From the CISR video library (http://www.cisr.us) Dr. Adam Young, Cigital Malicious Cryptography - Exposing Cryptovirology February 27, 2004 at the Naval Postgraduate School (http://www.nps.edu) ABSTRACT Cryptography is commonly regarded as an enabling technology. It allows for confidential information transmission over untrusted networks as well as the ability to prove the origin of messages. It is a technology that is critical in an on-line world. However, cryptography is also a very powerful disabling technology. In recent years there has been a significant amount of research into using well-known cryptographic paradigms and tools for the purposes of undermining the security of computer systems once internal access is acquired. This talk will give an overview of a new book that details this dark side of cryptography. The book is entitled "Malicious Cryptography: Exposing Cryptovirology," and is authored by Adam Young and Moti Yung (published by John Wiley & Sons). Some of the more noteworthy attacks that are described in the book are the following. It is shown how to use public key cryptography to mount reversible denial-of-service attacks. A virus attack is detailed in which the virus asymmetrically encrypts host data (that has not been backed-up). The effects of the attack can only be reversed if the attacker agrees to use his or her own private decryption key. It is shown how to devise a cryptovirus that steals data from a host machine without revealing that which is sought, even if the virus is under constant surveillance. It is shown how to design a password snatching cryptotrojan that makes it virtually impossible to identify the author when the encrypted passwords are retrieved. Furthermore, it is intractable to determine if the cryptotrojan is encrypting anything at all when all even when all of its actions are recorded and analyzed. Finally, cryptotrojans are described that attack industry-standard cryptosystems. By design, these Trojans give the attacker covert access to the private keys of users and are extremely robust against reverse-engineering. When implemented in tamper-resistant devices the theft cannot be detected by anyone save the attacker. The book also covers various countermeasures that can help protect against these attacks. About Dr. Adam Young Dr. Adam Young is a Research Scientist at Cigital. He is responsible for researching and developing software and techniques to help support the research goals for Cigital's research contracts. In his first year at Cigital, Adam has served as a primary investigator on a research project for the DoD. Adam Young recently worked for Lockheed Martin Global Telecommunications. Prior to this he was a Member of Technical Staff (MTS) at Lucent Technologies in the Secure Systems Research Division. Before joining Lucent he worked as a cryptography consultant for CertoCo (a spin-off of Banker's Trust). Dr. Young holds a BS in Electrical Engineering from Yale University, an MS in Computer Science from Columbia University, and a PhD in Computer Science from Columbia University that was awarded with Distinction. He gives invited talks regularly and will be giving an upcoming talk at the Palo Alto Research Center (PARC) on his forthcoming book [[i]]. He will also be giving an invited talk at the Sixth International Joint Meeting of the AMS and the Sociedad Matematica Mexicana (SMM), Special Session on Coding Theory and Cryptography, in Houston. The session is being held by Neal Koblitz. Dr. Young has also given invited talks at NYU, Bell Labs, and Sandia National Labs. He has taught computer science courses at Columbia University and is a member of the International Association for Cryptologic Research (IACR). He has published numerous papers on cryptography, computer security, and algorithmic number theory and his next paper will be presented in the Cryptographer's Track of the RSA Conference, 2004 [[ii]]. [[i]] Adam Young, Moti Yung, "Malicious Cryptography: Exposing Cryptovirology," John Wiley & Sons, ISBN: 0-7645-4975-8, Feb. 2004. [[ii]] Adam Young, Moti Yung, "A Key Recovery System as Secure as Factoring," CT-RSA Conference, 2004.
Views: 1119 securitylectures
Andreas has a PhD from the University of Augsburg, 2000. He is at the forefront of research into Elliptic Curves, and has written many conference and journal articles on the subject. He has also written a book on their applications in Cryptography. He dances much better than Yvo.
Views: 2607 secretcryptographer
AGNES is a series of weekend workshops in algebraic geometry. One of our goals is to introduce graduate students to a broad spectrum of current research in algebraic geometry. AGNES is held twice a year at participating universities in the Northeast. Lecture presented by Kristin Lauter.
