CRYPTO AND PRIVACY VILLAGE - Building a Cryptographic Backdoor in OpenSSL

Video thumbnail (Frame 0) Video thumbnail (Frame 711) Video thumbnail (Frame 1754) Video thumbnail (Frame 2872) Video thumbnail (Frame 4446) Video thumbnail (Frame 4701) Video thumbnail (Frame 6514) Video thumbnail (Frame 7322) Video thumbnail (Frame 9013) Video thumbnail (Frame 9752) Video thumbnail (Frame 12079) Video thumbnail (Frame 12889) Video thumbnail (Frame 13928) Video thumbnail (Frame 14181) Video thumbnail (Frame 15068) Video thumbnail (Frame 16073) Video thumbnail (Frame 16402) Video thumbnail (Frame 17638) Video thumbnail (Frame 18780)
Video in TIB AV-Portal: CRYPTO AND PRIVACY VILLAGE - Building a Cryptographic Backdoor in OpenSSL

Formal Metadata

CRYPTO AND PRIVACY VILLAGE - Building a Cryptographic Backdoor in OpenSSL
Title of Series
CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Release Date

Content Metadata

Subject Area
Presentation of a group Cryptography Building Transport Layer Security Cellular automaton Open set Cryptography Backdoor (computing)
Presentation of a group Kernel (computing) Transport Layer Security Software testing Open set Office suite Mikroarchitektur World Wide Web Consortium
Email Implementation Open source Latin square Gradient Mereology 2 (number) Power (physics) Prime ideal Pointer (computer programming) Mathematics Cryptography Encryption Energy level Lie group Information security Computer architecture Execution unit Demo (music) Building Nominal number Cryptography Mathematics Inclusion map Chain Backdoor (computing)
Trail Server (computing) Implementation Open source Code Direction (geometry) Host Identity Protocol Cryptography Operator (mathematics) Technische Mechanik Encryption Computer architecture Source code Algorithm Information Interface (computing) Transport Layer Security Code Directory service Cartesian coordinate system Public-key cryptography Open set Pseudozufallszahlen Cube Communications protocol
Random number Algorithm Multiplication sign Prime number Neuroinformatik Prime ideal Cryptography Different (Kate Ryan album) Encryption Information Information security Algorithm Electric generator Key (cryptography) Channel capacity Building Interior (topology) Public-key cryptography Flow separation Radical (chemistry) Number Prime ideal Encryption Information security Integer Window RSA (algorithm)
Principal ideal Transformation (genetics) Patch (Unix) Multiplication sign Range (statistics) Prime number Hand fan Power (physics) Prime ideal Mathematics Cryptography Different (Kate Ryan album) Lipschitz-Stetigkeit Information security Pairwise comparison Algorithm Electric generator Channel capacity Building Image warping Range (statistics) Public-key cryptography Order (biology) Permian Family RSA (algorithm)
Torus Demo (music) Channel capacity Key (cryptography) Interior (topology) Patch (Unix) Equaliser (mathematics) Demo (music) Prime number Public-key cryptography Doubling the cube Term (mathematics) Different (Kate Ryan album) Boundary value problem Right angle Information security
Key (cryptography) Information Demo (music)
Demo (music) Personal digital assistant Transformation (genetics) Demo (music) Letterpress printing Right angle Prime number Orbit
Transformation (genetics) Demo (music) Musical ensemble
Execution unit Game controller Data management Electric generator Demo (music) Software industry Public-key cryptography Element (mathematics)
Casting (performing arts) Software Different (Kate Ryan album) Source code Lattice (order) Information security Twitter Number World Wide Web Consortium
please give a warm welcome to thank you gotta learn Malayalam I'm not working for she was 360 in Beijing and today I'm so glad to be here to present a quick talk about cryptographic capital in open SSL and I'll show you how to build a battering open cell so before the presentation I'd
like to introduce yourself briefly the idea of this presentation was considered by two people today at me and say is the main improvement published idea it's not only my is not only my colleague who is a keeper or mathematical also a viability hunter in the Intel CPU architecture kernel open SSL and now he had the fund about 10 10 offensive ability including the SSL test alerts and this is a picture of our team's
office echo so we applaud - let's look
at all now is topical in the first power our intertext introduced the Crippler cryptographic paddocks and something about the architecture of the open source coder in the second part I'll show how to build a new method of cryptographic path or you know parasol and then I will show you two demos in the first part we think this kind of a battle can be used in supply chain attack scenarios so firstly as we all
know the most common example of a cryptographic capital is Union weekly rent them such as though you see the RPG and surrender nominal cherita harbour its rally to notice that that another kind of a path on which is called the path of amazement and security are you looking for my abilities Jim in prime encrypted graphic implementation instead of pay more attention to mathematics maybe because the fading mathematics needs a high level mathematics cure in fact a general-purpose do not have a saying lava mathematics skills as latinized album Messam path august so it is hard to detect the Mason petal lies well died a you know open sir is
