leonard Adleman, 1978 ‣ Also the name of the security company founded by Rivest, Shamir and Adleman in 1982 ‣ Acquired in 2006 for $2.1bn 11
Public Key Cryptography ‣ Each principal has two keys: - One public - One private 12
Public Key Cryptography ‣ Each principal has two keys: - One public - One private 13
Public Key Cryptography ‣ Each principal has two keys: - One public - One private ‣ Public key crypto can be used to: - Encrypt private conversations 14
Public Key Cryptography ‣ Each principal has two keys: - One public - One private ‣ Public key crypto can be used to: - Encrypt private conversations - Sign messages 15
Public Key Cryptography ‣ Each principal has two keys: - One public - One private ‣ Public key crypto can be used to: - Encrypt private conversations - Sign messages - Authenticate principals 16
Encryption ‣ Alice sends her public key to Bob Bob Alice 17
Encryption ‣ Alice sends her public key to Bob Bob Alice 18
Encryption ‣ Alice sends her public key to Bob ‣ Bob encrypts a message using Alice’s public key Hello Alice! a3e506b3aa1 Bob Alice 19
Encryption ‣ Alice sends her public key to Bob ‣ Bob encrypts a message using Alice’s public key ‣ Only Alice’s private key can decrypt the message Hello Alice! a3e506b3aa1 Bob Alice 20
Encryption ‣ Alice sends her public key to Bob ‣ Bob encrypts a message using Alice’s public key ‣ Only Alice’s private key can decrypt the message Hello Alice! a3e506b3aa1 a3e506b3aa1 Hello Alice! Bob Alice 21
Signing ‣ Alice sends a plaintext message to Bob Hello Bob! Bob Alice 22
Signing ‣ Alice sends a plaintext message to Bob - Plus a version of the message encrypted with her private key Hello Bob! b2e3f600d5 Hello Bob! Bob Alice 23
Signing ‣ Alice sends a plaintext message to Bob - Plus a version of the message encrypted with her private key ‣ Bob decrypts the ‘signature’ using Alice’s public key, verifying that it matches the plaintext message Hello Bob! Hello Bob! Hello Bob! Hello Bob! b2e3f600d5 b2e3f600d5 Hello Bob! Bob Alice 24
Signing ‣ Alice sends a plaintext message to Bob - Plus a version of the message encrypted with her private key ‣ Bob decrypts the ‘signature’ using Alice’s public key, verifying that it matches the plaintext message - He can be sure the message came from Alice Hello Bob! Hello Bob! Hello Bob! Hello Bob! b2e3f600d5 b2e3f600d5 Hello Bob! Bob Alice 25
Authentication ‣ Alice creates a certificate containing, e.g., her email address, and her public key Bob Alice 26
Authentication ‣ Alice creates a certificate containing, e.g., her email address, and her public key Bob Alice @ 27
Authentication ‣ Alice creates a certificate containing, e.g., her email address, and her public key - She has the certificate signed by a trusted authority (using the trusted authority’s private key) Bob Alice @ 28
Authentication ‣ Alice creates a certificate containing, e.g., her email address, and her public key - She has the certificate signed by a trusted authority (using the trusted authority’s private key) Bob Alice @ @ 29
Authentication ‣ Alice creates a certificate containing, e.g., her email address, and her public key - She has the certificate signed by a trusted authority (using the trusted authority’s private key) ‣ Bob can decrypt the certificate using the trusted authority’s public key Bob Alice @ @ 30
Authentication ‣ Alice creates a certificate containing, e.g., her email address, and her public key - She has the certificate signed by a trusted authority (using the trusted authority’s private key) ‣ Bob can decrypt the certificate using the trusted authority’s public key - He can be sure that the public key he retrieves belongs to Alice Bob Alice @ @ @ 31
Practical Uses ‣ Public Key Crypto is calculation-intensive - So it’s not generally used to encrypt full conversations 32
Practical Uses ‣ Public Key Crypto is calculation-intensive - So it’s not generally used to encrypt full conversations - It’s used for authentication 33
Practical Uses ‣ Public Key Crypto is calculation-intensive - So it’s not generally used to encrypt full conversations - It’s used for authentication - And to encrypt ‘handshake’ procedures – during which the encryption for the full conversation is negotiated between principals 34
Practical Uses ‣ Public Key Crypto is calculation-intensive - So it’s not generally used to encrypt full conversations - It’s used for authentication - And to encrypt ‘handshake’ procedures – during which the encryption for the full conversation is negotiated between principals - For example, to authenticate chip-and-pin cards - In this case the issuer is the trusted third party 35
Practical Uses ‣ TLS or SSL - Transport Layer Security (new) or Secure Sockets Layer 36
Practical Uses ‣ TLS or SSL - Transport Layer Security (new) or Secure Sockets Layer - Allows secure communication between applications 37
Practical Uses ‣ TLS or SSL - Transport Layer Security (new) or Secure Sockets Layer - Allows secure communication between applications - Typically a web browser (client) to a hosted application or server 38
Practical Uses ‣ TLS or SSL - Transport Layer Security (new) or Secure Sockets Layer - Allows secure communication between applications - Typically a web browser (client) to a hosted applications or server 39
Practical Uses ‣ TLS or SSL - Transport Layer Security (new) or Secure Sockets Layer - Allows secure communication between applications - Typically a web browser (client) to a hosted applications or server 40
Practical Uses ‣ TLS or SSL - Transport Layer Security (new) or Secure Sockets Layer - Allows secure communication between applications - Typically a web browser (client) to a hosted applications or server 41
