Cryptography basics

I stopped including the "here's who I am" slide

What we're covering

tl;dr: the basics of how cryptographic protocols are designed

• Basic concepts
• Design goals
• Common primitives
• Common attacks

What we're not covering

• System-level stuff
• Webapp stuff
• Operational security
• Deploying cryptography
• Math

Basic concepts

Hashes

PRNGs

Keys / ciphers

MACs

Keys

Symmetric encryption

Asymmetric encryption

Signatures

Ephemeral keys

Entropy

Actors

Alice

Bob

Carol / Charlie

Eve

Mallory

Primitives

Composition

Basic design goals

Confidentiality

Integrity

Authenticity

Other design goals

Forward secrecy

Plausible deniability

Revocation

No replay attacks

No security through obscurity

Hashes

Deterministic

Take an input and produce a fixed-length output

Output is very different from input

One-way, hard to reproduce

Common hashes

MD5 (terrible)

SHA1 (unideal)

SHA256, SHA512 (SHA2)

SHA3

Symmetric encryption

Data Encryption Standard (broken)

3DES (vaguely broken)

Advanced Encryption Standard

AES128, AES192, AES256

Asymmetric encryption

RSA keys

Elliptic Curve keys

Other notables

Diffie-Hellmann

MACs

Message Authentication Code

HMAC-

Misc.

Ratcheting

Common practical attacks

Brute-force attack

Side-channel attack

Timing attacks

Social engineering

Sybil attacks

Common algorithmic attacks

Birthday attacks

(Second-) preimage attack

Collision attacks

Thanks!

Questions?

Access this presentation again

https://strugee.net/presentation-cryptography-basics

Or get the source code