let s encrypt
play

LETS ENCRYPT Olivier Yiptong oyiptong@mozilla.com PRIVACY MATTERS - PowerPoint PPT Presentation

Feb 25, 2024 •14 likes •244 views

LETS ENCRYPT Olivier Yiptong oyiptong@mozilla.com PRIVACY MATTERS PRIVACY MATTERS: HTTPS Con fi dentiality Data Integrity Authentication NO PRIVACY: HTTP Public-only communication (Possibly?) Tampered messages Of

  1. LET’S ENCRYPT Olivier Yiptong oyiptong@mozilla.com

  2. PRIVACY MATTERS

  3. PRIVACY MATTERS: HTTPS • Con fi dentiality • Data Integrity • Authentication

  4. NO PRIVACY: HTTP • Public-only communication • (Possibly?) Tampered messages • Of dubious origin

  5. PUBLIC COMMUNICATIONS

  6. PUBLIC COMMUNICATIONS • Firesheep

  7. PUBLIC COMMUNICATIONS • Firesheep • Google

  8. PUBLIC COMMUNICATIONS • Firesheep • Google • AT&T

  9. TAMPERING

  10. TAMPERING • Verizon Perma-Cookies

  11. TAMPERING • Verizon Perma-Cookies

  12. TAMPERING • Verizon Perma-Cookies • Comcast ad injection

  13. TAMPERING • Verizon Perma-Cookies • Comcast ad injection • China - GitHub

  14. OF DUBIOUS ORIGIN

  15. OF DUBIOUS ORIGIN • Turk Telecom

  16. OF DUBIOUS ORIGIN • Turk Telecom • China Netcom

  17. OF DUBIOUS ORIGIN • Turk Telecom • China Netcom • AT&T

  18. PRIVACY MATTERS: HTTPS • Encryption (Private communication) • Data Integrity (Certainly untampered) • Authentication (Certain of origin)

  19. HTTPS FOR YOU • Remove industrial espionage vector • No customer hijacking • No impersonation

  20. HTTP DEPRECATION • Firefox: non-secure website won’t have access to new features • Chrome: display websites over HTTP as non- secure

  21. UPCOMING FUNCTIONALITY • HTTP/2 (TLS-only on Firefox, Chrome and IE) - bandwidth + latency gains • Advanced Caching (ServiceWorkers)

  22. POSSIBLE UPGRADE PATH • Referrer Policy 
 http://www.w3.org/TR/referrer-policy • Upgrade Insecure Requests 
 http://www.w3.org/TR/upgrade-insecure-requests/

  23. THANKS oyiptong@mozilla.com

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Several possibilities for combination: So far: had cryptographic algorithms to achieve

Several possibilities for combination: So far: had cryptographic algorithms to achieve

Several possibilities for combination: So far: had cryptographic algorithms to achieve Encrypt-then MAC: encrypt message, then compute MAC of Privacy: use encryption ciphertext. Integrity: use MAC MAC-then-encrypt: First compute MAC, and then

203 views • 3 slides
Close lid to encrypt Hard disk encryption in Linux suspend mode Tim Dittler FOSDEM, 02.02.2020

Close lid to encrypt Hard disk encryption in Linux suspend mode Tim Dittler FOSDEM, 02.02.2020

Close lid to encrypt Hard disk encryption in Linux suspend mode Tim Dittler FOSDEM, 02.02.2020 Whats Close lid to encrypt? Project by Jonas Meurer and me Freelancing systems engineers living in Germany Full-disk encryption

397 views • 16 slides
Why Encrypt Data? We have already discussed authentication and access control as means to

Why Encrypt Data? We have already discussed authentication and access control as means to

Security in Outsourced Databases II Outsourced Databases II (Query Processing on Encrypted Data) Disks replaced Data worthless if encrypted Customer Credit for maintenance Card Number Laptops stolen Backups lost p 1 Why Encrypt Data?

759 views • 19 slides
Why (Special Agent) Johnny (Still) Cant Encrypt: A Security Analysis of the APCO Project 25

Why (Special Agent) Johnny (Still) Cant Encrypt: A Security Analysis of the APCO Project 25

Why (Special Agent) Johnny (Still) Cant Encrypt: A Security Analysis of the APCO Project 25 Two-Way Radio System Sandy Clark | Travis Goodspeed | Perry Metzger Zachary Wasserman | Kevin Xu | Matt Blaze Usenix 2011 P25 Modulates voice

147 views • 14 slides
Exercise: Encrypting and Decrypting with RSA In this exercise, you will encrypt and decrypt

Exercise: Encrypting and Decrypting with RSA In this exercise, you will encrypt and decrypt

