total encryption
play

Total Encryption Teddy Hogeborn, Bjrn Phlsson 2011-08-06 Slides - PowerPoint PPT Presentation

Nov 29, 2023 •219 likes •411 views

Total Encryption Teddy Hogeborn, Bjrn Phlsson 2011-08-06 Slides https://www.recompile.se/lectures/2011-08- 06_Total_Encryption Encryption Is security from eavesdroppers, it is not anonymity Anonymity is a whole other talk A

  1. Total Encryption Teddy Hogeborn, Björn Påhlsson 2011-08-06

  2. Slides https://www.recompile.se/lectures/2011-08- 06_Total_Encryption

  3. Encryption ◮ Is security from eavesdroppers, it is not anonymity ◮ Anonymity is a whole other talk

  4. A Question of Trust Not covered in this talk ◮ Proprietary encryption “We’re secure, don’t you worry your little head!” Not verifiable - simple claims are not good enough ◮ Built-in solutions from proprietary OSes ◮ A history of extremly inadequate security ◮ Back doors and/or intentionally crippled security

  5. Encryption uses Keys ◮ How do you know who you’re talking to? ◮ Man-in-the-middle ◮ PKI - Public Key Infrastructure ◮ Hierarchical - bad ◮ X.509 (a.k.a. S/MIME for mail) ◮ Web of trust - good ◮ OpenPGP Most used: GnuPG (GPG) ◮ Signing party

  6. Mail OpenPGP ◮ Thunderbird: Enigmail http://enigmail.mozdev.org/ ◮ Outlook: Gpg4win/GpgOL http://www.gpg4win.org/ (Outlook 2003 and 2007 only) ◮ Apple Mail: GPGTools/GPGMail http://www.gpgtools.org/gpgmail/ (Right now OS X 10.6 or older) ◮ Configuring Make sure to configure to use SSL: ◮ SSMTP, IMAPS, and POP3S ◮ https://starttls.se/ ◮ http://mailcheck.iis.se/

  7. Web mail? ◮ FireGPG http://getfiregpg.org/ ◮ discontinued ◮ FireGPG on Firefox 5 https://grepular.com/FireGPG_on_Firefox_5 ◮ Various plugins - none use OpenPGP Web browsing

  8. Web Browsing & Web Apps ◮ Uses X.509 - unfortunately ◮ HTTPS ◮ Only if the server supports it ◮ Most don’t ◮ Not core feature ◮ Opposite to site’s purpose: to collect your data Better than nothing

  9. Web Browsing Using HTTPS ◮ Firefox: HTTPS Everywhere https://www.eff.org/https-everywhere ◮ Safari: SSL Everywhere http://safariextensions.org/detail/SSL_Everywhere/ Precompiled unavailable - user must compile ◮ Chrome (Limited support) ◮ KB SSL Enforcer ◮ Use HTTPS ◮ Opera: Redirect to HTTPS https://addons.opera.com/addons/extensions/details/redirect- to-https

  10. Social Networking (Including photo sharing, etc) ◮ Web apps - see web browsing ◮ Same caveat - dependent on server Supporting HTTPS & cares about data secrecy ◮ Diaspora https://joindiaspora.com/ ◮ Pods http://podupti.me/ Host your own

  11. Microblogging Also web app ◮ Identi.ca https://identi.ca/ ◮ Host your own

  12. Files on Disk GPG with interface ◮ GNU/Linux ◮ Windows ◮ ZIP, RAR, etc. Encryption not core feature, history of bad security ◮ Gpg4win/GpgEX http://www.gpg4win.org/ (As of today, 32 bit only) ◮ MacOS X ◮ GPGTools/GPGServices http://www.gpgtools.org/gpgservices/ ◮ Truecrypt ◮ Single files a bit of work, meant for whole disks

  13. Whole Disk or USB Drive ◮ Truecrypt http://www.truecrypt.org/ ◮ + GNU/Linux, Windows, and MacOS ◮ - Boot-time only on Windows ◮ - Not the best choice on GNU/Linux ◮ LUKS - Linux Unifies Key Setup ◮ + Standard and built-in on GNU/Linux ◮ - Boot-time only on GNU/Linux ◮ - Not on MacOS ◮ (For Ubuntu, use the “text-mode” or “alternate” installer) ◮ Use FreeOTFE to access on Windows

