SlideShare a Scribd company logo

FRONTIERS IN CRYPTOGRAPHY

LINE Corporation
LINE Corporation

LINE and intertrust security summit (c)Intertrust

Technology
1 of 20
Download to read offline
FRONTIERS IN CRYPTOGRAPHY May 2017 Robert E. Tarjan Chief Scientist, Intertrust Technologies James S. McDonnell Distinguished University Professor 
 of Computer Science, Princeton University Whitebox Security
OUTLINE •  The Public Key Cryptography Revolution •  Blackbox vs. whitebox threat models •  Obfuscation •  Theoretical results •  Practical implementations •  Whitebox Cryptography •  A specific kind of obfuscation, specifically for cryptography •  The Future © 2017 Intertrust Technologies Corporation. All Rights Reserved. 2
IN THE BEGINNING… …there was symmetric key cryptography. But how could the parties agree on keys? SECURE COMMUNICATION OUT OF BAND KEY AGREEMENT © 2017 Intertrust Technologies Corporation. All Rights Reserved. 3
Proposed by Diffie and Hellman (1976) First practical public key cryptosystem RSA (1978) PUBLIC KEY CRYPTOGRAPY Alice’s PRIVATE key Alice’s PUBLIC key Bob’s PUBLIC key Bob’s PRIVATE key © 2017 Intertrust Technologies Corporation. All Rights Reserved. 4 SECURE COMMUNICATION
Protected Environment Managed Device Crypto Library Protected Environment Managed Device Crypto Library The communication channel is protected with cryptography. The cryptographic key used at the endpoints is assumed to be protected by other means. The attacker can’t look into that crypto library. It’s a “black box”. BLACKBOX SECURITY ASSUMPTION © 2017 Intertrust Technologies Corporation. All Rights Reserved. 5 SECURE COMMUNICATION
Unprotected Environment Unmanaged Device Crypto Library The attacker can look into the crypto library. How do we secure the key? WHITEBOX © 2017 Intertrust Technologies Corporation. All Rights Reserved. 6 SECURE COMMUNICATION Cloud Services
Unprotected Environment Unmanaged Device Crypto Library Put the key back into a Blackbox! HARDWARE SECURITY © 2017 Intertrust Technologies Corporation. All Rights Reserved. 7 Cloud ServicesSECURE COMMUNICATION Blackbox
PROBLEMS WITH HARDWARE SECURITY Therefore, whitebox security solutions will continue to be important! © 2017 Intertrust Technologies Corporation. All Rights Reserved. 8 •  Attacks do exist •  Exploiting vulnerabilities 
 (e.g. backdoors, update mechanisms, cold boot attacks) •  Differential power analysis (Kocher, et al, CRYPTO ’99) •  Recovery •  Hardware is hard to update if compromised •  But software can be patched •  Priorities •  Users want cost savings and speed •  Security is often secondary Source: SPA trace showing an entire DES operation / 
 (December 14, 2010) by Mad fab / Wikimedia Creative Commons (CC BY-SA 2.0)
Provable security guarantees Very expensive for skilled attackers to succeed Lots of computation 
 and space required Must be fast and use limited memory Security Practice Theory Performance © 2017 Intertrust Technologies Corporation. All Rights Reserved. 9 THEORY VS. PRACTICE
Obfuscator: An algorithm O such that for any program P, O(P) is a program that: •  computes the same function as P •  is hard to analyze / reverse-engineer •  is not too big or too slow Intuition: an obfuscator provides a “virtual blackbox” – O(P) is a blackbox that computes P. Why might obfuscators exist? •  All canonical hard problems are problems of reverse engineering: SAT, HALTING •  Rice’s Theorem: You can’t look at the code (Turing Machine description) of a function and find out a non-trivial property of it. A Virtual Blackbox © 2017 Intertrust Technologies Corporation. All Rights Reserved. 10 WHAT IS AN OBFUSCATOR?
 ON THE (IM)POSSIBILITY OF OBFUSCATION © 2017 Intertrust Technologies Corporation. All Rights Reserved. 11 Barak, et al. “On the (im)possibility of obfuscating programs.” 
 – JACM 2002 Looks like bad news. Is obfuscation really impossible? •  There is a family of efficient programs P that are not obfuscatable in the sense that •  given any efficient program P′ that computes the same function as a program P ∈ P, 
 secrets from the “source code” of P can be recovered, yet •  given black box (oracle) access to a program P ∈ P, no efficient algorithm can reconstruct 
 the secrets of P.
•  Definitions •  Indistinguishability obfuscation – given any two equivalent circuits C0 and C1 of similar size, 
 the obfuscations iO(C0) and iO(C1) are computationally indistinguishable. •  Candidate iO functions have been described that are feasible, albeit impractical. •  Apon et al (2014) – obfuscation of a 16 bit point function blows up to 31GB. INDISTINGUISHABILITY OBFUSCATION © 2017 Intertrust Technologies Corporation. All Rights Reserved. 12 Garg, et al. “Candidate indistinguishability obfuscation and functional encryption for all circuits.” – FOCS 2013 There is hope that obfuscation in some form is possible!
“Standard” Assumption (e.g. LWE) “Most” of cryptography + OWFs © 2017 Intertrust Technologies Corporation. All Rights Reserved. 13 Indistinguishability Obfuscation VISION: IO AS HUB FOR CRYPTOGRAPHY
IO AS A HUB FOR CRYPTOGRAPHY iO + One Way Functions gives 
 Virtual Blackbox Cryptography A great theoretical achievement, but very far from being practical © 2017 Intertrust Technologies Corporation. All Rights Reserved. 14
© 2017 Intertrust Technologies Corporation. All Rights Reserved. 15 IO AS A HUB FOR CRYPTOGRAPHY (IMAGE FROM BARAK 2016) Indistinguishability Obfuscators Deniable 
 Encryption Public Key Encryption Short Signatures Group Key Exchange Traitor Tracing Oblivious Transfer Multiparty Secure Computation Non-interactive Zero Knowledge Identity-based Encryption Functional
 Encryption Source: Boaz Barak: Hopes, fears, and software obfuscation. Commun. ACM 59(3): 88-96 (2016)
•  Originally done for fun •  International Obfuscated C Code Contest •  Started in 1984, still going on •  As a security mechanism •  Make it hard to understand code, so it is hard to reverse engineer. •  Reorder data •  Changing encodings •  Converting static data to procedures •  Replacing instructions •  Opaque predicates •  Inserting dead code •  Inserting irrelevant code © 2017 Intertrust Technologies Corporation. All Rights Reserved. 16 OBFUSCATION IN PRACTICE •  Reordering •  Loop Transformations •  Function splitting/recombination •  Aliasing •  Control flow obfuscation •  Data flow obfuscation •  Parallelized code •  Name scrambling •  Removing standard library calls •  Breaking relations •  Packing/encryption •  Dynamic code modifications •  Environmental requirements •  Virtualization •  Emulation •  Anti-debugging techniques Source: Passport photo of Alan Turing at age 16 (circa 1928) / 
 Wikimedia Creative Commons (CC BY-SA 2.0) Alan Turing (1912 – 1954)
•  What if we wanted to obfuscate a specific algorithm instead of using generic transformations 
 on arbitrary algorithms? Could we provide better security? •  In particular, can we do better on cryptographic algorithms? 
 Cryptography is often the key to making applications secure. •  The answer is yes. This is an active area of research. Chow, et al (2002) Implementations of AES and DES Billet, et al (2004) Cryptanalysis of 
 Chow’s algorithms Bos, et al (2015) Differential Code Analysis Saniflex, et al (2015) Differential Fault Analysis CHES 2017 Challenge © 2017 Intertrust Technologies Corporation. All Rights Reserved. 17 WHITEBOX CRYPTOGRAPHY
WHO USES WHITEBOX SECURITY TODAY? Connected Car Entertainment Mobile Payments Medical IoT © 2017 Intertrust Technologies Corporation. All Rights Reserved. 18
•  Can any theoretical method be made practical? •  Can theoretical methods be built on stronger foundations? •  In practice, is the cat-and-mouse game winnable? •  Do we need entirely new techniques? •  How do we address the overall security problem, including prevention 
 of out-of-band and side-channel attacks? •  Cryptography is (still) a robust and evolving discipline, with many interesting 
 problems to solve. © 2017 Intertrust Technologies Corporation. All Rights Reserved. 19 WHAT IS THE FUTURE?
www.intertrust.com THANK YOU …and my thanks to Bill Horne, Steve Mitchell, and Tomas Sander 
 for designing the talk and making the slides! © 2017 Intertrust Technologies Corporation. All Rights Reserved.

