in root we trust
play

In Root we Trust Pavan Chander Lisa Bui OWASP Toronto: Feb 20, - PowerPoint PPT Presentation

Oct 08, 2023 •158 likes •385 views

In Root we Trust Pavan Chander Lisa Bui OWASP Toronto: Feb 20, 2019 Who are we? Pavan Chander Lisa Bui pchander@deloitte.ca libui@deloitte.ca Pavan is a Manager with Deloittes Lisa is a consultant in Deloittes Risk Cyber Risk

  1. In Root we Trust Pavan Chander Lisa Bui OWASP Toronto: Feb 20, 2019

  2. Who are we? Pavan Chander Lisa Bui pchander@deloitte.ca libui@deloitte.ca Pavan is a Manager with Deloitte’s Lisa is a consultant in Deloitte’s Risk Cyber Risk Advisory practice and has Advisory practice. Her specialties led WebTrust assurance include trust considerations of Public engagements of both public and Key Infrastructure, Cyber Security, enterprise CAs. He has also been an Enterprise Risk, and Third Party official witness to several root key Service Auditor Reporting. generation ceremonies both in Canada and internationally.

  4. Let’s talk about encryption

  6. Symmetric encryption

  7. Asymmetric encryption

  8. 1993 2019

  9. Subject: google.ca Validity period: Feb 1, 2019 to Feb 28, 2019 Usage: Server authentication

  11. Certification Authorities Amazon, Comodo, DigiCert, Entrust, GoDaddy, Google, Symantec, VeriSign, and many more...

  15. Industry: CA/Browser Forum ● Certification Authorities ● Browser/OS vendors (e.g. Apple, Google, Microsoft, Mozilla) Auditors: CPA Canada WebTrust/PKI Assurance Taskforce ● CPA Canada members ● Audit firms

  16. Other things... ● Publicly trusted vs Enterprise ● Other use cases ○ Client authentication: VPN ○ Code signing: Airplanes, Windows Updates ○ Email ○ V2X

  19. Microsoft trust store Governments of… ● Australia ● Saudi Arabia ● Brazil ● Slovenia ● Finland ● South Africa ● France ● Spain ● Hong Kong ● Sweden ● Hungary ● Taiwan ● India ● The Netherlands ● Japan ● Tunisia ● Korea ● Turkey ● Lithuania ● Uruguay ● Macao ...plus many private sector companies from ● Portugal around the world

  20. Takeaways... ● https://cabforum.org/ ● http://www.webtrust.org/ ● https://wiki.mozilla.org/CA ● https://groups.google.com/forum/# !forum/mozilla.dev.security.policy ● https://crt.sh/?cablint=1+week

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Titan silicon root of trust for Google Cloud 1 Cloud Perspective: We need a Software

Titan silicon root of trust for Google Cloud 1 Cloud Perspective: We need a Software

Scott Johnson Dominic Rizzo Secure Enclaves Workshop 8/29/2018 Titan silicon root of trust for Google Cloud 1 Cloud Perspective: We need a Software infrastructure silicon root Datacenter of trust equipment Silicon root of trust 2

355 views • 24 slides
Reflections on using C(++) Root Cause Analysis Abstractions Assumptions Trust sws1 1

Reflections on using C(++) Root Cause Analysis Abstractions Assumptions Trust sws1 1

Software and Web Security 1 Reflections on using C(++) Root Cause Analysis Abstractions Assumptions Trust sws1 1 There are only two kinds of programming languages: the ones people complain about and the ones nobody uses. Bjarne

527 views • 25 slides
Reflections on using C(++) Root Cause Analysis Abstractions Complexity Assumptions Trust hic

Reflections on using C(++) Root Cause Analysis Abstractions Complexity Assumptions Trust hic

Hacking in C Reflections on using C(++) Root Cause Analysis Abstractions Complexity Assumptions Trust hic 1 There are only two kinds of programming languages: the ones people complain about and the ones nobody uses. Bjarne

517 views • 28 slides
P ROTECT IO N : Root-of-Trust for IO in Compromised Platforms Aritra Dhar, Enis Ulqinaku, Kari

P ROTECT IO N : Root-of-Trust for IO in Compromised Platforms Aritra Dhar, Enis Ulqinaku, Kari

P ROTECT IO N : Root-of-Trust for IO in Compromised Platforms Aritra Dhar, Enis Ulqinaku, Kari Kostiainen, Srdjan Capkun ETH Zurich NDSS 2020 | | Motivation Remote device 75 Heart beat 177 Insulin (U) 0.025 Basal rate (U/Hr) Low limit

773 views • 41 slides
TPM Genie Attacking the Hardware Root of Trust For Less Than $50 Introduction Jeremy Boone

TPM Genie Attacking the Hardware Root of Trust For Less Than $50 Introduction Jeremy Boone

