YoVDO

Cryptography Pitfalls

Offered By: LASCON via YouTube

Tags

LASCON Courses Cryptography Courses System Security Courses Hash Functions Courses

Course Description

Overview

Explore common cryptography pitfalls and learn effective techniques to enhance system security in this 46-minute conference talk from LASCON 2016. Discover why implementing cryptography and security measures often falls short, leading to vulnerabilities in seemingly secure systems. Examine outdated primitives and subtle flaws that compromise security. Gain insights into tools and methods for addressing these challenges. Delve into topics such as modern cryptography, random number generators, hash functions, ciphers, authentication, TLS, SSH trust models, and the impact of quantum computing on security. Learn to identify and avoid critical mistakes in areas like checksums, length extension attacks, cipher modes, and certificate chain verification. Understand the importance of proper SSL configuration and library choices. Equip yourself with knowledge to build truly secure systems and restore confidence in your cryptographic implementations.

Syllabus

Intro
Chicago
Braintree
Modern Cryptography
Random Number Generators
Debian
Sony Playstation
Hash Functions
checksum vs signature
length extension attacks
SHA256
Hash function
Ciphers
AES
ECB Mode
Authentication
TLS
Not verifying the certificate chain
Protocol dependent
misconfigured server settings
new toplevel domains
SSL configuration generator
Broken library
Verify connection
SSH trust model
What organizations do we trust
Quantum computers
Google
Stanford
Monosano
Questions
authenticating


Taught by

LASCON

Related Courses

Comparing WAF and RASP - Why?
LASCON via YouTube
API Security - Is it the New Application Attack Surface and How to Secure at Enterprise Scale
LASCON via YouTube
Privacy Impact Assessments - How Much Privacy Is Enough?
LASCON via YouTube
Your Frontier Defense - Understanding Web Application Firewalls
LASCON via YouTube
Doing This One Crazy Thing Will Change Your AppSec Program Forever
LASCON via YouTube