Exercise: Encrypting and Decrypting with RSA In this exercise, you will encrypt and decrypt numbers using a simple version of the RSA algorithm. Each team should have two members. Each team-member should complete the exercise as Bob, then pass

228 views • 4 slides
No domain left behind is Lets Encrypt democratizing encryption? M. Aertsen 1 , M. Korzyski 2

No domain left behind is Lets Encrypt democratizing encryption? M. Aertsen 1 , M. Korzyski 2

. . . . . . . . . . . . . . No domain left behind is Lets Encrypt democratizing encryption? M. Aertsen 1 , M. Korzyski 2 , G. Moura 3 1 National Cyber Security Centre The Netherlands 2 Delft University of Technology The

292 views • 18 slides
Encrypt ALL the things with LetsEncrypt Created by : Justin W. Flory Solomon Rubin

Encrypt ALL the things with LetsEncrypt Created by : Justin W. Flory Solomon Rubin

Encrypt ALL the things with LetsEncrypt Created by : Justin W. Flory Solomon Rubin License : CC-BY-SA 4.0 Introduction What is TLS and why do I need it? TLS stands for Transport Layer Security Difference between https and

360 views • 23 slides
POST-QUANTUM CRYPTOGRAPHY HOW WILL WE ENCRYPT TOMORROW? Hanno Bck https://hboeck.de 1

POST-QUANTUM CRYPTOGRAPHY HOW WILL WE ENCRYPT TOMORROW? Hanno Bck https://hboeck.de 1

POST-QUANTUM CRYPTOGRAPHY HOW WILL WE ENCRYPT TOMORROW? Hanno Bck https://hboeck.de 1 INTRODUCTION Hanno Bck, freelance journalist and hacker. Writing for Golem.de and others. Fuzzing Project , funded by Linux Foundation's Core

1.09k views • 46 slides
No domain left behind: is Lets Encrypt democratizing encryption? Maarten Aertsen 1 , Maciej

No domain left behind: is Lets Encrypt democratizing encryption? Maarten Aertsen 1 , Maciej

No domain left behind: is Lets Encrypt democratizing encryption? Maarten Aertsen 1 , Maciej Korczy nski 2 , Giovane C. M. Moura 3 , Samaneh Tajalizadehkhoob 2 , Jan van den Berg 2 1 National Cyber Security Centre The Netherlands 2 Delft

423 views • 21 slides
Lets Encrypt as a Startup Success Story Security and Ops and Encrypting the web Daniel

Lets Encrypt as a Startup Success Story Security and Ops and Encrypting the web Daniel

Lets Encrypt as a Startup Success Story Security and Ops and Encrypting the web Daniel Jeffery Linux Foundation Why HTTPS? As our dependency on the internet has grown, the risk to users' privacy and safety has grown along with it.

746 views • 40 slides
tcpcrypt Mark Handley What would it take to encrypt all the traffic on the Internet, by

tcpcrypt Mark Handley What would it take to encrypt all the traffic on the Internet, by

tcpcrypt Mark Handley What would it take to encrypt all the traffic on the Internet, by default, all the time? Crypto 101: Encryption without authentication is useless. Encryption without authentication is like meeting a stranger in a

813 views • 31 slides
On the (In)Security of IPsec in MAC-then-Encrypt Configurations Jean Paul Degabriele Kenneth G.

On the (In)Security of IPsec in MAC-then-Encrypt Configurations Jean Paul Degabriele Kenneth G.

Motivation The Attacks Concluding Remarks On the (In)Security of IPsec in MAC-then-Encrypt Configurations Jean Paul Degabriele Kenneth G. Paterson Information Security Group Royal Holloway, University of London CCS 2010 Jean Paul

930 views • 68 slides
Why Can't Online Social Networks Encrypt? Ero Balsa , Filipe Beato, Seda Grses KU Leuven NYU

Why Can't Online Social Networks Encrypt? Ero Balsa , Filipe Beato, Seda Grses KU Leuven NYU

Why Can't Online Social Networks Encrypt? Ero Balsa , Filipe Beato, Seda Grses KU Leuven NYU W3C Workshop on Privacy and UserCentric Controls 1 20-21 November 2014, Berlin << Facebook has been able to deploy end-to-end encryption

429 views • 10 slides
Cybersecurity Considerations for Telework Security for Enterprises Enterprise Planning Plan

Cybersecurity Considerations for Telework Security for Enterprises Enterprise Planning Plan

Cybersecurity Considerations for Telework Security for Enterprises Enterprise Planning Plan telework-related security policies and controls based on a zero-trust model. Encrypt client devices storage, encrypt all sensitive data stored on

371 views • 9 slides
Shai Halevi IBM CRYPTO 2011 Wouldnt it be nice to be able to Encrypt my data before