Recommended

Application security as crucial to the modern distributed trust model
Application security as crucial to the modern distributed trust modelApplication security as crucial to the modern distributed trust model
Application security as crucial to the modern distributed trust modelLINE Corporation
 
Drawing the Line Correctly: Enough Security, Everywhere
Drawing the Line Correctly: Enough Security, EverywhereDrawing the Line Correctly: Enough Security, Everywhere
Drawing the Line Correctly: Enough Security, EverywhereLINE Corporation
 
“Your Security, More Simple.” by utilizing FIDO Authentication
“Your Security, More Simple.” by utilizing FIDO Authentication“Your Security, More Simple.” by utilizing FIDO Authentication
“Your Security, More Simple.” by utilizing FIDO AuthenticationLINE Corporation
 
Implementing Trusted Endpoints in the Mobile World
Implementing Trusted Endpoints in the Mobile WorldImplementing Trusted Endpoints in the Mobile World
Implementing Trusted Endpoints in the Mobile WorldLINE Corporation
 
IoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsIoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsKenny Huang Ph.D.
 
Your Thing is Pwned - Security Challenges for the IoT
Your Thing is Pwned - Security Challenges for the IoTYour Thing is Pwned - Security Challenges for the IoT
Your Thing is Pwned - Security Challenges for the IoTWSO2
 
IoT Security Training, IoT Security Awareness 2019
IoT Security Training, IoT Security Awareness 2019 IoT Security Training, IoT Security Awareness 2019
IoT Security Training, IoT Security Awareness 2019 Tonex
 
Iot(security)
Iot(security)Iot(security)
Iot(security)Shreya Pohekar
 

Recommended

Application security as crucial to the modern distributed trust model
Application security as crucial to the modern distributed trust modelApplication security as crucial to the modern distributed trust model
Application security as crucial to the modern distributed trust modelLINE Corporation
 
Drawing the Line Correctly: Enough Security, Everywhere
Drawing the Line Correctly: Enough Security, EverywhereDrawing the Line Correctly: Enough Security, Everywhere
Drawing the Line Correctly: Enough Security, EverywhereLINE Corporation
 
“Your Security, More Simple.” by utilizing FIDO Authentication
“Your Security, More Simple.” by utilizing FIDO Authentication“Your Security, More Simple.” by utilizing FIDO Authentication
“Your Security, More Simple.” by utilizing FIDO AuthenticationLINE Corporation
 
Implementing Trusted Endpoints in the Mobile World
Implementing Trusted Endpoints in the Mobile WorldImplementing Trusted Endpoints in the Mobile World
Implementing Trusted Endpoints in the Mobile WorldLINE Corporation
 
IoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsIoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsKenny Huang Ph.D.
 
Your Thing is Pwned - Security Challenges for the IoT
Your Thing is Pwned - Security Challenges for the IoTYour Thing is Pwned - Security Challenges for the IoT
Your Thing is Pwned - Security Challenges for the IoTWSO2
 
IoT Security Training, IoT Security Awareness 2019
IoT Security Training, IoT Security Awareness 2019 IoT Security Training, IoT Security Awareness 2019
IoT Security Training, IoT Security Awareness 2019 Tonex
 
Iot(security)
Iot(security)Iot(security)
Iot(security)Shreya Pohekar
 
Security challenges for IoT
Security challenges for IoTSecurity challenges for IoT
Security challenges for IoTWSO2
 
IoT Security Imperative: Stop your Fridge from Sending you Spam
IoT Security Imperative: Stop your Fridge from Sending you SpamIoT Security Imperative: Stop your Fridge from Sending you Spam
IoT Security Imperative: Stop your Fridge from Sending you SpamAmit Rohatgi
 
Iot Security, Internet of Things
Iot Security, Internet of ThingsIot Security, Internet of Things
Iot Security, Internet of ThingsBryan Len
 
IOT Security
IOT SecurityIOT Security
IOT SecuritySylvain Martinez
 
Conférence ARBOR ACSS 2018
Conférence ARBOR ACSS 2018Conférence ARBOR ACSS 2018
Conférence ARBOR ACSS 2018African Cyber Security Summit
 
Security in the Internet of Things
Security in the Internet of ThingsSecurity in the Internet of Things
Security in the Internet of ThingsForgeRock
 
