Рет қаралды 413
Aaron Toponce will talk about symmetric and asymmetric cryptography, and the current cipher algorithms covering them, such as RSA, AES, and ECC. He'll talk about how encryption and decryption work, as well as digital signatures and verification. He'll include the Diffie-Hellman key exchange, and the SSL/TLS handshake.
Further, given the disaster on OpenSSL during the year of 2014, he'll talk about the major threats that compromised online security with SSL and TLS. He'll explain the differences between:
SSL 2.0* SSL 3.0* TLS 1.0* TLS 1.1* TLS 1.2* TLS 1.3 (draft status)
He'll talk about the implemented ciphers and hashes, including their advantages and shortcomings. He'll discuss the attacks that took advantage of these shortcomings, such as Heartbleed and POODLE. He'll show how system administrators how to properly secure their web, mail, and other servers that require SSL/TLS.
Finally, he'll discuss OpenPGP and OpenSSH concepts. By the end of this talk, the basic mysticism that is crypto should be all cleared up.