Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security, Cryptography, and Magic

Published bySucianty Susman Modified over 5 years ago

Similar presentations

Presentation on theme: "Security, Cryptography, and Magic"— Presentation transcript:

1 Security, Cryptography, and Magic
Steven M. Bellovin

2 Weak Points of the Internet
The DNS Routing Host security Cryptography can help with the first two, but...

3 Security Flaws At least 85% of CERT advisories describe problems that cryptography can’t fix. 9 out of 13 advisories last year are about buffer overflows. Of the othes, 2 describe problems in cryptographic modules…

4 Going Around the Cryptography
Cryptography relies on the secrecy of keys. Can we protect them, on today’s systems? Smart cards, etc., encrypt, decrypt, and sign what the host system hands them. Can we trust the host? What about the certificate hierarchy?

5 Certificates Most users don’t know what certificates are.
Of those who do, most don’t verify the signature chain. Most of those people don’t know if they should trust an arbitrary root. Conclusion: for most practical purposes, we don’t have a PKI -- and most people neither know nor care.

6 Cryptography and Identity
Given the PKI problems, encrypted traffic is effectively unauthenticated. This does prevent broad-spectrum eavesdropping. But active attacks can go around the cryptography to penetrate systems -- and such attacks are taking place.

7 Conclusions Cryptography is necessary, but not sufficient.
Using cryptography properly is very hard. We can wave our magic wands and solve that problem, and deploy strong cryptography everywhere. But we don’t have a big enough wand to fix the buggy code.

Download ppt "Security, Cryptography, and Magic"

Similar presentations

Public Key Infrastructure and Applications

Public Key Infrastructure and Applications
Secure Mobile IP Communication

Secure Mobile IP Communication
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Grid Computing, B. Wilkinson, 20045a.1 Security Continued.

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
Computer and Network Security Mini Lecture by Milica Barjaktarovic.

Computer and Network Security Mini Lecture by Milica Barjaktarovic.
Digital Signatures. Anononymity and the Internet.

Digital Signatures. Anononymity and the Internet.
Cryptography and Authentication Lab ECE4112 Group4 Joel Davis Scott Allen Quinn.

Cryptography and Authentication Lab ECE4112 Group4 Joel Davis Scott Allen Quinn.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
FIT3105 Smart card based authentication and identity management Lecture 4.

FIT3105 Smart card based authentication and identity management Lecture 4.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.

November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.

How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
1 Security and Software Engineering Steven M. Bellovin AT&T Labs – Research

1 Security and Software Engineering Steven M. Bellovin AT&T Labs – Research
Programming Satan’s Computer

Programming Satan’s Computer
Public-key Cryptography Strengths and Weaknesses Matt Blumenthal.

Public-key Cryptography Strengths and Weaknesses Matt Blumenthal.
Cryptography, Authentication and Digital Signatures

Cryptography, Authentication and Digital Signatures
Engineering Secure Software. A Ubiquitous Concern  You can make a security mistake at every step of the development lifecycle  Requirements that allow.

Engineering Secure Software. A Ubiquitous Concern  You can make a security mistake at every step of the development lifecycle  Requirements that allow.
Review of basic cryptographically algorithm Asymmetric encoding (Private and Public Keys), Hash Function, Digital Signatures and Certification.

Review of basic cryptographically algorithm Asymmetric encoding (Private and Public Keys), Hash Function, Digital Signatures and Certification.

Similar presentations

Ads by Google