Home
Search results “Computer security privacy and cryptography research”
Cryptography Research
 
05:36
Cryptography Research IBM and the Future of Cyber Security By 2011, the world will be 10 times more instrumented than it was in 2006. Internet connected devices will leap from 500 Million to 1 Trillion. Approximately 70% of the digital universe is created by individuals, but enterprises are responsible for 85% of the security, privacy, reliability, and compliance. Increasingly, the proliferation of data-generating sensors and mobile computing devices, and the emergence of new forms of communication such as social networking, are driving unprecedented growth in the collection, storage and management of all types of data. Not surprisingly, this phenomenon has sparked growing demand for the ability to extract intelligence from these massive mountains of information—intelligence that can enable organizations to improve their decision-making and run their businesses more effectively and efficiently. With this capacity to rapidly sift thru data and gain new insights comes a significant challenge and responsibility when it comes to personal information, or information that relates to identifiable individuals: how to enable the exchange and analysis of data, while protecting privacy. IBM has long recognized the importance of information privacy and led by example in its own privacy polices and practices: the company was the first multinational to adopt a global privacy policy in the late 1960s, and continued that leadership as recently as 2005 when it was the first company to address genetic privacy. But policies and practices are not enough on their own to address the privacy challenges of an increasingly smarter planet. Thoughtfully-designed technologies can play a key role here, part of a paradigm that some are calling Privacy by Design. As the world becomes smarter and more interconnected, the capacity to rapidly sift through data to gain new insights brings with it a significant challenge and responsibility when it comes to personal information. How do we enable the exchange and analysis of data, while protecting privacy? IBM, which in the 1960s because the first multinational to adopt a global privacy policy and in 2005 was the first to address genetic privacy, has long recognized the importance of information privacy. Leading by example in its own privacy polices and practices, IBM has also received many patents for inventions that support our commitment to privacy leadership. For example, an IBM Researcher has solved a thorny mathematical problem that has confounded scientists since the invention of public-key encryption several decades ago. The breakthrough, called "privacy homomorphism," or "fully homomorphic encryption," makes possible the deep and unlimited analysis of encrypted information -- data that has been intentionally scrambled -- without sacrificing confidentiality. IBM's solution, formulated by IBM Researcher Craig Gentry, uses a mathematical object called an "ideal lattice," and allows people to fully interact with encrypted data in ways previously thought impossible. With the breakthrough, computer vendors storing the confidential, electronic data of others will be able to fully analyze data on their clients' behalf without expensive interaction with the client, and without seeing any of the private data. With Gentry's technique, the analysis of encrypted information can yield the same detailed results as if the original data was fully visible to all. Using the solution could help strengthen the business model of "cloud computing," where a computer vendor is entrusted to host the confidential data of others in a ubiquitous Internet presence. It might better enable a cloud computing vendor to perform computations on clients' data at their request, such as analyzing sales patterns, without exposing the original data. Other potential applications include enabling filters to identify spam, even in encrypted email, or protecting information contained in electronic medical records. The breakthrough might also one day enable computer users to retrieve information from a search engine with more confidentiality http://asmarterplanet.com/
Views: 13324 Social Media
Will Quantum Computers break encryption?
 