Shai Halevi IBM CRYPTO 2011 Wouldnt it be nice to be able to Encrypt my data before

Shai Halevi IBM CRYPTO 2011 Wouldnt it be nice to be able to Encrypt my data before sending to the cloud While still allowing the cloud to search/sort/edit/ this data on my behalf Keeping the data in the cloud in encrypted form

956 views • 60 slides
How to Encrypt with the LPN Problem Henri Gilbert, Matt Robshaw, and Yannick Seurin Orange Labs

How to Encrypt with the LPN Problem Henri Gilbert, Matt Robshaw, and Yannick Seurin Orange Labs

How to Encrypt with the LPN Problem Henri Gilbert, Matt Robshaw, and Yannick Seurin Orange Labs ICALP 2008 July 9, 2008 intro LPN problem LPN-C security parameters conclusion the context the authentication protocol HB + by Juels and

708 views • 21 slides
12/6/2013 Detecting Fakes Image Forensics: Detecting Forged Photos 1.Detecting photorealistic

12/6/2013 Detecting Fakes Image Forensics: Detecting Forged Photos 1.Detecting photorealistic

12/6/2013 Detecting Fakes Image Forensics: Detecting Forged Photos 1.Detecting photorealistic graphics 2.Detecting manipulated images Photo manipulation is the application of image editing techniques to photographs in order to create an

306 views • 13 slides
Lessons from Star Wars Adam Shostack @adamshostack Agenda What is threat modeling? A

Lessons from Star Wars Adam Shostack @adamshostack Agenda What is threat modeling? A

Threat Modeling: Lessons from Star Wars Adam Shostack @adamshostack Agenda What is threat modeling? A simple approach to threat modeling Top 10 lessons Learning more What is threat modeling? A SIMPLE APPROACH TO THREAT

606 views • 41 slides
Efficient Leakage-Resilient Secret Sharing Peihan Miao Akshayaram Srinivasan Prashant Nalini

Efficient Leakage-Resilient Secret Sharing Peihan Miao Akshayaram Srinivasan Prashant Nalini

Efficient Leakage-Resilient Secret Sharing Peihan Miao Akshayaram Srinivasan Prashant Nalini Vasudevan UC Berkeley Secret Sharing [Shamir 79, Blakley 79] Share 1 , , Reconstruction: Given at least

1.45k views • 20 slides
Inference in Belief Networks CMPUT 366: Intelligent Systems P&M 8.4 Lecture Outline

Inference in Belief Networks CMPUT 366: Intelligent Systems P&M 8.4 Lecture Outline

Inference in Belief Networks CMPUT 366: Intelligent Systems P&M 8.4 Lecture Outline 1. Recap 2. Factors 3. Variable Elimination 4. Efficiency Recap: Belief Networks Definition: A belief network (or Bayesian network )

1.27k views • 23 slides
Mobile App Security An introduction Marc Obrador Who am I? Marc Obrador Co-founder & Head

Mobile App Security An introduction Marc Obrador Who am I? Marc Obrador Co-founder & Head

Mobile App Security An introduction Marc Obrador Who am I? Marc Obrador Co-founder & Head of Product Architecture @ Build38 Barcelona marc@build38.com @marcobrador /in/marc-obrador Build38 | Intro to Mobile App Security February 2020

808 views • 32 slides
Outline Threat modeling, contd Shellcode techniques CSci 4271W Development of Secure

Outline Threat modeling, contd Shellcode techniques CSci 4271W Development of Secure

Outline Threat modeling, contd Shellcode techniques CSci 4271W Development of Secure Software Systems Binary-level GDB commands and demo Day 5: Memory safety attacks In-person lab logistics reminders Stephen McCamant Project 1 bcimgview

1.17k views • 6 slides
Introduction to Artificial Intelligence Bayesian Networks Janyl Jumadinova September 26, 2016

Introduction to Artificial Intelligence Bayesian Networks Janyl Jumadinova September 26, 2016

Introduction to Artificial Intelligence Bayesian Networks Janyl Jumadinova September 26, 2016 Bayesian Networks A simple, graphical notation for conditional independence assertions 2/14 Bayesian Networks A simple, graphical notation

576 views • 34 slides
IPC, Threads, Races, Critical Sections 7A. Threads 7B. Inter-Process Communication Operating

IPC, Threads, Races, Critical Sections 7A. Threads 7B. Inter-Process Communication Operating

4/18/2016 IPC, Threads, Races, Critical Sections 7A. Threads 7B. Inter-Process Communication Operating Systems Principles 7C. Critical Sections IPC, Threads, Races, Critical Sections 7D. Asynchronous Event Completions Mark Kampe

245 views • 8 slides

More recommend