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesPierluigi Paganini
 
IoT Security, Mirai Revisited
IoT Security, Mirai RevisitedIoT Security, Mirai Revisited
IoT Security, Mirai RevisitedClare Nelson, CISSP, CIPP-E
 
Arnaud Thiercelin at AI Frontiers : AI in the Sky
Arnaud Thiercelin at AI Frontiers : AI in the SkyArnaud Thiercelin at AI Frontiers : AI in the Sky
Arnaud Thiercelin at AI Frontiers : AI in the SkyAI Frontiers
 
[Cisco Connect 2018 - Vietnam] Brian cotaz cyber security strategy
[Cisco Connect 2018 - Vietnam] Brian cotaz cyber security strategy [Cisco Connect 2018 - Vietnam] Brian cotaz cyber security strategy
[Cisco Connect 2018 - Vietnam] Brian cotaz cyber security strategy Nur Shiqim Chok
 
Fixing the Last Missing Piece in Securing IoT
Fixing the Last Missing Piece in Securing IoTFixing the Last Missing Piece in Securing IoT
Fixing the Last Missing Piece in Securing IoTNUS-ISS
 
Security Fundamental for IoT Devices; Creating the Internet of Secure Things
Security Fundamental for IoT Devices; Creating the Internet of Secure ThingsSecurity Fundamental for IoT Devices; Creating the Internet of Secure Things
Security Fundamental for IoT Devices; Creating the Internet of Secure ThingsDesign World
 
Privacy & Security for the Internet of Things
Privacy & Security for the Internet of ThingsPrivacy & Security for the Internet of Things
Privacy & Security for the Internet of ThingsGerry Elman
 
BlockchainLAB Hackathon
BlockchainLAB HackathonBlockchainLAB Hackathon
BlockchainLAB HackathonAleksandr Kopnin
 
AI/ML for Real-time decision-making in IT/OT
AI/ML for Real-time decision-making in IT/OTAI/ML for Real-time decision-making in IT/OT
AI/ML for Real-time decision-making in IT/OTJustin Hayward
 
Irdeto Spokesman Yuan Xiang Gu Speaks At ISI SSP Beijing 2011
Irdeto Spokesman Yuan Xiang Gu Speaks At ISI SSP Beijing 2011Irdeto Spokesman Yuan Xiang Gu Speaks At ISI SSP Beijing 2011
Irdeto Spokesman Yuan Xiang Gu Speaks At ISI SSP Beijing 2011EASTWEST Public Relations
 
Internet of Things Security
Internet of Things SecurityInternet of Things Security
Internet of Things SecurityTutun Juhana
 
Mark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of ThingsMark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of ThingsStanford School of Engineering
 
Securing Internet of Things
Securing Internet of ThingsSecuring Internet of Things
Securing Internet of ThingsRishabh Sharma
 
IoT Security: Cases and Methods [CON5446]
IoT Security: Cases and Methods [CON5446]IoT Security: Cases and Methods [CON5446]
IoT Security: Cases and Methods [CON5446]Leonardo De Moura Rocha Lima
 
FIDO認証で「あんしんをもっと便利に」
FIDO認証で「あんしんをもっと便利に」FIDO認証で「あんしんをもっと便利に」
FIDO認証で「あんしんをもっと便利に」LINE Corporation
 
Prometheus casual talk1
Prometheus casual talk1Prometheus casual talk1
Prometheus casual talk1wyukawa
 

More Related Content

What's hot

Security challenges for IoT
Security challenges for IoTSecurity challenges for IoT
Security challenges for IoTWSO2
 
IoT Security Imperative: Stop your Fridge from Sending you Spam
IoT Security Imperative: Stop your Fridge from Sending you SpamIoT Security Imperative: Stop your Fridge from Sending you Spam
IoT Security Imperative: Stop your Fridge from Sending you SpamAmit Rohatgi
 
Iot Security, Internet of Things
Iot Security, Internet of ThingsIot Security, Internet of Things
Iot Security, Internet of ThingsBryan Len
 
Security in the Internet of Things
Security in the Internet of ThingsSecurity in the Internet of Things
Security in the Internet of ThingsForgeRock
 
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesPierluigi Paganini
 
Arnaud Thiercelin at AI Frontiers : AI in the Sky
Arnaud Thiercelin at AI Frontiers : AI in the SkyArnaud Thiercelin at AI Frontiers : AI in the Sky
Arnaud Thiercelin at AI Frontiers : AI in the SkyAI Frontiers
 
[Cisco Connect 2018 - Vietnam] Brian cotaz cyber security strategy
[Cisco Connect 2018 - Vietnam] Brian cotaz cyber security strategy [Cisco Connect 2018 - Vietnam] Brian cotaz cyber security strategy
[Cisco Connect 2018 - Vietnam] Brian cotaz cyber security strategy Nur Shiqim Chok
 
Fixing the Last Missing Piece in Securing IoT
Fixing the Last Missing Piece in Securing IoTFixing the Last Missing Piece in Securing IoT
Fixing the Last Missing Piece in Securing IoTNUS-ISS
 
Security Fundamental for IoT Devices; Creating the Internet of Secure Things
Security Fundamental for IoT Devices; Creating the Internet of Secure ThingsSecurity Fundamental for IoT Devices; Creating the Internet of Secure Things
Security Fundamental for IoT Devices; Creating the Internet of Secure ThingsDesign World
 
Privacy & Security for the Internet of Things
Privacy & Security for the Internet of ThingsPrivacy & Security for the Internet of Things
Privacy & Security for the Internet of ThingsGerry Elman
 
AI/ML for Real-time decision-making in IT/OT
AI/ML for Real-time decision-making in IT/OTAI/ML for Real-time decision-making in IT/OT
AI/ML for Real-time decision-making in IT/OTJustin Hayward
 
Irdeto Spokesman Yuan Xiang Gu Speaks At ISI SSP Beijing 2011
Irdeto Spokesman Yuan Xiang Gu Speaks At ISI SSP Beijing 2011Irdeto Spokesman Yuan Xiang Gu Speaks At ISI SSP Beijing 2011
Irdeto Spokesman Yuan Xiang Gu Speaks At ISI SSP Beijing 2011EASTWEST Public Relations
 
Internet of Things Security
Internet of Things SecurityInternet of Things Security
Internet of Things SecurityTutun Juhana
 
