SlideShare una empresa de Scribd logo

Cryptography for the mere mortals

Descargar como PPTX, PDF
M A Hossain Tonu
M A Hossain Tonu

Cryptography in PHP, focusing newbies to mediocre

TecnologíaEducación
1 de 41
julius caesar : caesar cipher key = 3
julius caesar : caesar cipher key = 3 hasin = kdvlq
rise of the machines
cryptography in bangla way
!@#$%^&* The science of writing in secret code
daily cryptography SSL Session/Cookie Encryption Storing Sensitive Information Secure Message Transportation Signing Documents
terms  Plaintext  Key  Cipher  Encryption  Ciphertext  Decryption
techniques  Symmetric Cryptography = shared secret key  Asymmetric Cryptography = public key + private key  Hash Cryptography = One way
cryptography in PHP  cracklib  hash  mCrypt  openSSL  mHash
one way journey  md5  sha1  Sha2  Sha 256  Sha 512
problems of MD5/SHA1  Collision Attack  hash(data1) = hash(data2)
why salt?
password! Use a salt value in hash functions or bcrypt hash( $salt . $password ); hash_hmac( ‘sha512’, $salt . $password ); crypt($password , $salt );
symmetric encryption  One single key  Shared between parties  Popular
sample encryption - AES… $ivlength = mcrypt_get_iv_size( MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC); $iv = mcrypt_create_iv( $ivlength, MCRYPT_RAND);
sample encryption - AES $encryptedText = mcrypt_encrypt( MCRYPT_RIJNDAEL_256, $key, $data, MCRYPT_MODE_CBC, $iv);
sample decryption – AES $decryptedText = mcrypt_decrypt( MCRYPT_RIJNDAEL_256, $key, $encryptedText, MCRYPT_MODE_CBC, $iv);
asymmetric encryption  public / private key  semi-shared
meet with bob and alice
bob and alice’s story Bob Asks Alice For her public key Bob signs msg with the public key of Alice Alice gets encrypted msg Alice decrypts msg with her secret private key Alice reads It
public/private key encryption  RSA  openSSL
RSA key-pair  ssh-keygen –t RSA –b <bit> Generating public/private rsa key pair. Enter file in which to save the key (/Users/hasinhayder/.ssh/id_rsa): /tmp/pk_rsa Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /tmp/pk_rsa Your public key has been saved in /tmp/pk_rsa.pub
RSA key to PEM format openssl rsa -in pk_rsa -outform pem > pk_rsa.pem
generate RSA key in PEM format  openssl genrsa -des3 -out pk_rsa.pem 2048
public key out of PEM file openssl rsa -pubout -in pk_rsa.pem -out pk_pub.pem
encrypt with public key $pub_key=openssl_get_publickey( file_get_contents("/tmp/pk_pub.pem")); $enc= openssl_public_encrypt( $source, $crypttext, $pub_key);
decrypt using private key… $passphrase = “<secret passphrase>"; $key = openssl_get_privatekey( file_get_contents("/tmp/pk.pem"), $passphrase);
decrypt using private key $dec=openssl_private_decrypt( $decoded_source, $newsource, $res);
there are always some bad guys…
best practices  PCI DSS Compliance
best practices AES (RIJNDAEL) BLOWFISH TWOFISH SHA-256, 384, 512 RSA
random! rand() mt_rand() openssl_random_pseudo_bytes()
key space Secret key space >= 128 bit Public key space >= 2048 bit
thanks  M A Hossain Tonu Sr. Software Engineer, somewherein… http://mahtonu.wordpress.com  Hasin Hayder Founder, Leevio http://hasin.wordpress.com

Recomendados

Cryptography for the mere mortals - for phpXperts Seminar 2011 by Hasin and Tonu
Cryptography for the mere mortals - for phpXperts Seminar 2011 by Hasin and TonuCryptography for the mere mortals - for phpXperts Seminar 2011 by Hasin and Tonu
Cryptography for the mere mortals - for phpXperts Seminar 2011 by Hasin and TonuHasin Hayder
 
Service intergration
Service intergration Service intergration
Service intergration 재민 장
 
Puppet Camp Amsterdam 2015: Manifests of Future Past
Puppet Camp Amsterdam 2015: Manifests of Future PastPuppet Camp Amsterdam 2015: Manifests of Future Past
Puppet Camp Amsterdam 2015: Manifests of Future PastPuppet
 
