C3Subtitles: 35c3: Provable Security
back

Provable Security

How I learned to stop worrying and love the backdoor

If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!

Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.

Video duration
00:59:05
Language
English
Abstract
Modern cryptography is based on security-proofs. We will demonstrate how these work, why they are desirable and what their limitations are.

<p>Even the use of secure primitives like AES or RSA does not guarantee that the end-result is secure as well. In recent years breaks of modern primitives have in fact become exceedingly rare, yet stories like the KRACK-attack or ROBOT keep appearing.</p>

<p>The obvious answer to these problems would be to proof that our protocols are secure. While that may sound great in theory, there are many issues as well:</p>

<ul>
<li>Proving (almost) anything secure, would require to solve a millennium-problem.</li>
<li>Given the above, assumptions are required; but which assumptions are reasonable?</li>
<li>The word “secure” may seem intuitive, but can we formally define it? And can something be <em>too</em> secure?</li>
<li>Idealizing primitives can solve many problems, but what about over-idealizations?</li>
<li>Can backdoors be necessary to prove security?</li>
<li>A proof can only show the absence of attacks in a certain model. What about attacks outside those models?</li>
</ul>

Talk ID
9517
Event:
35c3
Day
3
Room
Dijkstra
Start
11:30 a.m.
Duration
01:00:00
Track
Security
Type of
lecture
Speaker
FJW
Lukas
0.0% Checking done0.0%
0.0% Syncing done0.0%
0.0% Transcribing done0.0%
100.0% Nothing done yet100.0%

English: Transcribed until

Last revision: unknown