Mark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of ThingsMark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of ThingsStanford School of Engineering
 
Securing Internet of Things
Securing Internet of ThingsSecuring Internet of Things
Securing Internet of ThingsRishabh Sharma
 

What's hot (20)

Security challenges for IoT
Security challenges for IoTSecurity challenges for IoT
Security challenges for IoT
 
IoT Security Imperative: Stop your Fridge from Sending you Spam
IoT Security Imperative: Stop your Fridge from Sending you SpamIoT Security Imperative: Stop your Fridge from Sending you Spam
IoT Security Imperative: Stop your Fridge from Sending you Spam
 
Iot Security, Internet of Things
Iot Security, Internet of ThingsIot Security, Internet of Things
Iot Security, Internet of Things
 
IOT Security
IOT SecurityIOT Security
IOT Security
 
Conférence ARBOR ACSS 2018
Conférence ARBOR ACSS 2018Conférence ARBOR ACSS 2018
Conférence ARBOR ACSS 2018
 
Security in the Internet of Things
Security in the Internet of ThingsSecurity in the Internet of Things
Security in the Internet of Things
 
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issues
 
IoT Security, Mirai Revisited
IoT Security, Mirai RevisitedIoT Security, Mirai Revisited
IoT Security, Mirai Revisited
 
Arnaud Thiercelin at AI Frontiers : AI in the Sky
Arnaud Thiercelin at AI Frontiers : AI in the SkyArnaud Thiercelin at AI Frontiers : AI in the Sky
Arnaud Thiercelin at AI Frontiers : AI in the Sky
 
[Cisco Connect 2018 - Vietnam] Brian cotaz cyber security strategy
[Cisco Connect 2018 - Vietnam] Brian cotaz cyber security strategy [Cisco Connect 2018 - Vietnam] Brian cotaz cyber security strategy
[Cisco Connect 2018 - Vietnam] Brian cotaz cyber security strategy
 
Fixing the Last Missing Piece in Securing IoT
Fixing the Last Missing Piece in Securing IoTFixing the Last Missing Piece in Securing IoT
Fixing the Last Missing Piece in Securing IoT
 
Security Fundamental for IoT Devices; Creating the Internet of Secure Things
Security Fundamental for IoT Devices; Creating the Internet of Secure ThingsSecurity Fundamental for IoT Devices; Creating the Internet of Secure Things
Security Fundamental for IoT Devices; Creating the Internet of Secure Things
 
Privacy & Security for the Internet of Things
Privacy & Security for the Internet of ThingsPrivacy & Security for the Internet of Things
Privacy & Security for the Internet of Things
 
BlockchainLAB Hackathon
BlockchainLAB HackathonBlockchainLAB Hackathon
BlockchainLAB Hackathon
 
AI/ML for Real-time decision-making in IT/OT
AI/ML for Real-time decision-making in IT/OTAI/ML for Real-time decision-making in IT/OT
AI/ML for Real-time decision-making in IT/OT
 
Irdeto Spokesman Yuan Xiang Gu Speaks At ISI SSP Beijing 2011
Irdeto Spokesman Yuan Xiang Gu Speaks At ISI SSP Beijing 2011Irdeto Spokesman Yuan Xiang Gu Speaks At ISI SSP Beijing 2011
Irdeto Spokesman Yuan Xiang Gu Speaks At ISI SSP Beijing 2011
 
Internet of Things Security
Internet of Things SecurityInternet of Things Security
Internet of Things Security
 
Mark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of ThingsMark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of Things
 
Securing Internet of Things
Securing Internet of ThingsSecuring Internet of Things
Securing Internet of Things
 
IoT Security: Cases and Methods [CON5446]
IoT Security: Cases and Methods [CON5446]IoT Security: Cases and Methods [CON5446]
IoT Security: Cases and Methods [CON5446]
 

Viewers also liked

FIDO認証で「あんしんをもっと便利に」
FIDO認証で「あんしんをもっと便利に」FIDO認証で「あんしんをもっと便利に」
FIDO認証で「あんしんをもっと便利に」LINE Corporation
 
Prometheus casual talk1
Prometheus casual talk1Prometheus casual talk1
Prometheus casual talk1wyukawa
 
ゲーム開発を加速させる クライアントセキュリティ
ゲーム開発を加速させる クライアントセキュリティゲーム開発を加速させる クライアントセキュリティ
ゲーム開発を加速させる クライアントセキュリティLINE Corporation
 
promgen - prometheus managemnet tool / simpleclient_java hacks @ Prometheus c...
promgen - prometheus managemnet tool / simpleclient_java hacks @ Prometheus c...promgen - prometheus managemnet tool / simpleclient_java hacks @ Prometheus c...
promgen - prometheus managemnet tool / simpleclient_java hacks @ Prometheus c...Tokuhiro Matsuno
 
Monitoring Kafka w/ Prometheus
Monitoring Kafka w/ PrometheusMonitoring Kafka w/ Prometheus
Monitoring Kafka w/ Prometheuskawamuray
 
Introduction to the FIDO Alliance
Introduction to the FIDO AllianceIntroduction to the FIDO Alliance
Introduction to the FIDO AllianceFIDO Alliance
 

Viewers also liked (7)

FIDO認証で「あんしんをもっと便利に」
FIDO認証で「あんしんをもっと便利に」FIDO認証で「あんしんをもっと便利に」
FIDO認証で「あんしんをもっと便利に」
 
Prometheus casual talk1
Prometheus casual talk1Prometheus casual talk1
Prometheus casual talk1
 
ゲーム開発を加速させる クライアントセキュリティ
ゲーム開発を加速させる クライアントセキュリティゲーム開発を加速させる クライアントセキュリティ
ゲーム開発を加速させる クライアントセキュリティ
 
Prometheus on AWS
Prometheus on AWSPrometheus on AWS
Prometheus on AWS
 
promgen - prometheus managemnet tool / simpleclient_java hacks @ Prometheus c...
promgen - prometheus managemnet tool / simpleclient_java hacks @ Prometheus c...promgen - prometheus managemnet tool / simpleclient_java hacks @ Prometheus c...
promgen - prometheus managemnet tool / simpleclient_java hacks @ Prometheus c...
 