How SSL/TLS Works ‣ Client is presented with a certificate, issued by a trusted authority - Certificate verifies site name, email address or DNS entry - Binds this to a public key ‣ Client can then be sure the given public key belongs to the intended server ‣ Client can use public key to encrypt negotiation of a shared key to encrypt session traffic 42
X.509 Certificate Certificate: Data: Version: 1 (0x0) Serial Number: 7829 (0x1e95) Signature Algorithm: md5WithRSAEncryption Issuer: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Server CA/emailAddress=server-certs@thawte.com Validity Not Before: Jul 9 16:04:02 1998 GMT Not After : Jul 9 16:04:02 1999 GMT Subject: C=US, ST=Maryland, L=Pasadena, O=Brent Baccala, OU=FreeSoft, CN=www.freesoft.org/emailAddress=baccala@freesoft.org Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): 00:b4:31:98:0a:c4:bc:62:c1:88:aa:dc:b0:c8:bb: 33:35:19:d5:0c:64:b9:3d:41:b2:96:fc:f3:31:e1: 66:36:d0:8e:56:12:44:ba:75:eb:e8:1c:9c:5b:66: 70:33:52:14:c9:ec:4f:91:51:70:39:de:53:85:17: 16:94:6e:ee:f4:d5:6f:d5:ca:b3:47:5e:1b:0c:7b: c5:cc:2b:6b:c1:90:c3:16:31:0d:bf:7a:c7:47:77: 8f:a0:21:c7:4c:d0:16:65:00:c1:0f:d7:b8:80:e3: d2:75:6b:c1:ea:9e:5c:5c:ea:7d:c1:a1:10:bc:b8: e8:35:1c:9e:27:52:7e:41:8f Exponent: 65537 (0x10001) Signature Algorithm: md5WithRSAEncryption 93:5f:8f:5f:c5:af:bf:0a:ab:a5:6d:fb:24:5f:b6:59:5d:9d: 92:2e:4a:1b:8b:ac:7d:99:17:5d:cd:19:f6:ad:ef:63:2f:92: ab:2f:4b:cf:0a:13:90:ee:2c:0e:43:03:be:f6:ea:8e:9c:67: d0:a2:40:03:f7:ef:6a:15:09:79:a9:46:ed:b7:16:1b:41:72: 0d:19:aa:ad:dd:9a:df:ab:97:50:65:f5:5e:85:a6:ef:19:d1: 5a:de:9d:ea:63:cd:cb:cc:6d:5d:01:85:b5:6d:c8:f3:d9:f7: 8f:0e:fc:ba:1f:34:e9:96:6e:6c:cf:f2:ef:9b:bf:de:b5:22: 68:9f 43
X.509 Certificate Certificate: Data: Version: 1 (0x0) Serial Number: 7829 (0x1e95) Signature Algorithm: md5WithRSAEncryption Issuer: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Server CA/emailAddress=server-certs@thawte.com Validity Not Before: Jul 9 16:04:02 1998 GMT Not After : Jul 9 16:04:02 1999 GMT Subject: C=US, ST=Maryland, L=Pasadena, O=Brent Baccala, OU=FreeSoft, CN=www.freesoft.org/emailAddress=baccala@freesoft.org Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): 00:b4:31:98:0a:c4:bc:62:c1:88:aa:dc:b0:c8:bb: 33:35:19:d5:0c:64:b9:3d:41:b2:96:fc:f3:31:e1: 66:36:d0:8e:56:12:44:ba:75:eb:e8:1c:9c:5b:66: 70:33:52:14:c9:ec:4f:91:51:70:39:de:53:85:17: 16:94:6e:ee:f4:d5:6f:d5:ca:b3:47:5e:1b:0c:7b: c5:cc:2b:6b:c1:90:c3:16:31:0d:bf:7a:c7:47:77: 8f:a0:21:c7:4c:d0:16:65:00:c1:0f:d7:b8:80:e3: d2:75:6b:c1:ea:9e:5c:5c:ea:7d:c1:a1:10:bc:b8: e8:35:1c:9e:27:52:7e:41:8f Exponent: 65537 (0x10001) Signature Algorithm: md5WithRSAEncryption 93:5f:8f:5f:c5:af:bf:0a:ab:a5:6d:fb:24:5f:b6:59:5d:9d: 92:2e:4a:1b:8b:ac:7d:99:17:5d:cd:19:f6:ad:ef:63:2f:92: ab:2f:4b:cf:0a:13:90:ee:2c:0e:43:03:be:f6:ea:8e:9c:67: d0:a2:40:03:f7:ef:6a:15:09:79:a9:46:ed:b7:16:1b:41:72: 0d:19:aa:ad:dd:9a:df:ab:97:50:65:f5:5e:85:a6:ef:19:d1: 5a:de:9d:ea:63:cd:cb:cc:6d:5d:01:85:b5:6d:c8:f3:d9:f7: 8f:0e:fc:ba:1f:34:e9:96:6e:6c:cf:f2:ef:9b:bf:de:b5:22: 68:9f 44
How does RSA work? ‣ Requirements for public key crypto: 45
How does RSA work? ‣ Requirements for public key crypto: - If a message is encrypted with one key, the other key must decrypt it 46
How does RSA work? ‣ Requirements for public key crypto: - If a message is encrypted with one key, the other key must decrypt it - The private key MUST NOT be discoverable from knowledge of the public key 47
Nuts and Bolts ‣ Alice chooses two large prime numbers p, q 48
Nuts and Bolts ‣ Alice chooses two large prime numbers p, q ‣ She creates the modulus for the public key by multiplying p by q: - n=p×q 49
Nuts and Bolts ‣ Alice chooses two large prime numbers p, q ‣ She creates the modulus for the public key by multiplying p by q: - n=p×q ‣ She applies a function to n to create a new number, k - The function is Euler’s Totient Function - It counts the number of positive integers <= n that are relatively prime to n - Relatively prime numbers share no common factors other than 1 50
Nuts and Bolts ‣ Alice chooses two large prime numbers p, q ‣ She creates the modulus for the public key by multiplying p by q: - n=p×q ‣ She applies a function to n to create a new number, k - The function is Euler’s Totient Function - It counts the number of positive integers <= n that are relatively prime to n - Relatively prime numbers share no common factors other than 1 ‣ She finds two numbers e, d such that e × d % k = 1 51
Nuts and Bolts ‣ Alice’s public key is composed of: n (the modulus) and e (the exponent) 52
Nuts and Bolts ‣ Alice’s public key is composed of: n (the modulus) and e (the exponent) ‣ Her private key is d 53
Nuts and Bolts ‣ Alice’s public key is composed of: n (the modulus) and e (the exponent) ‣ Her private key is d ‣ A message m can be encrypted by raising it to the power e and taking the result modulo n. - m_enc = me % n 54
Nuts and Bolts ‣ Alice’s public key is composed of: n (the modulus) and e (the exponent) ‣ Her private key is d ‣ A message m can be encrypted by raising it to the power e and taking the result modulo n. - m_enc = me % n ‣ It can be decrypted by raising it to the power d and taking the result modulo n. - m_dec = m_encd % n 55
Summary ‣ Both public and private keys depend on the two large primes p, q ‣ The security of RSA depends on the difficulty of recovering these two numbers once they have been multiplied together (factoring) ‣ If p and q can be found from a public key, the private key can be reconstructed and security is lost 56