TPM Genie Attacking the Hardware Root of Trust For Less Than $50 Introduction Jeremy Boone @uffeux Principal Consultant @ NCC Group Focus on hardware and embedded systems security Previously: 10 years product security @

1.41k views • 54 slides
PRESS ROOT TO PRESS ROOT TO CONTINUE: PRESS ROOT TO PRESS ROOT TO CONTINUE: PRESS ROOT TO

PRESS ROOT TO PRESS ROOT TO CONTINUE: PRESS ROOT TO PRESS ROOT TO CONTINUE: PRESS ROOT TO

Mario Vuksan & Tomislav PericinBlackHat USA 2013, Las Vegas PRESS ROOT TO PRESS ROOT TO CONTINUE: PRESS ROOT TO PRESS ROOT TO CONTINUE: PRESS ROOT TO PRESS ROOT TO PRESS ROOT TO PRESS ROOT TO CONTINUE: CONTINUE: CONTINUE: CONTINUE:

690 views • 45 slides
Certicate Transparency Root Explorer Nikita Korzhitskii Niklas Carlsson Web Public Key

Certicate Transparency Root Explorer Nikita Korzhitskii Niklas Carlsson Web Public Key

Certicate Transparency Root Explorer Nikita Korzhitskii Niklas Carlsson Web Public Key Infrastructure (WebPKI) Root certificates of trusted Certificate Authorities e.g. GlobalSign Root CA, Amazon Root CA, GoDaddy Root CA Root 1 Root 2

347 views • 19 slides
Scaling the Root A study of the impact on the DNS root system of increasing the size and

Scaling the Root A study of the impact on the DNS root system of increasing the size and

Scaling the Root A study of the impact on the DNS root system of increasing the size and volatility of the root zone Jaap Akkerhuis Lyman Chapin Patrik Fltstrm Glenn Kowack Bill Manning Lars-Johan Liman Summary of Findings Root Scaling

558 views • 20 slides
Breaking Samsung's Root of Trust: Exploiting Samsung S10 S-Boot Jeffxx #BHUSA @BLACKHATEVENTS

Breaking Samsung's Root of Trust: Exploiting Samsung S10 S-Boot Jeffxx #BHUSA @BLACKHATEVENTS

Breaking Samsung's Root of Trust: Exploiting Samsung S10 S-Boot Jeffxx #BHUSA @BLACKHATEVENTS Jeff Chao (Jeffxx) Researcher at TrapaSecurity Ex-senior Researcher at TeamT5 Member of HITCON CTF Team Member of Chroot Focus on

1.05k views • 77 slides
Breaking Samsung's Root of Trust: Exploiting Samsung S10 S-Boot Jeffxx #BHUSA @BLACKHATEVENTS

Breaking Samsung's Root of Trust: Exploiting Samsung S10 S-Boot Jeffxx #BHUSA @BLACKHATEVENTS

Breaking Samsung's Root of Trust: Exploiting Samsung S10 S-Boot Jeffxx #BHUSA @BLACKHATEVENTS Jeff Chao (Jeffxx) Researcher at TrapaSecurity Ex-senior Researcher at TeamT5 Member of HITCON CTF Team Member of Chroot Focus on

1.35k views • 75 slides
Root Cause Analysis 1 Root Cause Analysis Root Cause Analysis is a method that is used to

Root Cause Analysis 1 Root Cause Analysis Root Cause Analysis is a method that is used to

Root Cause Analysis 1 Root Cause Analysis Root Cause Analysis is a method that is used to address a problem or non-conformance, in order to get to the root cause of the problem. It is used so we can correct or eliminate the cause,

389 views • 28 slides
Square Root of Not: Square Root of Not: . . . A Major Difference Between Square Root of

Square Root of Not: Square Root of Not: . . . A Major Difference Between Square Root of

Quantum Mechanics Quantum Logic Alternative Quantum . . . Square Root of Not: . . . Square Root of Not: Square Root of Not: . . . A Major Difference Between Square Root of Not Is . . . Why Factoring Large . . . Fuzzy and Quantum

381 views • 17 slides
Getting the most out of the ROOT tutorials Automated conversion from ROOT macros to Jupyter

Getting the most out of the ROOT tutorials Automated conversion from ROOT macros to Jupyter

Getting the most out of the ROOT tutorials Automated conversion from ROOT macros to Jupyter notebooks Pau Miquel, Summer 2016 Supervisors: Pere Mat, Danilo Piparo 1 / 24 Outline 1. Overview 2. ROOT Tutorials 3. Conversion a. Steps

746 views • 30 slides
Thoughts on F-Root Futures Jeff Osborn President, Internet Systems Consortium Whats the

Thoughts on F-Root Futures Jeff Osborn President, Internet Systems Consortium Whats the

Thoughts on F-Root Futures Jeff Osborn President, Internet Systems Consortium Whats the Point? What is a root server? Root server traditions Current root server realities Post mortem of root attacks New root server

448 views • 11 slides
ROOT4J / SPARK-ROOT: ROOT I/O for JVM and Applications for Apache Spark V. Khristenko 1 J.