Monitoring Kafka w/ Prometheus
Monitoring Kafka w/ PrometheusMonitoring Kafka w/ Prometheus
Monitoring Kafka w/ Prometheus
 
Introduction to the FIDO Alliance
Introduction to the FIDO AllianceIntroduction to the FIDO Alliance
Introduction to the FIDO Alliance
 

Similar to FRONTIERS IN CRYPTOGRAPHY

Cloud last
Cloud lastCloud last
Cloud lastAnmitas1
 
Oral.pptx
Oral.pptxOral.pptx
Oral.pptxSasal6
 
Nt1310 Unit 6 Powerpoint
Nt1310 Unit 6 PowerpointNt1310 Unit 6 Powerpoint
Nt1310 Unit 6 PowerpointJanet Robinson
 
Our Concurrent Past; Our Distributed Future
Our Concurrent Past; Our Distributed FutureOur Concurrent Past; Our Distributed Future
Our Concurrent Past; Our Distributed FutureC4Media
 
DevSecOps and Drupal: Securing your applications in a modern IT landscape
DevSecOps and Drupal: Securing your applications in a modern IT landscapeDevSecOps and Drupal: Securing your applications in a modern IT landscape
DevSecOps and Drupal: Securing your applications in a modern IT landscapeWill Hall
 
2016 05 sanger
2016 05 sanger2016 05 sanger
2016 05 sangerChris Dwan
 
Oral.pptx
Oral.pptxOral.pptx
Oral.pptxSasal6
 
cloud security using Fog Computing
cloud security using Fog Computingcloud security using Fog Computing
cloud security using Fog Computingarchana lisbon
 
RSA2015: Securing the Internet of Things
RSA2015: Securing the Internet of ThingsRSA2015: Securing the Internet of Things
RSA2015: Securing the Internet of ThingsDaniel Miessler
 
DESIGN AND IMPLEMENTATION OF DATA ENCRYPTION SOFTWARE
DESIGN AND IMPLEMENTATION OF DATA ENCRYPTION SOFTWAREDESIGN AND IMPLEMENTATION OF DATA ENCRYPTION SOFTWARE
DESIGN AND IMPLEMENTATION OF DATA ENCRYPTION SOFTWAREAyanda Demilade
 
10.11648.j.ijdst.20160204.12
10.11648.j.ijdst.20160204.1210.11648.j.ijdst.20160204.12
10.11648.j.ijdst.20160204.12Arindam Paul
 
Slide Deck CISSP Class Session 6
Slide Deck CISSP Class Session 6Slide Deck CISSP Class Session 6
Slide Deck CISSP Class Session 6FRSecure
 
How Can We Answer the Really BIG Questions?
How Can We Answer the Really BIG Questions?How Can We Answer the Really BIG Questions?
How Can We Answer the Really BIG Questions?Amazon Web Services
 
Internet of Things (IoT) Security using stream cipher.ppt
Internet of Things (IoT) Security using stream cipher.pptInternet of Things (IoT) Security using stream cipher.ppt
Internet of Things (IoT) Security using stream cipher.pptAliSalman110
 
Software Preservation: challenges and opportunities for reproductibility (Sci...
Software Preservation: challenges and opportunities for reproductibility (Sci...Software Preservation: challenges and opportunities for reproductibility (Sci...
Software Preservation: challenges and opportunities for reproductibility (Sci...Roberto Di Cosmo
 
ScilabTEC 2015 - Irill
ScilabTEC 2015 - IrillScilabTEC 2015 - Irill
ScilabTEC 2015 - IrillScilab
 
Long Life Software
Long Life SoftwareLong Life Software
Long Life SoftwareMike Long
 
Building cloud-enabled genomics workflows with Luigi and Docker
Building cloud-enabled genomics workflows with Luigi and DockerBuilding cloud-enabled genomics workflows with Luigi and Docker
Building cloud-enabled genomics workflows with Luigi and DockerJacob Feala
 
ANALYSIS OF SIDE CHANNEL ATTACKS ON VARIOUS CRYPTOGRAPHIC ALGORITHMS
ANALYSIS OF SIDE CHANNEL ATTACKS ON VARIOUS CRYPTOGRAPHIC ALGORITHMSANALYSIS OF SIDE CHANNEL ATTACKS ON VARIOUS CRYPTOGRAPHIC ALGORITHMS
ANALYSIS OF SIDE CHANNEL ATTACKS ON VARIOUS CRYPTOGRAPHIC ALGORITHMSJournal For Research
 

Similar to FRONTIERS IN CRYPTOGRAPHY (20)

Cloud last
Cloud lastCloud last
Cloud last
 
Oral.pptx
Oral.pptxOral.pptx
Oral.pptx
 
Nt1310 Unit 6 Powerpoint
Nt1310 Unit 6 PowerpointNt1310 Unit 6 Powerpoint
Nt1310 Unit 6 Powerpoint
 
Our Concurrent Past; Our Distributed Future
Our Concurrent Past; Our Distributed FutureOur Concurrent Past; Our Distributed Future
Our Concurrent Past; Our Distributed Future
 
DevSecOps and Drupal: Securing your applications in a modern IT landscape
DevSecOps and Drupal: Securing your applications in a modern IT landscapeDevSecOps and Drupal: Securing your applications in a modern IT landscape
DevSecOps and Drupal: Securing your applications in a modern IT landscape
 
2016 05 sanger
2016 05 sanger2016 05 sanger
2016 05 sanger
 
Oral.pptx
Oral.pptxOral.pptx
Oral.pptx
 
cloud security using Fog Computing
cloud security using Fog Computingcloud security using Fog Computing
cloud security using Fog Computing
 
RSA2015: Securing the Internet of Things
RSA2015: Securing the Internet of ThingsRSA2015: Securing the Internet of Things
RSA2015: Securing the Internet of Things
 
DESIGN AND IMPLEMENTATION OF DATA ENCRYPTION SOFTWARE
DESIGN AND IMPLEMENTATION OF DATA ENCRYPTION SOFTWAREDESIGN AND IMPLEMENTATION OF DATA ENCRYPTION SOFTWARE
DESIGN AND IMPLEMENTATION OF DATA ENCRYPTION SOFTWARE
 
10.11648.j.ijdst.20160204.12
10.11648.j.ijdst.20160204.1210.11648.j.ijdst.20160204.12
10.11648.j.ijdst.20160204.12
 
Slide Deck CISSP Class Session 6
Slide Deck CISSP Class Session 6Slide Deck CISSP Class Session 6
Slide Deck CISSP Class Session 6
 
How Can We Answer the Really BIG Questions?
How Can We Answer the Really BIG Questions?How Can We Answer the Really BIG Questions?
How Can We Answer the Really BIG Questions?
 