15:45
How do you secure messages over the internet? How do quantum computers break it? How do you fix it? Why don't you watch the video to find out? Why does this description have so many questions? Why are you still reading? What is the meaning of life? Facebook: https://www.facebook.com/frameofessence Twitter: https://twitter.com/frameofessence YouTube: https://www.youtube.com/user/frameofessence CLARIFICATIONS: You don't actually need a quantum computer to do quantum-safe encryption. As briefly mentioned at 7:04 , there are encryption schemes that can be run on regular computers that can't be broken by quantum computers. CORRECTIONS: [2:18] Technically, you can use any key to encrypt or decrypt whatever you want. But there's a specific way to use them that's useful, which is what's shown in the video. [5:36] In RSA, depending on exactly what you mean by "private key", neither key is actually derivable from the other. When they are created, they are generated together from a common base (not just the public key from the private key). But typically, the file that stores the "private key" actually contains a bit more information than just the private key. For example, in PKCS #1 RSA private key format ( https://tools.ietf.org/html/rfc3447#appendix-A.1.2 ), the file technically contains the entire public key too. So in short, you technically can't get the public key from the private key or vice versa, but the file that contains the private key can hold more than just the private key alone, making it possible to retrieve the public key from it. Video links: Encryption and HUGE numbers - Numberphile https://youtu.be/M7kEpw1tn50 The No Cloning Theorem - minutephysics https://youtu.be/owPC60Ue0BE Quantum Entanglement & Spooky Action at a Distance - Veritasium https://youtu.be/ZuvK-od647c Sources: Quantum Computing for Computer Scientists http://books.google.ca/books/about/Quantum_Computing_for_Computer_Scientist.html?id=eTT0FsHA5DAC Random person talking about Quantum MITM attacks http://crypto.stackexchange.com/questions/2719/is-quantum-key-distribution-safe-against-mitm-attacks-too The Ekert Protocol (i.e. E91) http://www.ux1.eiu.edu/~nilic/Nina's-article.pdf Annealing vs. Universal Quantum Computers https://medium.com/quantum-bits/what-s-the-difference-between-quantum-annealing-and-universal-gate-quantum-computers-c5e5099175a1 Images, Documents, and Screenshots: Post-Quantum Cryptography initiatives http://csrc.nist.gov/groups/ST/post-quantum-crypto/cfp-announce-dec2016.html http://pqcrypto.eu.org/docs/initial-recommendations.pdf Internet map (Carna Botnet) http://census2012.sourceforge.net/ Quantum network maps https://www.slideshare.net/ADVAOpticalNetworking/how-to-quantumsecure-optical-networks http://www.secoqc.net/html/press/pressmedia.html IBM Quantum http://research.ibm.com/ibm-q/ Music: YouTube audio library: Blue Skies Incompetech: Jay Jay Pamgaea The House of Leaves Premium Beat: Cutting Edge Technology Second Time Around Swoosh 1 sound effect came from here: http://soundbible.com/682-Swoosh-1.html ...and is under this license: https://creativecommons.org/licenses/sampling+/1.0/
Views: 391948 Frame of Essence
Cybersecurity: Crash Course Computer Science #31
 
12:30
Cybersecurity is a set of techniques to protect the secrecy, integrity, and availability of computer systems and data against threats. In today’s episode, we’re going to unpack these three goals and talk through some strategies we use like passwords, biometrics, and access privileges to keep our information as secure, but also as accessible as possible. From massive Denial of Service, or DDos attacks, to malware and brute force password cracking there are a lot of ways for hackers to gain access to your data, so we’ll also discuss some strategies like creating strong passwords, and using 2-factor authentication, to keep your information safe. Check out Computerphile’s wonderful video on how to choose a password! https://www.youtube.com/watch?v=3NjQ9b3pgIg Pre-order our limited edition Crash Course: Computer Science Floppy Disk Coasters here! https://store.dftba.com/products/computer-science-coasters Produced in collaboration with PBS Digital Studios: http://youtube.com/pbsdigitalstudios Want to know more about Carrie Anne? https://about.me/carrieannephilbin The Latest from PBS Digital Studios: https://www.youtube.com/playlist?list=PL1mtdjDVOoOqJzeaJAV15Tq0tZ1vKj7ZV Want to find Crash Course elsewhere on the internet? Facebook - https://www.facebook.com/YouTubeCrash... Twitter - http://www.twitter.com/TheCrashCourse Tumblr - http://thecrashcourse.tumblr.com Support Crash Course on Patreon: http://patreon.com/crashcourse CC Kids: http://www.youtube.com/crashcoursekids
Views: 300459 CrashCourse
Bruce Schneier's Amazing Answers for Questions about Security, Privacy and Cryptography at DEF CON
 
46:34
Bruce Schneier is an internationally renowned security technologist, called a "security guru" by the Economist. He is the author of 12 books, including the New York Times best-seller Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World. Watch this video to see the interesting answers given by Bruce Schneier for many questions asked at DEF CON 23. Bruce Schneier is telling about Computer Security, Hacking, privacy, Cryptography and many other things in an interesting way. I created this video with the YouTube Video Editor (http://www.youtube.com/editor) with Creative common licence provided by DEF CON.
Why the NSA is breaking our encryption -- and why we should care | Matthew Green | TEDxMidAtlantic
 