Web application security
Web application securityWeb application security
Web application securityRavi Raj
 
Rsa Overview
Rsa OverviewRsa Overview
Rsa OverviewKevin Chen
 
Web security
Web securityWeb security
Web securitydavidahaskins
 
Cryptography in R
Cryptography in RCryptography in R
Cryptography in RSOUMYAJITBASAK
 
Haskell Packageのdeb化
Haskell Packageのdeb化Haskell Packageのdeb化
Haskell Packageのdeb化Kiwamu Okabe
 

Recomendados

Cryptography for the mere mortals - for phpXperts Seminar 2011 by Hasin and Tonu
Cryptography for the mere mortals - for phpXperts Seminar 2011 by Hasin and TonuCryptography for the mere mortals - for phpXperts Seminar 2011 by Hasin and Tonu
Cryptography for the mere mortals - for phpXperts Seminar 2011 by Hasin and TonuHasin Hayder
 
Service intergration
Service intergration Service intergration
Service intergration 재민 장
 
Puppet Camp Amsterdam 2015: Manifests of Future Past
Puppet Camp Amsterdam 2015: Manifests of Future PastPuppet Camp Amsterdam 2015: Manifests of Future Past
Puppet Camp Amsterdam 2015: Manifests of Future PastPuppet
 
Web application security
Web application securityWeb application security
Web application securityRavi Raj
 
Rsa Overview
Rsa OverviewRsa Overview
Rsa OverviewKevin Chen
 
Web security
Web securityWeb security
Web securitydavidahaskins
 
Cryptography in R
Cryptography in RCryptography in R
Cryptography in RSOUMYAJITBASAK
 
Haskell Packageのdeb化
Haskell Packageのdeb化Haskell Packageのdeb化
Haskell Packageのdeb化Kiwamu Okabe
 
C99[2]
C99[2]C99[2]
C99[2]guest8914af
 
Simple php backdoor_by_dk
Simple php backdoor_by_dkSimple php backdoor_by_dk
Simple php backdoor_by_dkStan Adrian
 
Php Mysql
Php Mysql Php Mysql
Php Mysql Mudasir Syed
 
PHP
PHP PHP
PHP webhostingguy
 
Redis for the Everyday Developer
Redis for the Everyday DeveloperRedis for the Everyday Developer
Redis for the Everyday DeveloperRoss Tuck
 
Not Really PHP by the book
Not Really PHP by the bookNot Really PHP by the book
Not Really PHP by the bookRyan Kilfedder
 
Redis
RedisRedis
RedisPuneet Kumar
 
C99
C99C99
C99sifo12
 
Path::Tiny
Path::TinyPath::Tiny
Path::Tinywaniji
 
Up.Php
Up.PhpUp.Php
Up.Phpwsoom
 
Laporan setting dns
Laporan setting dnsLaporan setting dns
Laporan setting dnsSeptian Adi
 
Huong dan cai dat hadoop
Huong dan cai dat hadoopHuong dan cai dat hadoop
Huong dan cai dat hadoopQuỳnh Phan
 
DPAPI AND DPAPI-NG: Decryption toolkit. Black Hat 2017
DPAPI AND DPAPI-NG: Decryption toolkit. Black Hat 2017DPAPI AND DPAPI-NG: Decryption toolkit. Black Hat 2017
DPAPI AND DPAPI-NG: Decryption toolkit. Black Hat 2017Paula Januszkiewicz
 
Macros code for Protecting and Unprotecting Sheets
Macros code for Protecting and Unprotecting SheetsMacros code for Protecting and Unprotecting Sheets
Macros code for Protecting and Unprotecting SheetsPramodkumar Jha
 
Hadley verse
Hadley verseHadley verse
Hadley verseAjay Ohri
 
PuppetCamp SEA 1 - Version Control with Puppet
PuppetCamp SEA 1 - Version Control with PuppetPuppetCamp SEA 1 - Version Control with Puppet
PuppetCamp SEA 1 - Version Control with PuppetWalter Heck
 
Persistence patterns for containers
Persistence patterns for containersPersistence patterns for containers
Persistence patterns for containersStephen Watt
 
2018-06-06 @nuxtjs/auth with Django Rest Framework
2018-06-06 @nuxtjs/auth with Django Rest Framework2018-06-06 @nuxtjs/auth with Django Rest Framework
2018-06-06 @nuxtjs/auth with Django Rest FrameworkRyo Nagaoka
 