Internet of Things (IoT) Security using stream cipher.ppt
Internet of Things (IoT) Security using stream cipher.pptInternet of Things (IoT) Security using stream cipher.ppt
Internet of Things (IoT) Security using stream cipher.ppt
 
Software Preservation: challenges and opportunities for reproductibility (Sci...
Software Preservation: challenges and opportunities for reproductibility (Sci...Software Preservation: challenges and opportunities for reproductibility (Sci...
Software Preservation: challenges and opportunities for reproductibility (Sci...
 
ScilabTEC 2015 - Irill
ScilabTEC 2015 - IrillScilabTEC 2015 - Irill
ScilabTEC 2015 - Irill
 
Ppsp icassp17v10
Ppsp icassp17v10Ppsp icassp17v10
Ppsp icassp17v10
 
Long Life Software
Long Life SoftwareLong Life Software
Long Life Software
 
Building cloud-enabled genomics workflows with Luigi and Docker
Building cloud-enabled genomics workflows with Luigi and DockerBuilding cloud-enabled genomics workflows with Luigi and Docker
Building cloud-enabled genomics workflows with Luigi and Docker
 
ANALYSIS OF SIDE CHANNEL ATTACKS ON VARIOUS CRYPTOGRAPHIC ALGORITHMS
ANALYSIS OF SIDE CHANNEL ATTACKS ON VARIOUS CRYPTOGRAPHIC ALGORITHMSANALYSIS OF SIDE CHANNEL ATTACKS ON VARIOUS CRYPTOGRAPHIC ALGORITHMS
ANALYSIS OF SIDE CHANNEL ATTACKS ON VARIOUS CRYPTOGRAPHIC ALGORITHMS
 

More from LINE Corporation

JJUG CCC 2018 Fall 懇親会LT
JJUG CCC 2018 Fall 懇親会LTJJUG CCC 2018 Fall 懇親会LT
JJUG CCC 2018 Fall 懇親会LTLINE Corporation
 
Reduce dependency on Rx with Kotlin Coroutines
Reduce dependency on Rx with Kotlin CoroutinesReduce dependency on Rx with Kotlin Coroutines
Reduce dependency on Rx with Kotlin CoroutinesLINE Corporation
 
Kotlin/NativeでAndroidのNativeメソッドを実装してみた
Kotlin/NativeでAndroidのNativeメソッドを実装してみたKotlin/NativeでAndroidのNativeメソッドを実装してみた
Kotlin/NativeでAndroidのNativeメソッドを実装してみたLINE Corporation
 
Use Kotlin scripts and Clova SDK to build your Clova extension
Use Kotlin scripts and Clova SDK to build your Clova extensionUse Kotlin scripts and Clova SDK to build your Clova extension
Use Kotlin scripts and Clova SDK to build your Clova extensionLINE Corporation
 
The Magic of LINE 購物 Testing
The Magic of LINE 購物 TestingThe Magic of LINE 購物 Testing
The Magic of LINE 購物 TestingLINE Corporation
 
UI Automation Test with JUnit5
UI Automation Test with JUnit5UI Automation Test with JUnit5
UI Automation Test with JUnit5LINE Corporation
 
Feature Detection for UI Testing
Feature Detection for UI TestingFeature Detection for UI Testing
Feature Detection for UI TestingLINE Corporation
 
LINE 新星計劃介紹與新創團隊分享
LINE 新星計劃介紹與新創團隊分享LINE 新星計劃介紹與新創團隊分享
LINE 新星計劃介紹與新創團隊分享LINE Corporation
 
​LINE 技術合作夥伴與應用分享
​LINE 技術合作夥伴與應用分享​LINE 技術合作夥伴與應用分享
​LINE 技術合作夥伴與應用分享LINE Corporation
 
LINE 開發者社群經營與技術推廣
LINE 開發者社群經營與技術推廣LINE 開發者社群經營與技術推廣
LINE 開發者社群經營與技術推廣LINE Corporation
 
日本開發者大會短講分享
日本開發者大會短講分享日本開發者大會短講分享
日本開發者大會短講分享LINE Corporation
 
LINE Chatbot - 活動報名報到設計分享
LINE Chatbot - 活動報名報到設計分享LINE Chatbot - 活動報名報到設計分享
LINE Chatbot - 活動報名報到設計分享LINE Corporation
 
在 LINE 私有雲中使用 Managed Kubernetes
在 LINE 私有雲中使用 Managed Kubernetes在 LINE 私有雲中使用 Managed Kubernetes
在 LINE 私有雲中使用 Managed KubernetesLINE Corporation
 
LINE TODAY高效率的敏捷測試開發技巧
LINE TODAY高效率的敏捷測試開發技巧LINE TODAY高效率的敏捷測試開發技巧
LINE TODAY高效率的敏捷測試開發技巧LINE Corporation
 
LINE 區塊鏈平台及代幣經濟 - LINK Chain及LINK介紹
LINE 區塊鏈平台及代幣經濟 - LINK Chain及LINK介紹LINE 區塊鏈平台及代幣經濟 - LINK Chain及LINK介紹
LINE 區塊鏈平台及代幣經濟 - LINK Chain及LINK介紹LINE Corporation
 
LINE Things - LINE IoT平台新技術分享
LINE Things - LINE IoT平台新技術分享LINE Things - LINE IoT平台新技術分享
LINE Things - LINE IoT平台新技術分享LINE Corporation
 
LINE Pay - 一卡通支付新體驗
LINE Pay - 一卡通支付新體驗LINE Pay - 一卡通支付新體驗
LINE Pay - 一卡通支付新體驗LINE Corporation
 
LINE Platform API Update - 打造一個更好的Chatbot服務
LINE Platform API Update - 打造一個更好的Chatbot服務LINE Platform API Update - 打造一個更好的Chatbot服務
LINE Platform API Update - 打造一個更好的Chatbot服務LINE Corporation
 
Keynote - ​LINE 的技術策略佈局與跨國產品開發
Keynote - ​LINE 的技術策略佈局與跨國產品開發Keynote - ​LINE 的技術策略佈局與跨國產品開發
Keynote - ​LINE 的技術策略佈局與跨國產品開發LINE Corporation
 

More from LINE Corporation (20)

JJUG CCC 2018 Fall 懇親会LT
JJUG CCC 2018 Fall 懇親会LTJJUG CCC 2018 Fall 懇親会LT
JJUG CCC 2018 Fall 懇親会LT
 