09:33
This talk was given at a local TEDx event, produced independently of the TED Conferences. Encryption dates back to the Founding Fathers and the Bill of Rights. Now, the United States National Security Agency is breaking and undermining core encryption technologies that power the Internet, saying it's being done for our own protection from terrorists. But are we sacrificing our freedoms for fear? Matthew Green is an Assistant Research Professor of Computer Science at the Johns Hopkins University. His research focuses on computer security and cryptography, and particularly the way that cryptography can be used to promote individual privacy. His work includes techniques to securely access medical databases, enhance the anonymity of Bitcoin, and to analyze deployed security systems. Prior to joining the Johns Hopkins faculty he served as a Senior Technical Staff Member at AT&T Laboratories. About TEDx, x = independently organized event In the spirit of ideas worth spreading, TEDx is a program of local, self-organized events that bring people together to share a TED-like experience. At a TEDx event, TEDTalks video and live speakers combine to spark deep discussion and connection in a small group. These local, self-organized events are branded TEDx, where x = independently organized TED event. The TED Conference provides general guidance for the TEDx program, but individual TEDx events are self-organized.* (*Subject to certain rules and regulations)
Views: 130816 TEDx Talks
Daniele Micciancio - The use of cryptography
 
03:10
As a professor of computer science and engineering at the University of California, San Diego, Daniele Micciancio knows that the greatest challenge is to get people to use cryptography. End users are starting to notice the importance of security and privacy, and his research in and is a leader in lattice based cryptography and computational complexity will help develop better systems. Micciancio was visiting IQC for PQCrypto 2014, the 6th international conference on post-quantum cryptography (https://pqcrypto2014.uwaterloo.ca/). Find out more about IQC! Website - https://uwaterloo.ca/institute-for-quantum-computing/ Facebook - https://www.facebook.com/QuantumIQC Twitter - https://twitter.com/QuantumIQC Micciancio explains the important challenge of getting everyday computer users to think about cryptography and the security of their data.
Security and Privacy of Machine Learning
 
47:42
Ian Goodfellow, Staff Research Scientist, Google Brain Machine learning is a powerful new tool that can be used for security applications (for example, to detect malware) but machine learning itself introduces many new attack surfaces. For example, attackers can control the output of machine learning models by manipulating their inputs or training data. In this session, I give an overview of the emerging field of machine learning security and privacy. Learning Objectives: 1: Learn about vulnerabilities of machine learning. 2: Explore existing defense techniques (differential privacy). 3: Understand opportunities to join research effort to make new defenses. https://www.rsaconference.com/videos/security-and-privacy-of-machine-learning
Views: 668 RSA Conference
The Internet Exposed: Encryption, Backdoors and Privacy – and the Quest to Maintain Trust
 
24:06
This video is a production of the Washington DC Chapter of the Internet Society (ISOC-DC http://www.isoc-dc.org/), produced and directed by Paul Brigner and David Vyorst. It premiered at the Computers, Freedom and Privacy Conference on October 14, 2015. It is meant to be a starting point for discussions about #encryption, #privacy, and #cybersecurity. We intend to use this video to frame panel discussions, webinars, research, and conversations. For more information, contact the producers at [email protected] Executive Producer: Paul Brigner Produced by David Vyorst & Paul Brigner Directed by David Vyorst Edited by Adrian Muys & Paul Brigner Animation & Graphics by Sareen Hairabedian Camera: Paul Brigner Gary Griffin Kevin Barbour Funding Provided by The Internet Society
Cloud Security and Privacy
 
01:30:45
Kristin Lauter chairs this session at Faculty Summit 2011, which includes the following presentations. - Cryptographic Cloud Storage and ServicesΓÇöKristin Lauter, Microsoft Research - Encryption as Access Control for Cloud SecurityΓÇöCarl Gunter, University of Illinois - The Economics of Cloud Computing: Why a Brooklyn Latte Buys a Million Unforgettable SignaturesΓÇöRadu Sion, Stony Brook University
Views: 602 Microsoft Research
Language based techniques for cryptography and privacy
 
01:03:11
UCL Computer Science Distinguished Lecture A common theme in program verification is establishing relationships between two runs of the same program or of different programs. Such relationships can be proved by semantical means, or with syntactic methods such as relational program logics and product constructions. Gilles shall present an overview of these methods and their applications to provable security, differential privacy, and secure implementations. Gilles Barthe is a research professor at the IMDEA Software Institute. His research interests include logic, formal verification, programming languages, and security. His current work focuses on verification and synthesis methods for cryptography and differential privacy. He is a member of the editorial boards of the Journal of Automated Reasoning and Journal of Computer Security. He received a Ph.D. in Mathematics from the University of Manchester, UK, in 1993, and an Habilitation à diriger les recherches in Computer Science from the University of Nice, France, in 2004.
Views: 256 UCLComputerScience
Federated Identity: Security, Privacy, and Convenience
 
02:16
Federated identity management and single sign-on enhances collaboration, benefiting research and education.
Views: 921 Internet2videos
Introduction to Computer Security - Information Security Lesson #1 of 12
 
41:47
Dr. Soper provides an introduction to computer security. Topics covered include dependence on technology, information assets, threats, vulnerabilities, controls, confidentiality, integrity, availability, types of attackers, methods of defense, and multi-layered security.
Views: 395802 Dr. Daniel Soper
Prof Aggelos Kiayias | Proving the security of blockchain protocols.
 