08 php-files
08 php-files08 php-files
08 php-fileshoangphuc2587
 
Software Engineering in PHP
Software Engineering in PHPSoftware Engineering in PHP
Software Engineering in PHPM A Hossain Tonu
 
언론홍보학과김현지(@jeehalo, blog.naver.com/guswl1987)
언론홍보학과김현지(@jeehalo, blog.naver.com/guswl1987)언론홍보학과김현지(@jeehalo, blog.naver.com/guswl1987)
언론홍보학과김현지(@jeehalo, blog.naver.com/guswl1987)Hyun Jee Kim
 
온라인Pr
온라인Pr온라인Pr
온라인PrHyun Jee Kim
 

Más contenido relacionado

La actualidad más candente

Simple php backdoor_by_dk
Simple php backdoor_by_dkSimple php backdoor_by_dk
Simple php backdoor_by_dkStan Adrian
 
Redis for the Everyday Developer
Redis for the Everyday DeveloperRedis for the Everyday Developer
Redis for the Everyday DeveloperRoss Tuck
 
Not Really PHP by the book
Not Really PHP by the bookNot Really PHP by the book
Not Really PHP by the bookRyan Kilfedder
 
Path::Tiny
Path::TinyPath::Tiny
Path::Tinywaniji
 
Up.Php
Up.PhpUp.Php
Up.Phpwsoom
 
Laporan setting dns
Laporan setting dnsLaporan setting dns
Laporan setting dnsSeptian Adi
 
Huong dan cai dat hadoop
Huong dan cai dat hadoopHuong dan cai dat hadoop
Huong dan cai dat hadoopQuỳnh Phan
 
DPAPI AND DPAPI-NG: Decryption toolkit. Black Hat 2017
DPAPI AND DPAPI-NG: Decryption toolkit. Black Hat 2017DPAPI AND DPAPI-NG: Decryption toolkit. Black Hat 2017
DPAPI AND DPAPI-NG: Decryption toolkit. Black Hat 2017Paula Januszkiewicz
 
Macros code for Protecting and Unprotecting Sheets
Macros code for Protecting and Unprotecting SheetsMacros code for Protecting and Unprotecting Sheets
Macros code for Protecting and Unprotecting SheetsPramodkumar Jha
 
Hadley verse
Hadley verseHadley verse
Hadley verseAjay Ohri
 
PuppetCamp SEA 1 - Version Control with Puppet
PuppetCamp SEA 1 - Version Control with PuppetPuppetCamp SEA 1 - Version Control with Puppet
PuppetCamp SEA 1 - Version Control with PuppetWalter Heck
 
Persistence patterns for containers
Persistence patterns for containersPersistence patterns for containers
Persistence patterns for containersStephen Watt
 
2018-06-06 @nuxtjs/auth with Django Rest Framework
2018-06-06 @nuxtjs/auth with Django Rest Framework2018-06-06 @nuxtjs/auth with Django Rest Framework
2018-06-06 @nuxtjs/auth with Django Rest FrameworkRyo Nagaoka
 

La actualidad más candente (19)

C99[2]
C99[2]C99[2]
C99[2]
 
Simple php backdoor_by_dk
Simple php backdoor_by_dkSimple php backdoor_by_dk
Simple php backdoor_by_dk
 
Php Mysql
Php Mysql Php Mysql
Php Mysql
 
PHP
PHP PHP
PHP
 
Redis for the Everyday Developer
Redis for the Everyday DeveloperRedis for the Everyday Developer
Redis for the Everyday Developer
 
Not Really PHP by the book
Not Really PHP by the bookNot Really PHP by the book
Not Really PHP by the book
 
Redis
RedisRedis
Redis
 
C99
C99C99
C99
 
Path::Tiny
Path::TinyPath::Tiny
Path::Tiny
 
Up.Php
Up.PhpUp.Php
Up.Php
 
Laporan setting dns
Laporan setting dnsLaporan setting dns
Laporan setting dns
 
Huong dan cai dat hadoop
Huong dan cai dat hadoopHuong dan cai dat hadoop
Huong dan cai dat hadoop
 
DPAPI AND DPAPI-NG: Decryption toolkit. Black Hat 2017
DPAPI AND DPAPI-NG: Decryption toolkit. Black Hat 2017DPAPI AND DPAPI-NG: Decryption toolkit. Black Hat 2017
DPAPI AND DPAPI-NG: Decryption toolkit. Black Hat 2017
 