‘Ron was Wrong, Whit is Right’ ‣ The researchers collected about 6.4m RSA public keys from the web - Sources: X.509 certificates, PGP keys 57
‘Ron was Wrong, Whit is Right’ ‣ The researchers collected about 6.4m RSA public keys from the web - Sources: X.509 certificates, PGP keys ‣ About 71,000 moduli occurred more than once - Some thousands of times 58
‘Ron was Wrong, Whit is Right’ ‣ The researchers collected about 6.4m RSA public keys from the web - Sources: X.509 certificates, PGP keys ‣ About 71,000 moduli occurred more than once - Some thousands of times ‣ About 13,000 moduli ‘offer no security’ - The private keys can be recovered by anyone who can replicate the researchers’ work 59
‘Ron was Wrong, Whit is Right’ ‣ The researchers collected about 6.4m RSA public keys from the web - Sources: X.509 certificates, PGP keys ‣ About 71,000 moduli occurred more than once - Some thousands of times ‣ About 13,000 moduli ‘offer no security’ - The private keys can be recovered by anyone who can replicate the researchers’ work ‣ The loss of security affects about 21,000 X.509 certificates and PGP keys - Of which about a quarter are probably still in use 60
Conclusion ‣ RSA ‘provides 99.8% security at best’ 61
How were the keys broken? ‣ Euclid’s algorithm - An efficient method of computing the greatest common divisor (gcd) of two numbers 62
How were the keys broken? ‣ Euclid’s algorithm - An efficient method of computing the greatest common divisor (gcd) of two numbers ‣ The researchers ran the algorithm on all pairs of moduli 63
How were the keys broken? ‣ Euclid’s algorithm - An efficient method of computing the greatest common divisor (gcd) of two numbers ‣ The researchers ran the algorithm on all pairs of moduli - The vulnerable moduli shared a common factor - Knowledge of that factor allowed calculation of the other prime factor 64
Nuts and Bolts ‣ n1 = p1 × q1 65
Nuts and Bolts ‣ n1 = p1 × q1 n2 = p2 × q2 66
Nuts and Bolts ‣ n1 = p1 × q1 n2 = p2 × q2 - Moduli n1 and n2 are each composed of two unknown prime numbers 67
Nuts and Bolts ‣ n1 = p1 × q1 n2 = p2 × q2 - Moduli n1 and n2 are each composed of two unknown prime numbers ‣ gcd(n1, n2) = p - If the greatest common divisor of n1 and n2 is > 1, we know p1 = p2 = p 68
Nuts and Bolts ‣ n1 = p1 × q1 n2 = p2 × q2 - Moduli n1 and n2 are each composed of two unknown prime numbers ‣ gcd(n1, n2) = p - If the greatest common divisor of n1 and n2 is > 1, we know p1 = p2 = p ‣ If we know p … 69
Nuts and Bolts ‣ n1 = p1 × q1 n2 = p2 × q2 - Moduli n1 and n2 are each composed of two unknown prime numbers ‣ gcd(n1, n2) = p - If the greatest common divisor of n1 and n2 is > 1, we know p1 = p2 = p ‣ If we know p … - We can calculate q1 AND q2 - We can now reconstruct the private keys for moduli n1 and n2 70
Conclusion, revisited ‣ The researchers claim that the use of ‘multiple secrets’ in RSA is a design problem - Because RSA needs two secret prime numbers, if factors are shared, all keys sharing a factor are vulnerable to factorisation ‣ Other systems only need one secret number - It is easier to choose one secure secret than to choose two - If two keys are shared, only those two are affected 71
Reactions ‣ Dan Kaminsky: - ‘Survey is good. Thesis is strange’ - The data is instructive, but demonstrates an implementation problem, not a design problem 72
Reactions ‣ Bruce Schneier: - ‘The cause of this is almost certainly a lousy random number generator’ - Design and testing of RNGs is hard - Could some RNGs have been deliberately compromised? 73
Reactions ‣ Lenstra et al claim ‘single-secret’ algorithms like Diffie-Hellman are more secure – ‘Whit is right’. - At the 2012 RSA Security Conference, Whit and Ron discussed the issue - Whit (Diffie) said the problem could be just ‘one random number generator’ and suggested ‘outing’ it - Ron (Rivest) conceded that he was ‘sometimes wrong’, but that there ‘wasn’t really much substance’ to the paper 74
Design vs Implementation ‣ Users of RSA need to ensure that random number generation is done properly - According to Schneier, RNG is ‘hard’ ‣ Other cryptosystems would also be affected by poor random number generation - But RSA may be more vulnerable owing to its ‘multiple secret’ design 75
Design vs Implementation ‣ Users of RSA need to ensure that random number generation is done properly - According to Schneier, RNG is ‘hard’ ‣ Other cryptosystems would also be affected by poor random number generation - But RSA may be more vulnerable owing to its ‘multiple secret’ design ‣ Can an implementation problem which allows users to render the system insecure be considered a design problem? 76
Epilogue ‣ February 15 2012: New research released 77
Epilogue ‣ February 15 2012: New research released ‣ Paper by Heninger, Durumeric, Wustrow Halderman is awaiting responses from concerned parties before publication ‣ Researchers were able to compromise 0.4% of harvested RSA keys 78
Epilogue ‣ February 15 2012: New research released ‣ Paper by Heninger, Durumeric, Wustrow Halderman is awaiting responses from concerned parties before publication ‣ Researchers were able to compromise 0.4% of harvested RSA keys ‣ But affected servers were almost all embedded devices – routers, firewalls, VPN devices, etc. - Keys would be used for internal IPSec or SSH 79
Epilogue ‣ Around 200,000 devices probably compromised – possibly whole classes of device - Keys are probably generated on device startup, introducing RNG issues (same seed used for many devices) ‣ The data surveyed is probably essentially the same as Lenstra et al’s - Secure web servers are probably not affected by the vulnerability 80
Who’s Right? ‣ Questions? 81