02:59:18
Prof Aggelos Kiayias at Shanghai Jiao Tong University | Proving the security of blockchain protocols. A video presentation with Prof Aggelos Kiayias at Shanghai Jiao Tong University & Winter School on Cryptocurrency and Blockchain Technologies, Filmed on location in Shanghai January 15th - 17th 2017. Prof Aggelos Kiayias is the Chair in Cyber Security and Privacy at the University of Edinburgh. His research interests are in computer security, information security, applied cryptography and foundations of cryptography with a particular emphasis in blockchain technologies and distributed systems, e-voting and secure multiparty protocols as well as privacy and identity management. He joins IOHK as chief scientist through a long-term consulting agreement between IOHK and the University of Edinburgh, UK, where he is based and continues to do research and teach courses in cyber security and cryptography. Prof Kiayias is also Professor in Residence (gratis) at the University of Connecticut, USA, and Associate Professor of Cryptography and Security (on leave) at the National and Kapodistrian University of Athens, Greece. Prof Kiayias’s cyber security research over the years has been funded by the Horizon 2020 programme (EU), the European Research Council (EU), the General Secretariat for Research and Technology (Greece), the National Science Foundation (USA), the Department of Homeland Security (USA), and the National Institute of Standards and Technology (USA). He has received an ERC Starting Grant, a Marie Curie fellowship, an NSF Career Award, and a Fulbright Fellowship. He holds a Ph.D. from the City University of New York and he is a graduate of the Department of Mathematics at the University of Athens. He has more than 100 publications in journals and conference proceedings in the area. He currently serves as the program chair of the Financial Cryptography and Data Security 2017 conference. https://iohk.io/team/aggelos-kiayias/ Cryptocurrencies like Bitcoin have proven to be a phenomenal success. The underlying blockchain techniques hold a huge promise to change the future of financial transactions, and even our way of computation and collaboration. Both development community and research community have recently made significant progresses. But at the same time, we are facing many challenges. This winter school aims to bring together the communities working on cryptocurrency and blockchain technologies. The target audience is anyone (students, researchers, developers, professionals) with an interest in cryptography and security. The lectures in the school will be given by world leading researchers in this area (such as Professors Jonathan Katz and Aggelos Kiayias - IOHK). All lectures will be self-contained, and we don’t assume the participants to have cryptography background. In this winter school, we will study a comprehensive set of topics about blockchain technologies, including: Bitcoin basics; Analysis of Nakamoto consensus in cryptographic setting and in game-theoretical setting; Ethereum and smart contracts; Alternative approaches to mining and consensus; Scalability; Anonymity. Input Output Founded in 2015 by Charles Hoskinson and Jeremy Wood, IOHK is a technology company committed to using peer-to-peer innovations to provide financial services to the three billion people who don’t have them. Cascading disruption It is the founding principle of IOHK. Cascading disruption is the idea that most of the structures that form the world’s financial, governance and social systems are inherently unstable and thus minor perturbations can cause a ripple effect that fundamentally reconfigures the entire system. Our company is committed to identifying and developing technology to force these perturbations in order to push towards a more fair and transparent order. Projects we work on Currently IOHK is studying new tools and paradigms for cryptographic research and the architecture of cryptocurrencies. More specifically, we are collaboratively developing an open-source library for universal composability and the Scorex project. We also do for-profit work aligned with our mission, vision and goals. The mission of IOHK We view the world as a series of giant and mostly interconnected social graphs with hundreds of complex systems embedded. Our mission is to perturb the graphs to a more connected, transparent and fair configuration for both the flow of ideas and value. Get our latest news updates: https://iohk.io/blog/ Meet the team: https://iohk.io/team/ Learn about our projects: https://iohk.io/projects/cardano/ Read our papers: http://iohk.link/paper-ouroboros Visit our library: https://iohk.io/research/library/ In the press: https://iohk.io/press/ Work with us: https://iohk.io/careers/
Views: 1111 IOHK
Cryptography in a post-Snowden era - Bart Preneel
 