Macros code for Protecting and Unprotecting Sheets
Macros code for Protecting and Unprotecting SheetsMacros code for Protecting and Unprotecting Sheets
Macros code for Protecting and Unprotecting Sheets
 
Hadley verse
Hadley verseHadley verse
Hadley verse
 
PuppetCamp SEA 1 - Version Control with Puppet
PuppetCamp SEA 1 - Version Control with PuppetPuppetCamp SEA 1 - Version Control with Puppet
PuppetCamp SEA 1 - Version Control with Puppet
 
Persistence patterns for containers
Persistence patterns for containersPersistence patterns for containers
Persistence patterns for containers
 
2018-06-06 @nuxtjs/auth with Django Rest Framework
2018-06-06 @nuxtjs/auth with Django Rest Framework2018-06-06 @nuxtjs/auth with Django Rest Framework
2018-06-06 @nuxtjs/auth with Django Rest Framework
 
08 php-files
08 php-files08 php-files
08 php-files
 

Destacado

Software Engineering in PHP
Software Engineering in PHPSoftware Engineering in PHP
Software Engineering in PHPM A Hossain Tonu
 
언론홍보학과김현지(@jeehalo, blog.naver.com/guswl1987)
언론홍보학과김현지(@jeehalo, blog.naver.com/guswl1987)언론홍보학과김현지(@jeehalo, blog.naver.com/guswl1987)
언론홍보학과김현지(@jeehalo, blog.naver.com/guswl1987)Hyun Jee Kim
 
언론홍보학과김현지
언론홍보학과김현지언론홍보학과김현지
언론홍보학과김현지Hyun Jee Kim
 
JavaScript Wash - Story of UI Development
JavaScript Wash - Story of UI DevelopmentJavaScript Wash - Story of UI Development
JavaScript Wash - Story of UI DevelopmentM A Hossain Tonu
 
언론홍보학과김현지
언론홍보학과김현지언론홍보학과김현지
언론홍보학과김현지Hyun Jee Kim
 
Blogging, the wordpress way
Blogging, the wordpress wayBlogging, the wordpress way
Blogging, the wordpress wayM A Hossain Tonu
 
Let’s be productive with spring boot
Let’s be productive with spring bootLet’s be productive with spring boot
Let’s be productive with spring bootJUGBD
 

Destacado (10)

Software Engineering in PHP
Software Engineering in PHPSoftware Engineering in PHP
Software Engineering in PHP
 
언론홍보학과김현지(@jeehalo, blog.naver.com/guswl1987)
언론홍보학과김현지(@jeehalo, blog.naver.com/guswl1987)언론홍보학과김현지(@jeehalo, blog.naver.com/guswl1987)
언론홍보학과김현지(@jeehalo, blog.naver.com/guswl1987)
 
온라인Pr
온라인Pr온라인Pr
온라인Pr
 
언론홍보학과김현지
언론홍보학과김현지언론홍보학과김현지
언론홍보학과김현지
 
JavaScript Wash - Story of UI Development
JavaScript Wash - Story of UI DevelopmentJavaScript Wash - Story of UI Development
JavaScript Wash - Story of UI Development
 
Google Maps API
Google Maps APIGoogle Maps API
Google Maps API
 
Succeeding with FOSS!
Succeeding with FOSS!Succeeding with FOSS!
Succeeding with FOSS!
 
언론홍보학과김현지
언론홍보학과김현지언론홍보학과김현지
언론홍보학과김현지
 
Blogging, the wordpress way
Blogging, the wordpress wayBlogging, the wordpress way
Blogging, the wordpress way
 
Let’s be productive with spring boot
Let’s be productive with spring bootLet’s be productive with spring boot
Let’s be productive with spring boot
 

Similar a Cryptography for the mere mortals

Cryptography with Zend Framework
Cryptography with Zend FrameworkCryptography with Zend Framework
Cryptography with Zend FrameworkEnrico Zimuel
 
Cryptography for Smalltalkers 2 - ESUG 2006
Cryptography for Smalltalkers 2 - ESUG 2006Cryptography for Smalltalkers 2 - ESUG 2006
Cryptography for Smalltalkers 2 - ESUG 2006Martin Kobetic
 