Recommended

Presentación1
Presentación1Presentación1
Presentación1giordanamica
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture CodeSkeleton Technologies
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024Neil Kimberley
 

Recommended

Presentación1
Presentación1Presentación1
Presentación1giordanamica
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture CodeSkeleton Technologies
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024Neil Kimberley
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)contently
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024Albert Qian
 

More Related Content

Recently uploaded

Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 

Recently uploaded (20)

Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 

Featured

Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)contently
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024Albert Qian
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsKurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summarySpeakerHub
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next Tessa Mero
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentLily Ray
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesVit Horky
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project managementMindGenius
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...RachelPearson36
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Applitools
 
12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at WorkGetSmarter
 
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...DevGAMM Conference
 
Barbie - Brand Strategy Presentation
Barbie - Brand Strategy PresentationBarbie - Brand Strategy Presentation
Barbie - Brand Strategy PresentationErica Santiago
 
Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them well
Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them wellGood Stuff Happens in 1:1 Meetings: Why you need them and how to do them well
Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them wellSaba Software
 

Featured (20)

Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
 
12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work
 
ChatGPT webinar slides
ChatGPT webinar slidesChatGPT webinar slides
ChatGPT webinar slides
 
More than Just Lines on a Map: Best Practices for U.S Bike Routes
More than Just Lines on a Map: Best Practices for U.S Bike RoutesMore than Just Lines on a Map: Best Practices for U.S Bike Routes
More than Just Lines on a Map: Best Practices for U.S Bike Routes
 
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
 
Barbie - Brand Strategy Presentation
Barbie - Brand Strategy PresentationBarbie - Brand Strategy Presentation
Barbie - Brand Strategy Presentation
 
Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them well
Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them wellGood Stuff Happens in 1:1 Meetings: Why you need them and how to do them well
Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them well
 

