Since this presentation is not directly connected to Unix/Linux, I wanted to provide some context if a non-security focused student wants to jump in and try to give this presentation.
| Presented by | Date |
|---|---|
| Nick VanFossen | 04/12/2023 |
-
The CIA Triad
-
Basic cryptography terminology/concepts
-
Kerckhoffs's principle
-
Types of Ciphers
- ECB, CBC, OFB
-
Types of Encryption
-
Symmetric encryption
-
One-Time Pad (OTP)
-
Feistel Cipher
-
Data Encryption Standard (DES)
-
Triple DES (3DES)
-
Advanced Encryption Standard
-
-
Asymmetric encryption
-
Diffie Hellman Key Exchange (DH)
-
Rivest-Shamir-Adleman (RSA)
-
Elliptic-Curve Cryptography (ECC)
-
-
-
Comparison of Symmetric and Asymmetric Algorithms
-
Quantum Threats to Cryptography
Below is each topic I discussed and what I wanted to achieve with that topic
- Covers the general topics of Confidentiality, Integrity, and Availability. Discussed how the topics work in a way where its mostly pick two, but you cannot choose all three (typically).
- Explained the basics around
plaintext,keys,ciphertext, andcleartext.
- Explained how modern cryptographic algorithms focus on the security of the key. Most of the time, all other aspects of the algorithm are publicly available and open-source.
- Explained the general difference between a block and stream cipher.
- Looked at the different modes and their pros and cons (duplicate ciphertext with same plaintext block, parallelization, if data is lost can you still encrypt/decrypt properly?)
- Looked at the general difference between symmetric and asymmetric encryption.
- Graphic of symmetric encryption
- Looked at how OTP is theoretically a perfect secure model for encryption but is not practical to implement.
- Looked at how the Feistel Cipher works in general. Explained how most modern ciphers use this model, or a similar "round based" model.
- Looked at how DES was one of the first US government encryption standards and how DES uses the Feistel Cipher for it's base functionality.
- Looked at how 3DES is just DES chained three times to add more longevity to the aging standard.
- Looked at how AES is the modern symmetric standard that is used in most applications. This section could use more detail on the different functions that occur each round.
- Graphic of asymmetric encryption
-
Looked at how DH is the first instance of asymmetric (public keys) and has spawned nearly all other asymmetric algorithms.
-
Went over a small example of how the process works. If I was more math inclined, this could be expanded more.
-
Looked at how RSA takes the DH model and relies on the product of two large prime numbers to make cracking computationally difficult.
-
Went over a small example of how the process works. If I was more math inclined, this could be expanded more.
-
Looked at how ECC takes the DH model and relies on discrete logarithms to make cracking computationally difficult.
-
Went over a small example of how the process works. If I was more math inclined, this could be expanded more.
- Looked at the difference in key size for equivalent security between AES, RSA, and ECC.
- Looked at Grover's and Shor's algorithm and how they affect modern symmetric and asymmetric algorithms.
- This topic was an extension of a lightning talk I gave. This could be realistically expanded into its own presentation.
-
Digital signatures
-
Digital certificates
-
Onion Routing (ToR)
-
Passkeys (Passwordless logins)
- Cryptographic attack models
- Ciphertext-only attack
- Known-plaintext attack
- Chosen-plaintext attack
- etc.