Cryptography for Smalltalkers 2
Cryptography for Smalltalkers 2Cryptography for Smalltalkers 2
Cryptography for Smalltalkers 2ESUG
 
Cargo Cult Security at OpenWest
Cargo Cult Security at OpenWestCargo Cult Security at OpenWest
Cargo Cult Security at OpenWestDerrick Isaacson
 
Cryptography and SSL in Smalltalk - StS 2003
Cryptography and SSL in Smalltalk - StS 2003Cryptography and SSL in Smalltalk - StS 2003
Cryptography and SSL in Smalltalk - StS 2003Martin Kobetic
 
Computer Security Laboratory Manual .pdf
Computer Security Laboratory Manual .pdfComputer Security Laboratory Manual .pdf
Computer Security Laboratory Manual .pdfDebebeKebede
 
Eight simple rules to writing secure PHP programs
Eight simple rules to writing secure PHP programsEight simple rules to writing secure PHP programs
Eight simple rules to writing secure PHP programsAleksandr Yampolskiy
 
Adventures in Underland: Is encryption solid as a rock or a handful of dust?
Adventures in Underland: Is encryption solid as a rock or a handful of dust?Adventures in Underland: Is encryption solid as a rock or a handful of dust?
Adventures in Underland: Is encryption solid as a rock or a handful of dust?Paula Januszkiewicz
 
rsa_usa_2019_paula_januszkiewicz
rsa_usa_2019_paula_januszkiewiczrsa_usa_2019_paula_januszkiewicz
rsa_usa_2019_paula_januszkiewiczZuzannaKornecka
 
Cryptography 101 for_java_developers, Fall 2019
Cryptography 101 for_java_developers, Fall 2019Cryptography 101 for_java_developers, Fall 2019
Cryptography 101 for_java_developers, Fall 2019Michel Schudel
 
comp security lab.ppsx
comp security lab.ppsxcomp security lab.ppsx
comp security lab.ppsxDesuWajana
 
Cargo Cult Security UJUG Sep2015
Cargo Cult Security UJUG Sep2015Cargo Cult Security UJUG Sep2015
Cargo Cult Security UJUG Sep2015Derrick Isaacson
 
Code obfuscation, php shells & more
Code obfuscation, php shells & moreCode obfuscation, php shells & more
Code obfuscation, php shells & moreMattias Geniar
 
Code obfuscation, php shells & more
Code obfuscation, php shells & moreCode obfuscation, php shells & more
Code obfuscation, php shells & moreDavid Geens
 

Similar a Cryptography for the mere mortals (20)

Cryptography with Zend Framework
Cryptography with Zend FrameworkCryptography with Zend Framework
Cryptography with Zend Framework
 
Django cryptography
Django cryptographyDjango cryptography
Django cryptography
 
Cryptography for Smalltalkers 2 - ESUG 2006
Cryptography for Smalltalkers 2 - ESUG 2006Cryptography for Smalltalkers 2 - ESUG 2006
Cryptography for Smalltalkers 2 - ESUG 2006
 
Cryptography for Smalltalkers 2
Cryptography for Smalltalkers 2Cryptography for Smalltalkers 2
Cryptography for Smalltalkers 2
 
Cargo Cult Security at OpenWest
Cargo Cult Security at OpenWestCargo Cult Security at OpenWest
Cargo Cult Security at OpenWest
 
veracruz
veracruzveracruz
veracruz
 
veracruz
veracruzveracruz
veracruz
 
veracruz
veracruzveracruz
veracruz
 
veracruz
veracruzveracruz
veracruz
 
Cryptography and SSL in Smalltalk - StS 2003
Cryptography and SSL in Smalltalk - StS 2003Cryptography and SSL in Smalltalk - StS 2003
Cryptography and SSL in Smalltalk - StS 2003
 
Perl object ?
Perl object ?Perl object ?
Perl object ?
 