Who’s right

  • 1. Who’s Right? Recently-discovered Vulnerabilities in RSA Keys Robert Dallas Gray 1
  • 2. The Problem ‣ 12 February 2012: ‘Ron was Wrong, Whit is Right’ 2
  • 3. The Problem ‣ 12 February 2012: ‘Ron was Wrong, Whit is Right’ - A paper by Arjen K Lenstra et al 3
  • 4. The Problem ‣ 12 February 2012: ‘Ron was Wrong, Whit is Right’ - A paper by Arjen K Lenstra et al - Found 0.2% of RSA keys ‘offered no security’ - Concluded that generating keys for ‘multiple secret’ cryptosystems is inherently riskier than for ‘single secret’ systems (e.g. ElGamal, DSA) 4
  • 5. The Problem ‣ 12 February 2012: ‘Ron was Wrong, Whit is Right’ - A paper by Arjen K Lenstra et al - Found 0.2% of RSA keys ‘offered no security’ - Concluded that generating keys for ‘multiple secret’ cryptosystems is inherently riskier than for ‘single secret’ systems (e.g. ElGamal, DSA) 5
  • 6. The Problem ‣ 12 February 2012: ‘Ron was Wrong, Whit is Right’ - A paper by Arjen K Lenstra et al - Found 0.2% of RSA keys ‘offered no security’ - Concluded that generating keys for ‘multiple secret’ cryptosystems is inherently riskier than for ‘single secret’ systems (e.g. ElGamal, DSA) 6
  • 7. The Problem ‣ 12 February 2012: ‘Ron was Wrong, Whit is Right’ - A paper by Arjen K Lenstra et al - Found 0.2% of RSA keys ‘offered no security’ - Concluded that generating keys for ‘multiple secret’ cryptosystems is inherently riskier than for ‘single secret’ systems (e.g. ElGamal, DSA) 7
  • 8. What is RSA? ‣ RSA is an algorithm for public key cryptography 8
  • 9. What is RSA? ‣ RSA is an algorithm for public key cryptography ‣ First publicly described by Ron Rivest, Adi Shamir, Leonard Adleman, 1978 9
  • 10. What is RSA? ‣ RSA is an algorithm for public key cryptography ‣ First publicly described by Ron Rivest, Adi Shamir, Leonard Adleman, 1978 ‣ Also the name of the security company founded by Rivest, Shamir and Adleman in 1982 10
  • 11. What is RSA? ‣ RSA is an algorithm for public key cryptography ‣ First publicly described by Ron Rivest, Adi Shamir, Leonard Adleman, 1978 ‣ Also the name of the security company founded by Rivest, Shamir and Adleman in 1982 ‣ Acquired in 2006 for $2.1bn 11
  • 12. Public Key Cryptography ‣ Each principal has two keys: - One public - One private 12
  • 13. Public Key Cryptography ‣ Each principal has two keys: - One public - One private 13
  • 14. Public Key Cryptography ‣ Each principal has two keys: - One public - One private ‣ Public key crypto can be used to: - Encrypt private conversations 14
  • 15. Public Key Cryptography ‣ Each principal has two keys: - One public - One private ‣ Public key crypto can be used to: - Encrypt private conversations - Sign messages 15
  • 16. Public Key Cryptography ‣ Each principal has two keys: - One public - One private ‣ Public key crypto can be used to: - Encrypt private conversations - Sign messages - Authenticate principals 16
  • 17. Encryption ‣ Alice sends her public key to Bob Bob Alice 17
  • 18. Encryption ‣ Alice sends her public key to Bob Bob Alice 18
  • 19. Encryption ‣ Alice sends her public key to Bob ‣ Bob encrypts a message using Alice’s public key Hello Alice! a3e506b3aa1 Bob Alice 19
  • 20. Encryption ‣ Alice sends her public key to Bob ‣ Bob encrypts a message using Alice’s public key ‣ Only Alice’s private key can decrypt the message Hello Alice! a3e506b3aa1 Bob Alice 20
  • 21. Encryption ‣ Alice sends her public key to Bob ‣ Bob encrypts a message using Alice’s public key ‣ Only Alice’s private key can decrypt the message Hello Alice! a3e506b3aa1 a3e506b3aa1 Hello Alice! Bob Alice 21
  • 22. Signing ‣ Alice sends a plaintext message to Bob Hello Bob! Bob Alice 22
  • 23. Signing ‣ Alice sends a plaintext message to Bob - Plus a version of the message encrypted with her private key Hello Bob! b2e3f600d5 Hello Bob! Bob Alice 23
  • 24. Signing ‣ Alice sends a plaintext message to Bob - Plus a version of the message encrypted with her private key ‣ Bob decrypts the ‘signature’ using Alice’s public key, verifying that it matches the plaintext message Hello Bob! Hello Bob! Hello Bob! Hello Bob! b2e3f600d5 b2e3f600d5 Hello Bob! Bob Alice 24
  • 25. Signing ‣ Alice sends a plaintext message to Bob - Plus a version of the message encrypted with her private key ‣ Bob decrypts the ‘signature’ using Alice’s public key, verifying that it matches the plaintext message - He can be sure the message came from Alice Hello Bob! Hello Bob! Hello Bob! Hello Bob! b2e3f600d5 b2e3f600d5 Hello Bob! Bob Alice 25
  • 26. Authentication ‣ Alice creates a certificate containing, e.g., her email address, and her public key Bob Alice 26
  • 27. Authentication ‣ Alice creates a certificate containing, e.g., her email address, and her public key Bob Alice @ 27