  14. Network File Sharing (Network drive or NAS, not P2P) SFTP a.k.a SSH, OpenSSH, etc. ◮ - Private key system ◮ + Very widely used ◮ Linux client: sshfs http://fuse.sourceforge.net/sshfs.html ◮ Windows server copssh http://www.itefix.no/i2/copssh ◮ Windows client ◮ Swish http://www.swish-sftp.org/ (Still in alpha state) ◮ FileZilla ◮ no shell extension ◮ MacOS client ◮ Macfusion http://macfusionapp.org/

  15. Instant Messaging (IM) and phone (VOIP) Encrypted protocol ◮ Mumble http://mumble.sourceforge.net/ ◮ - Private protocol ◮ + Popular in some circles ◮ Jitsi http://jitsi.org/ ◮ + Standard XMPP Same as Jabber, Google Talk, etc.

  16. P2P File Sharing ◮ Nothing ◮ Use network encryption

  17. Network Traffic Encryption Depends completely on the endpoints - both must run the same. prq, for instance, offers only OpenVPN ◮ OpenVPN ◮ + Common ◮ + Relatively easy to set up ◮ - Non-standard protocol ◮ IPsec ◮ - Complex to set up ◮ + Standard; built-in to in all OSes

  18. Summary ◮ Install HTTPS Everywhere (or similar) for your browser ◮ Switch to a better social networking and microblogging platform ◮ Encrypt your disks and USB drives ◮ All of them - boot time-encryption! ◮ Switch to a better IM and VOIP protocol & software ◮ Get an OpenPGP key! ◮ Encrypt your mail ◮ When you have the recipient’s key ◮ Otherwise, at least sign your mail ◮ Defense against alteration ◮ Attend keysigning parties and get signatures ◮ Look into getting a VPN or IPsec tunnel to your local most-used services ◮ Slides: https://www.recompile.se/lectures/2011-08- 06_Total_Encryption

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Ruby Monstas Session 17: Interlude: Encryption Encryption What comes to mind if you think about

Ruby Monstas Session 17: Interlude: Encryption Encryption What comes to mind if you think about

Ruby Monstas Session 17: Interlude: Encryption Encryption What comes to mind if you think about encryption? Encryption Certificates Crypto Currencies Public Key AES Encryption Privacy SSH VPN HTTPS TLS Quantum Digital Signatures

837 views • 46 slides
Usable Encryption Class Presentation for CMSC 818D Wei Bai S Application S Hardware

Usable Encryption Class Presentation for CMSC 818D Wei Bai S Application S Hardware

Usable Encryption Class Presentation for CMSC 818D Wei Bai S Application S Hardware Encryption S Web Encryption S Email Encryption OpenPGP S S/MIME S S Online Social Network Public Key Encryption S Encryption/Decryption

842 views • 26 slides
RSA Encryption 10 February 2012 RSA Encryption 10 February 2012 1/35 We saw some methods of

RSA Encryption 10 February 2012 RSA Encryption 10 February 2012 1/35 We saw some methods of

RSA Encryption 10 February 2012 RSA Encryption 10 February 2012 1/35 We saw some methods of encryption Wednesday, but none of these is good enough to be used in actual situations. Today well talk about one method, RSA Encryption, which is

1.01k views • 59 slides
Secret-Key Encryption Introduction Encryption is the process of encoding a message in such a

Secret-Key Encryption Introduction Encryption is the process of encoding a message in such a

Secret-Key Encryption Introduction Encryption is the process of encoding a message in such a way that only authorized parties can read the content of the original message History of encryption dates back to 1900 BC Two types of

533 views • 38 slides
Functional Encryption Lecture 27 Functional Encryption Plain encryption: for secure

Functional Encryption Lecture 27 Functional Encryption Plain encryption: for secure

Functional Encryption Lecture 27 Functional Encryption Plain encryption: for secure communication. Does not allow modifying encrypted data. Homomorphic Encryption: allows computation on encrypted data, but result remains encrypted Functional

987 views • 61 slides
Encryption at Rest in ZFS Tom Caputi tcaputi@datto.com Overview of Encryption Implementation 2

Encryption at Rest in ZFS Tom Caputi tcaputi@datto.com Overview of Encryption Implementation 2

