The Reality of Cryptographic Deployments on the Internet

Explore an invited talk by Nadia Heninger at Asiacrypt 2016 delving into the practical realities of cryptographic deployments on the internet. Gain insights into the challenges and vulnerabilities in current cryptographic implementations, focusing on Diffie-Hellman key exchange. Examine the impact of scanners, modular exponentiation, and the Chinese remainder theorem on security. Investigate prime standards, small subgroup confinement attacks, and countermeasures. Analyze crypto implementation flaws, US export controls, and their consequences, including the FREAK and Logjam attacks. Learn about the number field sieve algorithm and its implications for cryptographic security. Discuss NSA's role in cryptography, including revelations from Snowden documents and NSA's decryption requirements. Reflect on the broader implications for internet security, free speech, and maintaining an open internet while addressing cryptographic challenges.

Introduction
Reality on the Internet
Scanners
DiffieHellman
Bruce Schneier
What is DiffieHellman
Cody the Coder
Whats wrong with this
Modular exponentiation
Chinese remainder theorem
Who screwed it up
Countermeasures
Primes
Prime Standards
Lemmle
Small subgroup confinement attacks
Countermeasure
Are you good
Bad implementation behavior
Crypto implementation flaws
Policy makers
US export controls
Backwards compatibility
Freak attack
Logjam
Why it works
The number field sieve algorithm
How long does it take
Lessons
Policy
NSA
Diffie Hellman
Snowden Documents
NSA Passive Decryption
NSA Decryption Requirements
DiffieHellman Key Sizes
Poor Users
The Good
The Problem
Free Speech
Open Internet