  • 28. Authentication ‣ Alice creates a certificate containing, e.g., her email address, and her public key - She has the certificate signed by a trusted authority (using the trusted authority’s private key) Bob Alice @ 28
  • 29. Authentication ‣ Alice creates a certificate containing, e.g., her email address, and her public key - She has the certificate signed by a trusted authority (using the trusted authority’s private key) Bob Alice @ @ 29
  • 30. Authentication ‣ Alice creates a certificate containing, e.g., her email address, and her public key - She has the certificate signed by a trusted authority (using the trusted authority’s private key) ‣ Bob can decrypt the certificate using the trusted authority’s public key Bob Alice @ @ 30
  • 31. Authentication ‣ Alice creates a certificate containing, e.g., her email address, and her public key - She has the certificate signed by a trusted authority (using the trusted authority’s private key) ‣ Bob can decrypt the certificate using the trusted authority’s public key - He can be sure that the public key he retrieves belongs to Alice Bob Alice @ @ @ 31
  • 32. Practical Uses ‣ Public Key Crypto is calculation-intensive - So it’s not generally used to encrypt full conversations 32
  • 33. Practical Uses ‣ Public Key Crypto is calculation-intensive - So it’s not generally used to encrypt full conversations - It’s used for authentication 33
  • 34. Practical Uses ‣ Public Key Crypto is calculation-intensive - So it’s not generally used to encrypt full conversations - It’s used for authentication - And to encrypt ‘handshake’ procedures – during which the encryption for the full conversation is negotiated between principals 34
  • 35. Practical Uses ‣ Public Key Crypto is calculation-intensive - So it’s not generally used to encrypt full conversations - It’s used for authentication - And to encrypt ‘handshake’ procedures – during which the encryption for the full conversation is negotiated between principals - For example, to authenticate chip-and-pin cards - In this case the issuer is the trusted third party 35
  • 36. Practical Uses ‣ TLS or SSL - Transport Layer Security (new) or Secure Sockets Layer 36
  • 37. Practical Uses ‣ TLS or SSL - Transport Layer Security (new) or Secure Sockets Layer - Allows secure communication between applications 37
  • 38. Practical Uses ‣ TLS or SSL - Transport Layer Security (new) or Secure Sockets Layer - Allows secure communication between applications - Typically a web browser (client) to a hosted application or server 38
  • 39. Practical Uses ‣ TLS or SSL - Transport Layer Security (new) or Secure Sockets Layer - Allows secure communication between applications - Typically a web browser (client) to a hosted applications or server 39
  • 40. Practical Uses ‣ TLS or SSL - Transport Layer Security (new) or Secure Sockets Layer - Allows secure communication between applications - Typically a web browser (client) to a hosted applications or server 40
  • 41. Practical Uses ‣ TLS or SSL - Transport Layer Security (new) or Secure Sockets Layer - Allows secure communication between applications - Typically a web browser (client) to a hosted applications or server 41
  • 42. How SSL/TLS Works ‣ Client is presented with a certificate, issued by a trusted authority - Certificate verifies site name, email address or DNS entry - Binds this to a public key ‣ Client can then be sure the given public key belongs to the intended server ‣ Client can use public key to encrypt negotiation of a shared key to encrypt session traffic 42
  • 43. X.509 Certificate Certificate: Data: Version: 1 (0x0) Serial Number: 7829 (0x1e95) Signature Algorithm: md5WithRSAEncryption Issuer: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Server CA/emailAddress=server-certs@thawte.com Validity Not Before: Jul 9 16:04:02 1998 GMT Not After : Jul 9 16:04:02 1999 GMT Subject: C=US, ST=Maryland, L=Pasadena, O=Brent Baccala, OU=FreeSoft, CN=www.freesoft.org/emailAddress=baccala@freesoft.org Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): 00:b4:31:98:0a:c4:bc:62:c1:88:aa:dc:b0:c8:bb: 33:35:19:d5:0c:64:b9:3d:41:b2:96:fc:f3:31:e1: 66:36:d0:8e:56:12:44:ba:75:eb:e8:1c:9c:5b:66: 70:33:52:14:c9:ec:4f:91:51:70:39:de:53:85:17: 16:94:6e:ee:f4:d5:6f:d5:ca:b3:47:5e:1b:0c:7b: c5:cc:2b:6b:c1:90:c3:16:31:0d:bf:7a:c7:47:77: 8f:a0:21:c7:4c:d0:16:65:00:c1:0f:d7:b8:80:e3: d2:75:6b:c1:ea:9e:5c:5c:ea:7d:c1:a1:10:bc:b8: e8:35:1c:9e:27:52:7e:41:8f Exponent: 65537 (0x10001) Signature Algorithm: md5WithRSAEncryption 93:5f:8f:5f:c5:af:bf:0a:ab:a5:6d:fb:24:5f:b6:59:5d:9d: 92:2e:4a:1b:8b:ac:7d:99:17:5d:cd:19:f6:ad:ef:63:2f:92: ab:2f:4b:cf:0a:13:90:ee:2c:0e:43:03:be:f6:ea:8e:9c:67: d0:a2:40:03:f7:ef:6a:15:09:79:a9:46:ed:b7:16:1b:41:72: 0d:19:aa:ad:dd:9a:df:ab:97:50:65:f5:5e:85:a6:ef:19:d1: 5a:de:9d:ea:63:cd:cb:cc:6d:5d:01:85:b5:6d:c8:f3:d9:f7: 8f:0e:fc:ba:1f:34:e9:96:6e:6c:cf:f2:ef:9b:bf:de:b5:22: 68:9f 43