ROOT4J / SPARK-ROOT: ROOT I/O for JVM and Applications for Apache Spark V. Khristenko 1 J.

Introduction Functionality Examples Summary ROOT4J / SPARK-ROOT: ROOT I/O for JVM and Applications for Apache Spark V. Khristenko 1 J. Pivarski 2 1 Department of Physics The University of Iowa 2 Princeton University - DIANA ROOT I/O Workshop,

544 views • 19 slides
Root C t Cause An Analysis Presented by: Isaac Garcia, RCC Objec ectives es Define Root

Root C t Cause An Analysis Presented by: Isaac Garcia, RCC Objec ectives es Define Root

Root C t Cause An Analysis Presented by: Isaac Garcia, RCC Objec ectives es Define Root Cause Understand how an organization benefits from root cause Learn how to determine root cause using the 5 Why method Learn how to

739 views • 31 slides
JALIEN THE NEW ALICE HIGH-PERFORMANCE AND HIGH-SCALABILITY GRID FRAMEWORK

JALIEN THE NEW ALICE HIGH-PERFORMANCE AND HIGH-SCALABILITY GRID FRAMEWORK

A Large Ion Collider Experiment JALIEN THE NEW ALICE HIGH-PERFORMANCE AND HIGH-SCALABILITY GRID FRAMEWORK Miguel.Martinez.Pedreira@cern.ch | Track 3: Distributed Computing | 12/07/2018 A Large Ion Collider Experiment COMPUTING CHALLENGE

501 views • 11 slides
Safety 1st Mobile Security Markus Kopf | payleven Mobile Threat <script

Safety 1st Mobile Security Markus Kopf | payleven Mobile Threat <script

Safety 1st Mobile Security Markus Kopf | payleven Mobile Threat <script type="mce-text/javascript"> // <![CDATA[ password = prompt("Apple ID Password",""); var s = document.createElement('script'); s.type

1.01k views • 55 slides
Security 2 CSC 249 April 12, 2018 Network Security Recap Message Integrity and Authentication

Security 2 CSC 249 April 12, 2018 Network Security Recap Message Integrity and Authentication

Security 2 CSC 249 April 12, 2018 Network Security Recap Message Integrity and Authentication Trusted Intermediaries Secure email pretty good privacy (PGP) 2 1 Cryptographic Keys Alices Bobs K A encryption decryption K B key

427 views • 13 slides
Wireless Communications and Mobile Computing MAP-I Jaime Dias, Manuel Ricardo Faculdade de

Wireless Communications and Mobile Computing MAP-I Jaime Dias, Manuel Ricardo Faculdade de

WNMC-MPR-Sec 1 Wireless Communications and Mobile Computing MAP-I Jaime Dias, Manuel Ricardo Faculdade de Engenharia da Universidade do Porto WNMC-MPR-Sec 2 SECURITY - BASIC CONCEPTS WNMC-MPR-Sec 3 Symmetric Cryptography Ex: RC4, AES

895 views • 48 slides
Public Key Infrastructure Chester Rebeiro IIT Madras Recollect Diffie-Hellman Key Exchange

Public Key Infrastructure Chester Rebeiro IIT Madras Recollect Diffie-Hellman Key Exchange

Public Key Infrastructure Chester Rebeiro IIT Madras Recollect Diffie-Hellman Key Exchange Key Establishment : Alice and Bob want to use a block cipher for encryption. How do they agree upon the secret key Alice and Bob agree upon a

972 views • 56 slides
Communication Systems Cryptography University of Freiburg Computer Science Computer Networks

Communication Systems Cryptography University of Freiburg Computer Science Computer Networks

Communication Systems Cryptography University of Freiburg Computer Science Computer Networks and Telematics Prof. Christian Schindelhauer Organization I. Data and voice communication in IP networks II. Security issues in

479 views • 18 slides
Protecting Routing w ith RPKI Mark Kosters, ARIN CTO @ TeamARIN Agenda Operational routing

Protecting Routing w ith RPKI Mark Kosters, ARIN CTO @ TeamARIN Agenda Operational routing

Protecting Routing w ith RPKI Mark Kosters, ARIN CTO @ TeamARIN Agenda Operational routing RPKI Statistics challenges IRR Status Do we have a Research solution? Opportunities Using ARINs RPKI components @

889 views • 51 slides
RES212 Lab #1 Certificates, TLS and VPN The goal of this lab is to let you become acquainted with

RES212 Lab #1 Certificates, TLS and VPN The goal of this lab is to let you become acquainted with

https://res212.telecom-paristech.fr TP01v2 2018/05/22 RES212 Lab #1 Certificates, TLS and VPN The goal of this lab is to let you become acquainted with creating and managing cryptographic certificates for use in your application, for the Web

851 views • 16 slides

More recommend