際際滷shows by User: davidtianyu / http://www.slideshare.net/images/logo.gif 際際滷shows by User: davidtianyu / Sat, 29 Jul 2017 16:25:19 GMT 際際滷Share feed for 際際滷shows by User: davidtianyu SHA-3 vs the world /slideshow/sha3-vs-the-world/78372042 sha3-170729162519
The slides of my Defcon talk]]>

The slides of my Defcon talk]]>
Sat, 29 Jul 2017 16:25:19 GMT /slideshow/sha3-vs-the-world/78372042 davidtianyu@slideshare.net(davidtianyu) SHA-3 vs the world davidtianyu The slides of my Defcon talk <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/sha3-170729162519-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> The slides of my Defcon talk
SHA-3 vs the world from David Wong
]]>
1090 3 https://cdn.slidesharecdn.com/ss_thumbnails/sha3-170729162519-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0
How to Backdoor Diffie-Hellman /slideshow/how-to-backdoor-diffiehellman/64568923 slides-160801070404
Lately, several backdoors in cryptographic constructions, protocols and implementations have been surfacing in the wild: Dual-EC in RSA's B-Safe product, a modified Dual-EC in Juniper's operating system ScreenOS and a non-prime modulus in the open-source tool socat. Many papers have already discussed the fragility of cryptographic constructions not using nothing-up-my-sleeve numbers, as well as how such numbers can be safely picked. However, the question of how to introduce a backdoor in an already secure, safe and easy to audit implementation has so far rarely been researched (in the public). We present two ways of building a Nobody-But-Us (NOBUS) Diffie-Hellman backdoor: a composite modulus with a hidden subgroup (CMHS) and a composite modulus with a smooth order (CMSO). We then explain how we were able to subtly implement and exploit it in a local copy of an open source library using the TLS protocol. ]]>

Lately, several backdoors in cryptographic constructions, protocols and implementations have been surfacing in the wild: Dual-EC in RSA's B-Safe product, a modified Dual-EC in Juniper's operating system ScreenOS and a non-prime modulus in the open-source tool socat. Many papers have already discussed the fragility of cryptographic constructions not using nothing-up-my-sleeve numbers, as well as how such numbers can be safely picked. However, the question of how to introduce a backdoor in an already secure, safe and easy to audit implementation has so far rarely been researched (in the public). We present two ways of building a Nobody-But-Us (NOBUS) Diffie-Hellman backdoor: a composite modulus with a hidden subgroup (CMHS) and a composite modulus with a smooth order (CMSO). We then explain how we were able to subtly implement and exploit it in a local copy of an open source library using the TLS protocol. ]]>
Mon, 01 Aug 2016 07:04:04 GMT /slideshow/how-to-backdoor-diffiehellman/64568923 davidtianyu@slideshare.net(davidtianyu) How to Backdoor Diffie-Hellman davidtianyu Lately, several backdoors in cryptographic constructions, protocols and implementations have been surfacing in the wild: Dual-EC in RSA's B-Safe product, a modified Dual-EC in Juniper's operating system ScreenOS and a non-prime modulus in the open-source tool socat. Many papers have already discussed the fragility of cryptographic constructions not using nothing-up-my-sleeve numbers, as well as how such numbers can be safely picked. However, the question of how to introduce a backdoor in an already secure, safe and easy to audit implementation has so far rarely been researched (in the public). We present two ways of building a Nobody-But-Us (NOBUS) Diffie-Hellman backdoor: a composite modulus with a hidden subgroup (CMHS) and a composite modulus with a smooth order (CMSO). We then explain how we were able to subtly implement and exploit it in a local copy of an open source library using the TLS protocol. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/slides-160801070404-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> Lately, several backdoors in cryptographic constructions, protocols and implementations have been surfacing in the wild: Dual-EC in RSA&#39;s B-Safe product, a modified Dual-EC in Juniper&#39;s operating system ScreenOS and a non-prime modulus in the open-source tool socat. Many papers have already discussed the fragility of cryptographic constructions not using nothing-up-my-sleeve numbers, as well as how such numbers can be safely picked. However, the question of how to introduce a backdoor in an already secure, safe and easy to audit implementation has so far rarely been researched (in the public). We present two ways of building a Nobody-But-Us (NOBUS) Diffie-Hellman backdoor: a composite modulus with a hidden subgroup (CMHS) and a composite modulus with a smooth order (CMSO). We then explain how we were able to subtly implement and exploit it in a local copy of an open source library using the TLS protocol.
How to Backdoor Diffie-Hellman from David Wong
]]>
742 2 https://cdn.slidesharecdn.com/ss_thumbnails/slides-160801070404-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0
Attacks on RSA using Lattice reduction techniques (LLL) /slideshow/slides-46035635/46035635 slides-150319081631-conversion-gate01
Attacks on RSA using Lattice reduction techniques (LLL) : Coppersmith and Boneh and Durfee revisited by Howgrave-Graham and Herrmann and May.]]>