  • 44. X.509 Certificate Certificate: Data: Version: 1 (0x0) Serial Number: 7829 (0x1e95) Signature Algorithm: md5WithRSAEncryption Issuer: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Server CA/emailAddress=server-certs@thawte.com Validity Not Before: Jul 9 16:04:02 1998 GMT Not After : Jul 9 16:04:02 1999 GMT Subject: C=US, ST=Maryland, L=Pasadena, O=Brent Baccala, OU=FreeSoft, CN=www.freesoft.org/emailAddress=baccala@freesoft.org Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): 00:b4:31:98:0a:c4:bc:62:c1:88:aa:dc:b0:c8:bb: 33:35:19:d5:0c:64:b9:3d:41:b2:96:fc:f3:31:e1: 66:36:d0:8e:56:12:44:ba:75:eb:e8:1c:9c:5b:66: 70:33:52:14:c9:ec:4f:91:51:70:39:de:53:85:17: 16:94:6e:ee:f4:d5:6f:d5:ca:b3:47:5e:1b:0c:7b: c5:cc:2b:6b:c1:90:c3:16:31:0d:bf:7a:c7:47:77: 8f:a0:21:c7:4c:d0:16:65:00:c1:0f:d7:b8:80:e3: d2:75:6b:c1:ea:9e:5c:5c:ea:7d:c1:a1:10:bc:b8: e8:35:1c:9e:27:52:7e:41:8f Exponent: 65537 (0x10001) Signature Algorithm: md5WithRSAEncryption 93:5f:8f:5f:c5:af:bf:0a:ab:a5:6d:fb:24:5f:b6:59:5d:9d: 92:2e:4a:1b:8b:ac:7d:99:17:5d:cd:19:f6:ad:ef:63:2f:92: ab:2f:4b:cf:0a:13:90:ee:2c:0e:43:03:be:f6:ea:8e:9c:67: d0:a2:40:03:f7:ef:6a:15:09:79:a9:46:ed:b7:16:1b:41:72: 0d:19:aa:ad:dd:9a:df:ab:97:50:65:f5:5e:85:a6:ef:19:d1: 5a:de:9d:ea:63:cd:cb:cc:6d:5d:01:85:b5:6d:c8:f3:d9:f7: 8f:0e:fc:ba:1f:34:e9:96:6e:6c:cf:f2:ef:9b:bf:de:b5:22: 68:9f 44
  • 45. How does RSA work? ‣ Requirements for public key crypto: 45
  • 46. How does RSA work? ‣ Requirements for public key crypto: - If a message is encrypted with one key, the other key must decrypt it 46
  • 47. How does RSA work? ‣ Requirements for public key crypto: - If a message is encrypted with one key, the other key must decrypt it - The private key MUST NOT be discoverable from knowledge of the public key 47
  • 48. Nuts and Bolts ‣ Alice chooses two large prime numbers p, q 48
  • 49. Nuts and Bolts ‣ Alice chooses two large prime numbers p, q ‣ She creates the modulus for the public key by multiplying p by q: - n=p×q 49
  • 50. Nuts and Bolts ‣ Alice chooses two large prime numbers p, q ‣ She creates the modulus for the public key by multiplying p by q: - n=p×q ‣ She applies a function to n to create a new number, k - The function is Euler’s Totient Function - It counts the number of positive integers <= n that are relatively prime to n - Relatively prime numbers share no common factors other than 1 50
  • 51. Nuts and Bolts ‣ Alice chooses two large prime numbers p, q ‣ She creates the modulus for the public key by multiplying p by q: - n=p×q ‣ She applies a function to n to create a new number, k - The function is Euler’s Totient Function - It counts the number of positive integers <= n that are relatively prime to n - Relatively prime numbers share no common factors other than 1 ‣ She finds two numbers e, d such that e × d % k = 1 51
  • 52. Nuts and Bolts ‣ Alice’s public key is composed of: n (the modulus) and e (the exponent) 52
  • 53. Nuts and Bolts ‣ Alice’s public key is composed of: n (the modulus) and e (the exponent) ‣ Her private key is d 53
  • 54. Nuts and Bolts ‣ Alice’s public key is composed of: n (the modulus) and e (the exponent) ‣ Her private key is d ‣ A message m can be encrypted by raising it to the power e and taking the result modulo n. - m_enc = me % n 54
  • 55. Nuts and Bolts ‣ Alice’s public key is composed of: n (the modulus) and e (the exponent) ‣ Her private key is d ‣ A message m can be encrypted by raising it to the power e and taking the result modulo n. - m_enc = me % n ‣ It can be decrypted by raising it to the power d and taking the result modulo n. - m_dec = m_encd % n 55
  • 56. Summary ‣ Both public and private keys depend on the two large primes p, q ‣ The security of RSA depends on the difficulty of recovering these two numbers once they have been multiplied together (factoring) ‣ If p and q can be found from a public key, the private key can be reconstructed and security is lost 56
  • 57. ‘Ron was Wrong, Whit is Right’ ‣ The researchers collected about 6.4m RSA public keys from the web - Sources: X.509 certificates, PGP keys 57
  • 58. ‘Ron was Wrong, Whit is Right’ ‣ The researchers collected about 6.4m RSA public keys from the web - Sources: X.509 certificates, PGP keys ‣ About 71,000 moduli occurred more than once - Some thousands of times 58
  • 59. ‘Ron was Wrong, Whit is Right’ ‣ The researchers collected about 6.4m RSA public keys from the web - Sources: X.509 certificates, PGP keys ‣ About 71,000 moduli occurred more than once - Some thousands of times ‣ About 13,000 moduli ‘offer no security’ - The private keys can be recovered by anyone who can replicate the researchers’ work 59
  • 60. ‘Ron was Wrong, Whit is Right’ ‣ The researchers collected about 6.4m RSA public keys from the web - Sources: X.509 certificates, PGP keys ‣ About 71,000 moduli occurred more than once - Some thousands of times ‣ About 13,000 moduli ‘offer no security’ - The private keys can be recovered by anyone who can replicate the researchers’ work ‣ The loss of security affects about 21,000 X.509 certificates and PGP keys - Of which about a quarter are probably still in use 60