Views: 1754 Brown University
Steven J Miller and M. Ram Murty Williams College Department of Mathematics and Statistics Bronfman Science Center, Rm. 202 Williamstown, MA 01267 Email: [email protected] Manuscript Number: JNT-D-10-00120 R3
Views: 513 JournalNumberTheory
Presented by Stephan Tual, CCO - (Twitter: @stephantual) Companion Document: https://medium.com/@ethereumproject/4790bf5f7743 Ethereum is a platform that makes it possible for any developer to write and distribute next-generation decentralized applications. Borrowing the concept of distributed consensus and cryptographic proof that makes cryptocurrencies such as Bitcoin so effective in trustless payments, Ethereum extends the use of these technologies to trustless agreements. This allows developers to easily build innovative new products on a censorship and collusion-resistant foundation. Ethereum will go live in Winter 2014/2015, in the meantime we are regularly releasing alpha software so you can try your hand at building distributed applications. Main site: https://www.ethereum.org Forums: https://forum.ethereum.org Twitter: https://twitter.com/ Github: https://github.com/ethereum Blog: http://blog.ethereum.org Wiki: http://wiki.ethereum.org Meetups: http://ethereum.meetup.com Whitepaper: http://ethereum.org/ethereum.html Facebook: https://www.facebook.com/ethereumproject Youtube: http://www.youtube.com/ethereumproject Google+: http://google.com/+EthereumOrgOfficial IRC Freenode: #ethereum ----- Credits ----- Closed Captions: - Italian: Thank you to Angelo Milanetti (http://angelomilan.it) - Russian: Thank you to Ihor Starepravo (http://www.nebel.tv/) - Japanese: Thank you to Takeo Nishikata - Portugese: Thank you to Paul Miller - Spanish: Thank you to Adrián Calvo - Romanian: Thank you to Aurel Iancu (http://www.meetup.com/Ethereum-Bucharest/) - German: Thank you to Karsten - Czech: Thank you to Digital Dreamer - Polish: Thank you to Oskar Paolini - Swedish: Thank you to Patrick Kothbauer Music used with permission by Omar Mill - http://www.serein.co.uk/releases/olan-mill-pine
Views: 349445 Ethereum
Public-key cryptography, also known as asymmetric cryptography, is a class of cryptographic algorithms which require two separate keys, one of which is secret and one of which is public. Although different, the two parts of this key pair are mathematically linked. The public key is used to encrypt plaintext or to verify a digital signature; whereas the private key is used to decrypt ciphertext or to create a digital signature. The term "asymmetric" stems from the use of different keys to perform these opposite functions, each the inverse of the other -- as contrasted with conventional cryptography which relies on the same key to perform both. This video targeted to blind users. Attribution: Article text available under CC-BY-SA Public domain image source in video
Views: 2101 encyclopediacc
Public-key cryptography, also known as asymmetric cryptography, is a class of cryptographic algorithms which require two separate keys, one of which is secret (or private) and one of which is public. Although different, the two parts of this key pair are mathematically linked. The public key is used to encrypt plaintext or to verify a digital signature; whereas the private key is used to decrypt ciphertext or to create a digital signature. The term "asymmetric" stems from the use of different keys to perform these opposite functions, each the inverse of the other -- as contrasted with conventional ("symmetric") cryptography which relies on the same key to perform both. Public-key algorithms are based on mathematical problems which currently admit no efficient solution that are inherent in certain integer factorization, discrete logarithm, and elliptic curve relationships. It is computationally easy for a user to generate their own public and private key-pair and to use them for encryption and decryption. The strength lies in the fact that it is "impossible" (computationally infeasible) for a properly generated private key to be determined from its corresponding public key. Thus the public key may be published without compromising security, whereas the private key must not be revealed to anyone not authorized to read messages or perform digital signatures. Public key algorithms, unlike symmetric key algorithms, do not require a secure initial exchange of one (or more) secret keys between the parties. This video is targeted to blind users. Attribution: Article text available under CC-BY-SA Creative Commons image source in video
Views: 774 Audiopedia
The National Security Agency (NSA) is a national-level intelligence agency of the United States Department of Defense, under the authority of the Director of National Intelligence. The NSA is responsible for global monitoring, collection, and processing of information and data for foreign intelligence and counterintelligence purposes, specializing in a discipline known as signals intelligence (SIGINT). The NSA is also tasked with the protection of U.S. communications networks and information systems. The NSA relies on a variety of measures to accomplish its mission, the majority of which are clandestine.Originating as a unit to decipher coded communications in World War II, it was officially formed as the NSA by President Harry S. Truman in 1952. Since then, it has become the largest of the U.S. intelligence organizations in terms of personnel and budget. The NSA currently conducts worldwide mass data collection and has been known to physically bug electronic systems as one method to this end. The NSA has also been alleged to have been behind such attack software as Stuxnet, which severely damaged Iran's nuclear program. The NSA, alongside the Central Intelligence Agency (CIA), maintains a physical presence in many countries across the globe; the CIA/NSA joint Special Collection Service (a highly classified intelligence team) inserts eavesdropping devices in high value targets (such as Presidential palaces or embassies). SCS collection tactics allegedly encompass "close surveillance, burglary, wiretapping, [and] breaking and entering".Unlike the CIA and the Defense Intelligence Agency (DIA), both of which specialize primarily in foreign human espionage, the NSA does not publicly conduct human-source intelligence gathering. The NSA is entrusted with providing assistance to, and the coordination of, SIGINT elements for other government organizations - which are prevented by law from engaging in such activities on their own. As part of these responsibilities, the agency has a co-located organization called the Central Security Service (CSS), which facilitates cooperation between the NSA and other U.S. defense cryptanalysis components. To further ensure streamlined communication between the signals intelligence community divisions, the NSA Director simultaneously serves as the Commander of the United States Cyber Command and as Chief of the Central Security Service. The NSA's actions have been a matter of political controversy on several occasions, including its spying on anti-Vietnam-war leaders and the agency's participation in economic espionage. In 2013, the NSA had many of its secret surveillance programs revealed to the public by Edward Snowden, a former NSA contractor. According to the leaked documents, the NSA intercepts and stores the communications of over a billion people worldwide, including United States citizens. The documents also revealed the NSA tracks hundreds of millions of people's movements using cellphones metadata. Internationally, research has pointed to the NSA's ability to surveil the domestic Internet traffic of foreign countries through "boomerang routing".
Views: 129 Subhajit Sahu