Encryption at Rest in ZFS Tom Caputi tcaputi@datto.com Overview of Encryption Implementation 2 What is Encryption? Want to prevent someone (an attacker) from accessing private data Permissions arent good enough Root user can

788 views • 20 slides
Functional Encryption for Regular Languages Brent Waters Public Key Encryption

Functional Encryption for Regular Languages Brent Waters Public Key Encryption

Functional Encryption for Regular Languages Brent Waters Public Key Encryption [DH76,M78,RSA78,GM84] Avoid Prior Secret Exchange PubK SK 2 Functional Encryption [SW05] Functionality: f( , ) MSK Authority Key: y 2 {0,1}* y SK CT: x

945 views • 16 slides
Security of Encryption Security of Encryption Perfect secrecy (IND-Onetime security) is too

Security of Encryption Security of Encryption Perfect secrecy (IND-Onetime security) is too

Defining Encryption (ctd.) Lecture 3 CPA/CCA security Computational Indistinguishability Pseudo-randomness, One-Way Functions Security of Encryption Security of Encryption Perfect secrecy (IND-Onetime security) is too strong (though too

1.36k views • 113 slides
Lecture 3 Encryption Suggested readings: Chs 1 & 2 in KPS Ch 1 in Stinson

Lecture 3 Encryption Suggested readings: Chs 1 & 2 in KPS Ch 1 in Stinson

Lecture 3 Encryption Suggested readings: Chs 1 & 2 in KPS Ch 1 in Stinson (recommended) 1 Encryption Principles A cryptosystem has (at least) five ingredients: 1. Plaintext 2. Secret Key 3. Ciphertext 4. Encryption algorithm 5.

657 views • 12 slides
Berkeley CS276 & MIT 6.875 Pseudorandom Permutations and Symmetric Key Encryption Lecturer:

Berkeley CS276 & MIT 6.875 Pseudorandom Permutations and Symmetric Key Encryption Lecturer:

Berkeley CS276 & MIT 6.875 Pseudorandom Permutations and Symmetric Key Encryption Lecturer: Raluca Ada Popa Sept 15, 2020 Announcements Starting to record Psets grading policy: We count your best 5 out of 6 psets Total

728 views • 48 slides
Building Applications with Homomorphic Encryption A Presentation from the Homomorphic Encryption

Building Applications with Homomorphic Encryption A Presentation from the Homomorphic Encryption

Building Applications with Homomorphic Encryption A Presentation from the Homomorphic Encryption Standardization Consortium HomomorphicEncryption.org 0.1 Presenters Roger A. Hallman (SPAWAR Systems Center Pacific; Thayer School of

1.36k views • 91 slides
Goals of Encryption authenticated encryption sender Daniel J. Bernstein

Goals of Encryption authenticated encryption sender Daniel J. Bernstein

Goals of Encryption authenticated encryption sender Daniel J. Bernstein University of Illinois at Chicago & m Technische Universiteit Eindhoven c k More details, credits: competitions.cr.yp.to network

1.33k views • 118 slides
Advanced Encryption Standard Lars R. Knudsen June 2014 L.R. Knudsen Advanced Encryption

Advanced Encryption Standard Lars R. Knudsen June 2014 L.R. Knudsen Advanced Encryption

Advanced Encryption Standard Lars R. Knudsen June 2014 L.R. Knudsen Advanced Encryption Standard AES - Advanced Encryption Standard US governmental encryption standard Open (world) competition announced January 97 Blocks: 128 bits Keys:

403 views • 39 slides
Permutation-based encryption, authentication and authenticated encryption Joan Daemen 1 Joint

Permutation-based encryption, authentication and authenticated encryption Joan Daemen 1 Joint

. . . . . . Permutation-based encryption, authentication and authenticated encryption Permutation-based encryption, authentication and authenticated encryption Joan Daemen 1 Joint work with DIAC 2012, Stockholm, July 6 Guido Bertoni 1 ,

739 views • 49 slides
Encryption at Scale on AWS Matt Campagna campagna@amazon.com Agenda Describe the AWS Key

Encryption at Scale on AWS Matt Campagna campagna@amazon.com Agenda Describe the AWS Key

Encryption at Scale on AWS Matt Campagna campagna@amazon.com Agenda Describe the AWS Key Management Service Client Side Encryption AWS Encryption SDK Server Side Encryption S3 Object Encryption Amazon Simple Storage Service