  • 61. Conclusion ‣ RSA ‘provides 99.8% security at best’ 61
  • 62. How were the keys broken? ‣ Euclid’s algorithm - An efficient method of computing the greatest common divisor (gcd) of two numbers 62
  • 63. How were the keys broken? ‣ Euclid’s algorithm - An efficient method of computing the greatest common divisor (gcd) of two numbers ‣ The researchers ran the algorithm on all pairs of moduli 63
  • 64. How were the keys broken? ‣ Euclid’s algorithm - An efficient method of computing the greatest common divisor (gcd) of two numbers ‣ The researchers ran the algorithm on all pairs of moduli - The vulnerable moduli shared a common factor - Knowledge of that factor allowed calculation of the other prime factor 64
  • 65. Nuts and Bolts ‣ n1 = p1 × q1 65
  • 66. Nuts and Bolts ‣ n1 = p1 × q1 n2 = p2 × q2 66
  • 67. Nuts and Bolts ‣ n1 = p1 × q1 n2 = p2 × q2 - Moduli n1 and n2 are each composed of two unknown prime numbers 67
  • 68. Nuts and Bolts ‣ n1 = p1 × q1 n2 = p2 × q2 - Moduli n1 and n2 are each composed of two unknown prime numbers ‣ gcd(n1, n2) = p - If the greatest common divisor of n1 and n2 is > 1, we know p1 = p2 = p 68
  • 69. Nuts and Bolts ‣ n1 = p1 × q1 n2 = p2 × q2 - Moduli n1 and n2 are each composed of two unknown prime numbers ‣ gcd(n1, n2) = p - If the greatest common divisor of n1 and n2 is > 1, we know p1 = p2 = p ‣ If we know p … 69
  • 70. Nuts and Bolts ‣ n1 = p1 × q1 n2 = p2 × q2 - Moduli n1 and n2 are each composed of two unknown prime numbers ‣ gcd(n1, n2) = p - If the greatest common divisor of n1 and n2 is > 1, we know p1 = p2 = p ‣ If we know p … - We can calculate q1 AND q2 - We can now reconstruct the private keys for moduli n1 and n2 70
  • 71. Conclusion, revisited ‣ The researchers claim that the use of ‘multiple secrets’ in RSA is a design problem - Because RSA needs two secret prime numbers, if factors are shared, all keys sharing a factor are vulnerable to factorisation ‣ Other systems only need one secret number - It is easier to choose one secure secret than to choose two - If two keys are shared, only those two are affected 71
  • 72. Reactions ‣ Dan Kaminsky: - ‘Survey is good. Thesis is strange’ - The data is instructive, but demonstrates an implementation problem, not a design problem 72
  • 73. Reactions ‣ Bruce Schneier: - ‘The cause of this is almost certainly a lousy random number generator’ - Design and testing of RNGs is hard - Could some RNGs have been deliberately compromised? 73
  • 74. Reactions ‣ Lenstra et al claim ‘single-secret’ algorithms like Diffie-Hellman are more secure – ‘Whit is right’. - At the 2012 RSA Security Conference, Whit and Ron discussed the issue - Whit (Diffie) said the problem could be just ‘one random number generator’ and suggested ‘outing’ it - Ron (Rivest) conceded that he was ‘sometimes wrong’, but that there ‘wasn’t really much substance’ to the paper 74
  • 75. Design vs Implementation ‣ Users of RSA need to ensure that random number generation is done properly - According to Schneier, RNG is ‘hard’ ‣ Other cryptosystems would also be affected by poor random number generation - But RSA may be more vulnerable owing to its ‘multiple secret’ design 75
  • 76. Design vs Implementation ‣ Users of RSA need to ensure that random number generation is done properly - According to Schneier, RNG is ‘hard’ ‣ Other cryptosystems would also be affected by poor random number generation - But RSA may be more vulnerable owing to its ‘multiple secret’ design ‣ Can an implementation problem which allows users to render the system insecure be considered a design problem? 76
  • 77. Epilogue ‣ February 15 2012: New research released 77
  • 78. Epilogue ‣ February 15 2012: New research released ‣ Paper by Heninger, Durumeric, Wustrow Halderman is awaiting responses from concerned parties before publication ‣ Researchers were able to compromise 0.4% of harvested RSA keys 78
  • 79. Epilogue ‣ February 15 2012: New research released ‣ Paper by Heninger, Durumeric, Wustrow Halderman is awaiting responses from concerned parties before publication ‣ Researchers were able to compromise 0.4% of harvested RSA keys ‣ But affected servers were almost all embedded devices – routers, firewalls, VPN devices, etc. - Keys would be used for internal IPSec or SSH 79
  • 80. Epilogue ‣ Around 200,000 devices probably compromised – possibly whole classes of device - Keys are probably generated on device startup, introducing RNG issues (same seed used for many devices) ‣ The data surveyed is probably essentially the same as Lenstra et al’s - Secure web servers are probably not affected by the vulnerability 80