Understanding and Managing Entropy Usage
Offered By: Black Hat via YouTube
Course Description
Overview
Explore the critical role of entropy in modern cryptography and IT systems in this 56-minute Black Hat conference talk. Delve into the importance of cryptographically strong random numbers for key generation and nonce inclusion. Examine the challenges of Pseudo Random Number Generators (PRNGs) and their reliance on entropy sources. Discover the impact of Perfect Forward Secrecy on entropy usage in TLS. Analyze entropy requirements and utilization across various systems, including Linux, FreeBSD, OpenSSL, OpenSSH, and OpenVPN. Learn about entropy consumption in different TLS modes and the quality of entropy sources in common hardware. Gain insights into the newly released open-source software, libentropy, which provides a unified interface for OpenSSL to manage entropy sources and report usage statistics. Explore topics such as NIST guidelines, entropy pools, entropy estimation, and quantum random number generators.
Syllabus
Introduction
Penn College of Technology
Research
The Game
Entropy vs Randomness
Random Number Generators
NIST Guidelines
Linux
Ivy Bridge
Lava Lamp
PRNG
Monitor Entropy
Entropy Pools
Entropy Statistics
Summary
Rand
OpenSSL
FreeBSD
ModSSL
Nginx
Entropy Estimation
Controlling Inputs
Entropy Client
Open SSL
The Holy War
Quantum RNG
Open Source
Headless Machine
Bruce Question
Bitcoin Hack
Test Suites
Taught by
Black Hat
Related Courses
Developing APIs with Google Cloud's Apigee API PlatformGoogle Cloud via Coursera Play by Play: Authenticating External App and Service Integrations with Salesforce
Pluralsight Introduction to Application Security Course (How To)
Treehouse API Security on Google Cloud's Apigee API Platform
Pluralsight Analyzing Network Protocols with Wireshark
Pluralsight