Computer Security Laboratory Manual .pdf
Computer Security Laboratory Manual .pdfComputer Security Laboratory Manual .pdf
Computer Security Laboratory Manual .pdf
 
Eight simple rules to writing secure PHP programs
Eight simple rules to writing secure PHP programsEight simple rules to writing secure PHP programs
Eight simple rules to writing secure PHP programs
 
Adventures in Underland: Is encryption solid as a rock or a handful of dust?
Adventures in Underland: Is encryption solid as a rock or a handful of dust?Adventures in Underland: Is encryption solid as a rock or a handful of dust?
Adventures in Underland: Is encryption solid as a rock or a handful of dust?
 
rsa_usa_2019_paula_januszkiewicz
rsa_usa_2019_paula_januszkiewiczrsa_usa_2019_paula_januszkiewicz
rsa_usa_2019_paula_januszkiewicz
 
Cryptography 101 for_java_developers, Fall 2019
Cryptography 101 for_java_developers, Fall 2019Cryptography 101 for_java_developers, Fall 2019
Cryptography 101 for_java_developers, Fall 2019
 
comp security lab.ppsx
comp security lab.ppsxcomp security lab.ppsx
comp security lab.ppsx
 
Cargo Cult Security UJUG Sep2015
Cargo Cult Security UJUG Sep2015Cargo Cult Security UJUG Sep2015
Cargo Cult Security UJUG Sep2015
 
Code obfuscation, php shells & more
Code obfuscation, php shells & moreCode obfuscation, php shells & more
Code obfuscation, php shells & more
 
Code obfuscation, php shells & more
Code obfuscation, php shells & moreCode obfuscation, php shells & more
Code obfuscation, php shells & more
 

Más de M A Hossain Tonu

Before you jump into Angular
Before you jump into AngularBefore you jump into Angular
Before you jump into AngularM A Hossain Tonu
 
Understanding Microservices
Understanding Microservices Understanding Microservices
Understanding Microservices M A Hossain Tonu
 
Introduction to Meteor - Worldwide Meteor Day
Introduction to Meteor - Worldwide Meteor DayIntroduction to Meteor - Worldwide Meteor Day
Introduction to Meteor - Worldwide Meteor DayM A Hossain Tonu
 
Developing WordPress Plugins : For Begineers
Developing WordPress Plugins : For BegineersDeveloping WordPress Plugins : For Begineers
Developing WordPress Plugins : For BegineersM A Hossain Tonu
 

Más de M A Hossain Tonu (8)

Before you jump into Angular
Before you jump into AngularBefore you jump into Angular
Before you jump into Angular
 
Understanding Microservices
Understanding Microservices Understanding Microservices
Understanding Microservices
 
Understanding meteor
Understanding meteorUnderstanding meteor
Understanding meteor
 
Introduction to Meteor - Worldwide Meteor Day
Introduction to Meteor - Worldwide Meteor DayIntroduction to Meteor - Worldwide Meteor Day
Introduction to Meteor - Worldwide Meteor Day
 
Secure my ng-app
Secure my ng-appSecure my ng-app
Secure my ng-app
 
Google Map API
Google Map APIGoogle Map API
Google Map API
 
Google Maps API
Google Maps APIGoogle Maps API
Google Maps API
 
Developing WordPress Plugins : For Begineers
Developing WordPress Plugins : For BegineersDeveloping WordPress Plugins : For Begineers
Developing WordPress Plugins : For Begineers
 

Último

Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 

Último (20)

Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 

Cryptography for the mere mortals

Notas del editor

  1. H
  2. H
  3. H
  4. H
  5. H
  6. H
  7. H
  8. H
  9. H
  10. H
  11. Plaintext The initial unencrypted (unscrambled) data to be communicated. CiphertextPlaintext is encrypted (scrambled) into something unintelligible – ciphertext for communication Example: “esqbsuibqsbujnebt” Encryption The process of converting ordinary information ( plaintext ) into ciphertext . Decryption The reverse process of moving from unintelligible ciphertext to plaintext . Cipher Pair of algorithms performing encryption &amp; decryption. Key A secret parameter for the cipher algorithm. Key Management Management of generation, exchange, storage, safeguarding, use, vetting, and replacement of keys. Provisions in Cryptosystem design, Cryptographic protocols in that design, User procedures, and so on. Crypto Analysis / Code Breaking The study of how to circumvent the confidentiality sought by using encryption.
  12. To check if a given $password string is valid, for a given hash, you can use the following condition:If($hash==crypt($password,$hash)) echo ‘valid’;
  13. Advanced encryption standard
  14. H
  15. H
  16. H
  17. H
  18. H
  19. H
  20. H
  21. H
  22. H
  23. H
  24. H
  25. H
  26. H
  27. rand() predictablea cryptographically strong random number in PHP you have to use the function openssl_random_pseudo_bytes() of the OpenSSL library, available at PHP 5.3
  28. DES cipher uses 56-bit key, that means the key space is 2^56.