01:33:58
This lecture presents an overview of the Snowden revelations and the impact on our understanding of the security of our networks and systems. In particular, we discuss the known ways in which sophisticated attackers can bypass or undermine cryptography. We also speculate on how three-letter agencies could be breaking most encryption on the Internet. We relate this to the latest developments in cryptanalysis and discuss which cryptographic algorithms and implementations to select to stay protected. Learning objectives + Understand how sophisticated opponents agencies can undermine cryptographic protection + Understand how to maximize your chances to resist sophisticated opponents using cryptographic techniques This lecture was delivered by Bart Preneel at SecAppDev 2016, Leuven, Belgium Professor Bart Preneel of KU Leuven heads the iMinds COSIC (COmputer Security and Industrial Cryptography) research group. His main research areas are information security and privacy with a focus on cryptographic algorithms and protocols and efficient and secure implementations. He has authored more than 400 scientific publications and is inventor of five patents. He teaches cryptology, network security and discete algebra at the KU Leuven and was visiting professor at the Ruhr Universitaet Bochum (Germany), the T.U.Graz (Austria), the University of Bergen (Norway), DTU (Denmark) and the Universiteit Gent (Belgium). In '93-'94 he was a research fellow at the University of California at Berkeley. He undertakes industrial consulting for major players in the finance, telco and hardware industry and has co-designed the Belgian eID and e-voting scheme. He is active in international standaridzation . Professor Preneel has served as Director, (1997-present), Vice President (2002-2007) and President (2008-2013) of the International Association for Cryptologic Research (IACR) and is co-founder and chairman of LSEC vzw (Leuven Security Excellence Consortium). He is a fellow of the IACR, a member of the Permanent Stakeholders group of ENISA (European Network and Information Security Agency) and of the Academia Europaea. He has testified for the European and Belgian parliament. He has been invited speaker at more than 150 conferences and schools in 40 countries. In 2014 he received the RSA Award for Excellence in the Field of Mathematics.
Views: 819 secappdev.org
Entity Authentication and Symmetric Key Establishment - Bart Preneel
 
01:35:00
Entity Authentication and Symmetric Key Establishment, by Bart Preneel Authentication methods are based on something known, owned, biometric, location or evidence of trusted third party authentication. + A password is a case of something known. Passwords are a vulnerable, but cheap and convenient way of authenticating an entity. Several techniques to augment their effectiveness are in use including challenge-response and one-time passwords. + Secure devices such as smart cards and USB tokens often combine the 'owned' with the 'known', since secret keys are locked in the token with a password or PIN code. However, within the broad category of secure tokens, trustworthiness is variable, depending on whether keys can be extracted, passwords can be eavesdropped or the device can be tampered with. + Biometry identifies a person via physical characteristics. + Location is often used as the sole authentication factor, but is insecure given the relative ease of spoofing IP or MAC addresses. + Multi-factor authentication is stronger than single-factor. + The Kerberos protocol uses a key distribution-based authentication server. Service consumers must authenticate with a central server to obtain a secret session key with service providers. Such schemes require a single sign-on to access servers across a trust domain. While public key cryptography is well suited to entity authentication, performance constraints often mandate a symmetric algorithm for encrypting data passed between systems. Key establishment should be linked to authentication, so that a party has assurances that a key is only shared with the authenticated party. The Diffie-Hellman key agreement protocol underlies a host of current technologies such as STS (Station-to-Station protocol) and IKE. Learning objectives Gain insight into + entity authentication protocols, + the benefits and limitations of authentication factors, + key establishment protocols, + why and how to use authentication servers. This lecture was delivered by Bart Preneel in Leuven on Tuesday February 11th at SecAppDev 2014. Professor Bart Preneel heads the COSIC (COmputer Security and Industrial Cryptography) research group at KU Leuven. His main research area is information security with a focus on cryptographic algorithms and protocols as well as their applications to both computer and network security, and mobile communications. He teaches cryptology, network security and coding theory at the KU Leuven and was visiting professor at the Ruhr Universitaet Bochum (Germany), the T.U.Graz (Austria), the University of Bergen (Norway), and the Universiteit Gent (Belgium). In '93-'94 he was a research fellow at the University of California at Berkeley. He has taught intensive courses around the world. He undertakes industrial consulting (Mastercard International, S.W.I.F.T., Proton World International,...), and participates in the work of ISO/IEC JTC1/SC27/WG2. Professor Preneel is Vice President of the International Association for Cryptologic Research (IACR) and co-founder and chairman of LSEC vzw (Leuven Security Excellence Consortium).
Views: 1354 secappdev.org
Gaby Lenhart - Cryptography, privacy and security
 