387 views • 22 slides
Novel Encryption Method of GPS Information in Image File Using Format-preserving Encryption

Novel Encryption Method of GPS Information in Image File Using Format-preserving Encryption

Novel Encryption Method of GPS Information in Image File Using Format-preserving Encryption Changhyun Lee, Yeonju Choi, Hyeongmin Park, Kangbin Yim, and Sun-Young Lee Soonchunhyang University IMIS 2019 Presenter: Brandon Falk (

645 views • 21 slides
HIPAA SECURITY SPOT AUDITS BEGIN: CHICKEN LITTLES AND ANNUAL LITTLES AND ANNUAL TRADITIONS

HIPAA SECURITY SPOT AUDITS BEGIN: CHICKEN LITTLES AND ANNUAL LITTLES AND ANNUAL TRADITIONS

2/21/2012 HIPAA SECURITY SPOT AUDITS BEGIN: CHICKEN LITTLES AND ANNUAL LITTLES AND ANNUAL TRADITIONS KENNETH N. RASHBAUM, ESQ. RASHBAUM ASSOCIATES, LLC www.rashbaumassociates.com BREACHES MUNDANE AND COMPLEX Increasing Incidents Of

418 views • 6 slides
Matthew Series Lesson #050 September 14, 2014 Dean Bible Ministries

Matthew Series Lesson #050 September 14, 2014 Dean Bible Ministries

Matthew Series Lesson #050 September 14, 2014 Dean Bible Ministries www.deanbibleministries.org Dr. Robert L. Dean, Jr. Healing in the New Testament Matthew 8:117 Doctrine of Healing Summary 1. Does God heal today? 2. Does God want you

362 views • 18 slides
Administration Foundational Truths Gods Structure for Growth Ephesians 4:1-16 God is a God

Administration Foundational Truths Gods Structure for Growth Ephesians 4:1-16 God is a God

Administration Foundational Truths Gods Structure for Growth Ephesians 4:1-16 God is a God of order , yet a God of great creativity and desires that His church manifest His nature. Everything God created has structure . His

422 views • 10 slides
Gear VR Performance Tweaks and Pitfalls Mobile VR is Hard Oculus System Integration Issues

Gear VR Performance Tweaks and Pitfalls Mobile VR is Hard Oculus System Integration Issues

Oculus Gear VR Performance Tweaks and Pitfalls Mobile VR is Hard Oculus System Integration Issues Chrome IPC Performance is Crippled on Android vs PC Use shared memory for transferring critical data like HMD poses Saw 10ms delays

91 views • 5 slides
Information Security Ryan Eberhardt and Armin Namavari May 21, 2020 Today How do you keep

Information Security Ryan Eberhardt and Armin Namavari May 21, 2020 Today How do you keep

Information Security Ryan Eberhardt and Armin Namavari May 21, 2020 Today How do you keep information safe and sound? Could be an entire class by itself! Todays lecture isnt even a high-level overview its just a slice

832 views • 46 slides
Achilles and the Bee A faade of infallibility About me What I do: IT controls testing

Achilles and the Bee A faade of infallibility About me What I do: IT controls testing

Achilles and the Bee A faade of infallibility About me What I do: IT controls testing Info Sec standards Implementation Vulnerability Assessments and Pen Tests Fun facts: I love sports (actively involved in

565 views • 20 slides
Training in a Cyber-active Environment Using C2-Simulation Interoperation Dr. Mark Pullen George

Training in a Cyber-active Environment Using C2-Simulation Interoperation Dr. Mark Pullen George

Training in a Cyber-active Environment Using C2-Simulation Interoperation Dr. Mark Pullen George Mason University C4I & Cyber Center, USA James Ruth Trideum, Inc. Overview Introduction: Importance of cyber-active training

540 views • 24 slides
Paul and Barnabas encounter paganism in Lystra Acts 14:8-18 Now at Lystra there was a man

Paul and Barnabas encounter paganism in Lystra Acts 14:8-18 Now at Lystra there was a man

Paul and Barnabas encounter paganism in Lystra Acts 14:8-18 Now at Lystra there was a man sitting who could not use his feet. He was crippled from birth and had never walked. He listened to Paul speaking. And Paul, looking intently at him and

717 views • 30 slides

More recommend