Attacks on RSA using Lattice reduction techniques (LLL) : Coppersmith and Boneh and Durfee revisited by Howgrave-Graham and Herrmann and May.]]>
Thu, 19 Mar 2015 08:16:31 GMT /slideshow/slides-46035635/46035635 davidtianyu@slideshare.net(davidtianyu) Attacks on RSA using Lattice reduction techniques (LLL) davidtianyu Attacks on RSA using Lattice reduction techniques (LLL) : Coppersmith and Boneh and Durfee revisited by Howgrave-Graham and Herrmann and May. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/slides-150319081631-conversion-gate01-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> Attacks on RSA using Lattice reduction techniques (LLL) : Coppersmith and Boneh and Durfee revisited by Howgrave-Graham and Herrmann and May.
Attacks on RSA using Lattice reduction techniques (LLL) from David Wong
]]>
1204 2 https://cdn.slidesharecdn.com/ss_thumbnails/slides-150319081631-conversion-gate01-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0
Whitebox techniques for DES https://fr.slideshare.net/slideshow/whitebox-techniques-for-des/45511132 slides-150306042222-conversion-gate01
intro to the chow et al. techniques for whiteboxing DES]]>

intro to the chow et al. techniques for whiteboxing DES]]>
Fri, 06 Mar 2015 04:22:22 GMT https://fr.slideshare.net/slideshow/whitebox-techniques-for-des/45511132 davidtianyu@slideshare.net(davidtianyu) Whitebox techniques for DES davidtianyu intro to the chow et al. techniques for whiteboxing DES <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/slides-150306042222-conversion-gate01-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> intro to the chow et al. techniques for whiteboxing DES
from David Wong
]]>
315 4 https://cdn.slidesharecdn.com/ss_thumbnails/slides-150306042222-conversion-gate01-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0
Bitcoins /davidtianyu/bitcoins-45511089 bitcoins-150306042118-conversion-gate01
a short intro on bitcoins]]>

a short intro on bitcoins]]>
Fri, 06 Mar 2015 04:21:18 GMT /davidtianyu/bitcoins-45511089 davidtianyu@slideshare.net(davidtianyu) Bitcoins davidtianyu a short intro on bitcoins <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/bitcoins-150306042118-conversion-gate01-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> a short intro on bitcoins
Bitcoins from David Wong
]]>
206 1 https://cdn.slidesharecdn.com/ss_thumbnails/bitcoins-150306042118-conversion-gate01-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0
https://cdn.slidesharecdn.com/profile-photo-davidtianyu-48x48.jpg?cb=1523442144 www.cryptologie.net https://cdn.slidesharecdn.com/ss_thumbnails/sha3-170729162519-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/sha3-vs-the-world/78372042 SHA-3 vs the world https://cdn.slidesharecdn.com/ss_thumbnails/slides-160801070404-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/how-to-backdoor-diffiehellman/64568923 How to Backdoor Diffie... https://cdn.slidesharecdn.com/ss_thumbnails/slides-150319081631-conversion-gate01-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/slides-46035635/46035635 Attacks on RSA using L...