the Webster future - a cube for EOS and SSL protocol so let's do a little
digging into the architecture of open source coder the open so how can technology from Wacha is made example of the three paths p?o EVP and ssl the sakoda is mainly encrypt engine as illustrator accuracy directories and the application layer in the opposite direction the motor most important in our cryptid all the track array of krypton include includes sn1 code interface pseudo-random number generator engine mechanism EVP suffer algorithm interface value of a unified cryptographic algorithm that lambda operation interface private key information syntax a symmetric cryptographic algorithm and each server on the other hand the directory of SSR is the implementation of SSL TR TR protocol and today I will pure the path
of yin I say algorithm because I same algorithm is quite clear I firstly staggered to prime numbers P and Q and computing and after that we can gather public key and private key the second step is the incubation we can gather sabot actor C and finally after decryption we can get aprender text so let's see a simple pair
talk in I say algorithm in the key generation algorithm of I see it's easy deed to learn from several security papers that a difference between two primes lambda in Isis should not be too small otherwise you'll be I safer but this termination is to Vega in particular general purpose Katya know how small it is will be insecure as well how much insecure is there for a given difference therefore we can think the security as the reason of adding check person to check pet - cuter erase infection I cetera the key in the OpenSSL and first you to give unsaved a prime time mama is even possible to set the tank capacity during which we can crack her private key as we wish so let's the sill
evil patch in this person by D between the range of a generative primer difference we can crack the private key as way in Wofford high capacity the picture is look too small too small and I will uploaded this example to see father in a Leila
so let's look at Nara compare comparative que tiempo imagine are we can had a faster prime generation algorithm in order to generate primers with special attacks and special feature mathematic principles the party we are able to control difficulty for cracking the private key is referred generating primes now notice strongly known such as Jared generating a prime number of a particular family a prime time that generates a special range difference even if the difference is large in now in the Lupron pi doesn't seem to have any power now but will be unsafe after certain transformation so now it is our small conclusion as far as I'm considered a problem the problem comes from the lack of ah our understanding for a security principal of I say after Nam its tivity have not been Permian mathematically yeah the question is what kind of primes are safer and how to evaluate them so when we have no cameras restrict mathematically judgment for this situation and that's the Stila
demos I will shoot to demo in the first demo I assure the material better Tory inspect inspection patches idea so rather difference between two prime numbers up to by the term ratification is the inner security boundary which allowed us to set high capacity to achieve equality in cracking
so first I will direct a keypad and then we will get a double key after Iowa killed private key and then we will try to crack the private key right sir yeah
we can printed the information of Apollo key and then we crikey there is a fire
faster so that's rockin a second demo in the
second demo you know all the generate Pakistan to up outputted two prints they appear to be okay but you will be became insecure after some transformation in our case we can apply one prime number P after 1826 the right orbit explanation
[Music] [Music] let's say as last one we generate a keep high yeah we can crack you up to transformation yeah it's quite faster
and easier if it can be control so as I
said we sink this kind of battle can be uranium surprise surprise attacker imagiro many of us may have uses a public key charity in the SSL in the SSL private key management such as Excel if for the attacker such as him attacking the compare element of a target software company like Lakewood modify the generation other reasonably keep I which is how to toot tootsie packet her so this is what industry needs to reveal
a lot as John numbers said the biggest problem with the network differences that defenders think in this and at a casting sinking crap is as long as them this is true attacks world and I asked here because it's a lotta attack methods related to a cryptographic Patos so it's less very fast pay more attention to such source code security and the cryptographic security and I all uploaded decoder to Ahava after this meeting so thanks for listening