Reduce dependency on Rx with Kotlin Coroutines
Reduce dependency on Rx with Kotlin CoroutinesReduce dependency on Rx with Kotlin Coroutines
Reduce dependency on Rx with Kotlin Coroutines
 
Kotlin/NativeでAndroidのNativeメソッドを実装してみた
Kotlin/NativeでAndroidのNativeメソッドを実装してみたKotlin/NativeでAndroidのNativeメソッドを実装してみた
Kotlin/NativeでAndroidのNativeメソッドを実装してみた
 
Use Kotlin scripts and Clova SDK to build your Clova extension
Use Kotlin scripts and Clova SDK to build your Clova extensionUse Kotlin scripts and Clova SDK to build your Clova extension
Use Kotlin scripts and Clova SDK to build your Clova extension
 
The Magic of LINE 購物 Testing
The Magic of LINE 購物 TestingThe Magic of LINE 購物 Testing
The Magic of LINE 購物 Testing
 
GA Test Automation
GA Test AutomationGA Test Automation
GA Test Automation
 
UI Automation Test with JUnit5
UI Automation Test with JUnit5UI Automation Test with JUnit5
UI Automation Test with JUnit5
 
Feature Detection for UI Testing
Feature Detection for UI TestingFeature Detection for UI Testing
Feature Detection for UI Testing
 
LINE 新星計劃介紹與新創團隊分享
LINE 新星計劃介紹與新創團隊分享LINE 新星計劃介紹與新創團隊分享
LINE 新星計劃介紹與新創團隊分享
 
​LINE 技術合作夥伴與應用分享
​LINE 技術合作夥伴與應用分享​LINE 技術合作夥伴與應用分享
​LINE 技術合作夥伴與應用分享
 
LINE 開發者社群經營與技術推廣
LINE 開發者社群經營與技術推廣LINE 開發者社群經營與技術推廣
LINE 開發者社群經營與技術推廣
 
日本開發者大會短講分享
日本開發者大會短講分享日本開發者大會短講分享
日本開發者大會短講分享
 
LINE Chatbot - 活動報名報到設計分享
LINE Chatbot - 活動報名報到設計分享LINE Chatbot - 活動報名報到設計分享
LINE Chatbot - 活動報名報到設計分享
 
在 LINE 私有雲中使用 Managed Kubernetes
在 LINE 私有雲中使用 Managed Kubernetes在 LINE 私有雲中使用 Managed Kubernetes
在 LINE 私有雲中使用 Managed Kubernetes
 
LINE TODAY高效率的敏捷測試開發技巧
LINE TODAY高效率的敏捷測試開發技巧LINE TODAY高效率的敏捷測試開發技巧
LINE TODAY高效率的敏捷測試開發技巧
 
LINE 區塊鏈平台及代幣經濟 - LINK Chain及LINK介紹
LINE 區塊鏈平台及代幣經濟 - LINK Chain及LINK介紹LINE 區塊鏈平台及代幣經濟 - LINK Chain及LINK介紹
LINE 區塊鏈平台及代幣經濟 - LINK Chain及LINK介紹
 
LINE Things - LINE IoT平台新技術分享
LINE Things - LINE IoT平台新技術分享LINE Things - LINE IoT平台新技術分享
LINE Things - LINE IoT平台新技術分享
 
LINE Pay - 一卡通支付新體驗
LINE Pay - 一卡通支付新體驗LINE Pay - 一卡通支付新體驗
LINE Pay - 一卡通支付新體驗
 
LINE Platform API Update - 打造一個更好的Chatbot服務
LINE Platform API Update - 打造一個更好的Chatbot服務LINE Platform API Update - 打造一個更好的Chatbot服務
LINE Platform API Update - 打造一個更好的Chatbot服務
 
Keynote - ​LINE 的技術策略佈局與跨國產品開發
Keynote - ​LINE 的技術策略佈局與跨國產品開發Keynote - ​LINE 的技術策略佈局與跨國產品開發
Keynote - ​LINE 的技術策略佈局與跨國產品開發
 

Recently uploaded

CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 

Recently uploaded (20)

CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 

FRONTIERS IN CRYPTOGRAPHY

  • 1. FRONTIERS IN CRYPTOGRAPHY May 2017 Robert E. Tarjan Chief Scientist, Intertrust Technologies James S. McDonnell Distinguished University Professor 
 of Computer Science, Princeton University Whitebox Security
  • 2. OUTLINE •  The Public Key Cryptography Revolution •  Blackbox vs. whitebox threat models •  Obfuscation •  Theoretical results •  Practical implementations •  Whitebox Cryptography •  A specific kind of obfuscation, specifically for cryptography •  The Future © 2017 Intertrust Technologies Corporation. All Rights Reserved. 2
  • 3. IN THE BEGINNING… …there was symmetric key cryptography. But how could the parties agree on keys? SECURE COMMUNICATION OUT OF BAND KEY AGREEMENT © 2017 Intertrust Technologies Corporation. All Rights Reserved. 3
  • 4. Proposed by Diffie and Hellman (1976) First practical public key cryptosystem RSA (1978) PUBLIC KEY CRYPTOGRAPY Alice’s PRIVATE key Alice’s PUBLIC key Bob’s PUBLIC key Bob’s PRIVATE key © 2017 Intertrust Technologies Corporation. All Rights Reserved. 4 SECURE COMMUNICATION
  • 5. Protected Environment Managed Device Crypto Library Protected Environment Managed Device Crypto Library The communication channel is protected with cryptography. The cryptographic key used at the endpoints is assumed to be protected by other means. The attacker can’t look into that crypto library. It’s a “black box”. BLACKBOX SECURITY ASSUMPTION © 2017 Intertrust Technologies Corporation. All Rights Reserved. 5 SECURE COMMUNICATION
  • 6. Unprotected Environment Unmanaged Device Crypto Library The attacker can look into the crypto library. How do we secure the key? WHITEBOX © 2017 Intertrust Technologies Corporation. All Rights Reserved. 6 SECURE COMMUNICATION Cloud Services
  • 7. Unprotected Environment Unmanaged Device Crypto Library Put the key back into a Blackbox! HARDWARE SECURITY © 2017 Intertrust Technologies Corporation. All Rights Reserved. 7 Cloud ServicesSECURE COMMUNICATION Blackbox
  • 8. PROBLEMS WITH HARDWARE SECURITY Therefore, whitebox security solutions will continue to be important! © 2017 Intertrust Technologies Corporation. All Rights Reserved. 8 •  Attacks do exist •  Exploiting vulnerabilities 
 (e.g. backdoors, update mechanisms, cold boot attacks) •  Differential power analysis (Kocher, et al, CRYPTO ’99) •  Recovery •  Hardware is hard to update if compromised •  But software can be patched •  Priorities •  Users want cost savings and speed •  Security is often secondary Source: SPA trace showing an entire DES operation / 
 (December 14, 2010) by Mad fab / Wikimedia Creative Commons (CC BY-SA 2.0)
  • 9. Provable security guarantees Very expensive for skilled attackers to succeed Lots of computation 
 and space required Must be fast and use limited memory Security Practice Theory Performance © 2017 Intertrust Technologies Corporation. All Rights Reserved. 9 THEORY VS. PRACTICE
  • 10. Obfuscator: An algorithm O such that for any program P, O(P) is a program that: •  computes the same function as P •  is hard to analyze / reverse-engineer •  is not too big or too slow Intuition: an obfuscator provides a “virtual blackbox” – O(P) is a blackbox that computes P. Why might obfuscators exist? •  All canonical hard problems are problems of reverse engineering: SAT, HALTING •  Rice’s Theorem: You can’t look at the code (Turing Machine description) of a function and find out a non-trivial property of it. A Virtual Blackbox © 2017 Intertrust Technologies Corporation. All Rights Reserved. 10 WHAT IS AN OBFUSCATOR?
  • 11.  ON THE (IM)POSSIBILITY OF OBFUSCATION © 2017 Intertrust Technologies Corporation. All Rights Reserved. 11 Barak, et al. “On the (im)possibility of obfuscating programs.” 
 – JACM 2002 Looks like bad news. Is obfuscation really impossible? •  There is a family of efficient programs P that are not obfuscatable in the sense that •  given any efficient program P′ that computes the same function as a program P ∈ P, 
 secrets from the “source code” of P can be recovered, yet •  given black box (oracle) access to a program P ∈ P, no efficient algorithm can reconstruct 
 the secrets of P.
  • 12. •  Definitions •  Indistinguishability obfuscation – given any two equivalent circuits C0 and C1 of similar size, 
 the obfuscations iO(C0) and iO(C1) are computationally indistinguishable. •  Candidate iO functions have been described that are feasible, albeit impractical. •  Apon et al (2014) – obfuscation of a 16 bit point function blows up to 31GB. INDISTINGUISHABILITY OBFUSCATION © 2017 Intertrust Technologies Corporation. All Rights Reserved. 12 Garg, et al. “Candidate indistinguishability obfuscation and functional encryption for all circuits.” – FOCS 2013 There is hope that obfuscation in some form is possible!
  • 13. “Standard” Assumption (e.g. LWE) “Most” of cryptography + OWFs © 2017 Intertrust Technologies Corporation. All Rights Reserved. 13 Indistinguishability Obfuscation VISION: IO AS HUB FOR CRYPTOGRAPHY
  • 14. IO AS A HUB FOR CRYPTOGRAPHY iO + One Way Functions gives 
 Virtual Blackbox Cryptography A great theoretical achievement, but very far from being practical © 2017 Intertrust Technologies Corporation. All Rights Reserved. 14
  • 15. © 2017 Intertrust Technologies Corporation. All Rights Reserved. 15 IO AS A HUB FOR CRYPTOGRAPHY (IMAGE FROM BARAK 2016) Indistinguishability Obfuscators Deniable 
 Encryption Public Key Encryption Short Signatures Group Key Exchange Traitor Tracing Oblivious Transfer Multiparty Secure Computation Non-interactive Zero Knowledge Identity-based Encryption Functional
 Encryption Source: Boaz Barak: Hopes, fears, and software obfuscation. Commun. ACM 59(3): 88-96 (2016)
  • 16. •  Originally done for fun •  International Obfuscated C Code Contest •  Started in 1984, still going on •  As a security mechanism •  Make it hard to understand code, so it is hard to reverse engineer. •  Reorder data •  Changing encodings •  Converting static data to procedures •  Replacing instructions •  Opaque predicates •  Inserting dead code •  Inserting irrelevant code © 2017 Intertrust Technologies Corporation. All Rights Reserved. 16 OBFUSCATION IN PRACTICE •  Reordering •  Loop Transformations •  Function splitting/recombination •  Aliasing •  Control flow obfuscation •  Data flow obfuscation •  Parallelized code •  Name scrambling •  Removing standard library calls •  Breaking relations •  Packing/encryption •  Dynamic code modifications •  Environmental requirements •  Virtualization •  Emulation •  Anti-debugging techniques Source: Passport photo of Alan Turing at age 16 (circa 1928) / 
 Wikimedia Creative Commons (CC BY-SA 2.0) Alan Turing (1912 – 1954)
  • 17. •  What if we wanted to obfuscate a specific algorithm instead of using generic transformations 
 on arbitrary algorithms? Could we provide better security? •  In particular, can we do better on cryptographic algorithms? 
 Cryptography is often the key to making applications secure. •  The answer is yes. This is an active area of research. Chow, et al (2002) Implementations of AES and DES Billet, et al (2004) Cryptanalysis of 
 Chow’s algorithms Bos, et al (2015) Differential Code Analysis Saniflex, et al (2015) Differential Fault Analysis CHES 2017 Challenge © 2017 Intertrust Technologies Corporation. All Rights Reserved. 17 WHITEBOX CRYPTOGRAPHY
  • 18. WHO USES WHITEBOX SECURITY TODAY? Connected Car Entertainment Mobile Payments Medical IoT © 2017 Intertrust Technologies Corporation. All Rights Reserved. 18
  • 19. •  Can any theoretical method be made practical? •  Can theoretical methods be built on stronger foundations? •  In practice, is the cat-and-mouse game winnable? •  Do we need entirely new techniques? •  How do we address the overall security problem, including prevention 
 of out-of-band and side-channel attacks? •  Cryptography is (still) a robust and evolving discipline, with many interesting 
 problems to solve. © 2017 Intertrust Technologies Corporation. All Rights Reserved. 19 WHAT IS THE FUTURE?
  • 20. www.intertrust.com THANK YOU …and my thanks to Bill Horne, Steve Mitchell, and Tomas Sander 
 for designing the talk and making the slides! © 2017 Intertrust Technologies Corporation. All Rights Reserved.