02:25
Hear from Gaby Lenhart, Senior Research Officer for the European Telecommunications Standards Institute about the importance of standardization and security. Lenhart visiting IQC for PQCrypto 2014, the 6th international conference on post-quantum cryptography (https://pqcrypto2014.uwaterloo.ca/). Find out more about IQC! Website - https://uwaterloo.ca/institute-for-quantum-computing/ Facebook - https://www.facebook.com/QuantumIQC Twitter - https://twitter.com/QuantumIQC
Blockchain: Application Scenarios and Security | 27 April 2017 - 2:15 pm
 
14:43
This presentation gives an overview about Blockchain application scenarios, which can be divided into Digital Registry, Crypto-currency, Smart contracts. Building blocks of Blockchain based systems are investigated with respect to their security and trust properties. Find all presentations for download under https://www.siemens.com/hm17-program
Views: 3914 Siemens
Privacy and security challenges in today's e-health systems: Danny De Cock at TEDxUHowest
 
18:27
Who Is Danny De Cock? Danny De Cock researches as a post-doc applied cryptography at the Katholieke Universiteit Leuven in Belgium (university name is not to be translated!). Danny is an expert in computer security and industrial cryptography applications and he has conducted extensive research projects in this field. His work includes the analysis and design of identity management systems and secure communications architectures for various environments and communities. He has also researched security aspects of mobile devices, car telematics, home appliances, electronic banking, electronic voting schemes and electronic identity cards. Most recently he was the coordinator of a study for the four Belgian governments to lay out the security architecture and functionality of the electronic voting system for Belgian elections. This system has been deployed for official elections in October 2012. Danny is involved with different identity management projects to increase Belgian eGovernment efficiency on the regional and federal level, and was in charge of the Modinis-IDM study (http://godot.be/modinis) that was organized by the European Commission to build on expertise and initiatives in the EU Member States to progress towards a coherent approach in electronic identity management in eGovernment in the European Union. Danny is the project coordinator of the European Project TAS3 (Trusted Architecture for Securely Shared Services, cf. http://tas3.eu). This project focused on service oriented architectures that deployed in the employability and healthcare sector. He is also inolved in research on computer forensics through the BC-Centre, focusing on the protection of evidence. What is this talk all about? Privacy And Security Challenges In Today's Ehealth Systems In this talk he sketches the aspects that necessitate the protection of data that are exchanged in e-health care systems. He also illustrates how these protection measures can be applied successfully, and why this is not always what we want. About TED and TEDx In the spirit of ideas worth spreading, TEDx is a program of local, self-organized events that bring people together to share a TED-like experience. At a TEDx event, TEDTalks video and live speakers combine to spark deep discussion and connection in a small group. These local, self-organized events are branded TEDx, where x = independently organized TED event. The TED Conference provides general guidance for the TEDx program, but individual TEDx events are self-organized.* (*Subject to certain rules and regulations)
Views: 1659 TEDx Talks
IOHK | Research; Prof Aggelos Kiayias, Input Output Research.
 
57:09
IOHK's Chief Scientist, Professor Aggelos Kiayias presents a full update on in-house research, embedded research and our extended collaborations. Filmed on location in Lisbon, Portugal at the IOHK Global Summit 2018. Prof Aggelos Kiayias is the Chair in Cyber Security and Privacy at the University of Edinburgh. His research interests are in computer security, information security, applied cryptography and foundations of cryptography with a particular emphasis in blockchain technologies and distributed systems, e-voting and secure multiparty protocols as well as privacy and identity management. He joins IOHK as chief scientist through a long-term consulting agreement between IOHK and the University of Edinburgh, UK, where he is based and continues to do research and teach courses in cyber security and cryptography. Prof Kiayias is also Professor in Residence (gratis) at the University of Connecticut, USA, and Associate Professor of Cryptography and Security (on leave) at the National and Kapodistrian University of Athens, Greece. Prof Kiayias’s cyber security research over the years has been funded by the Horizon 2020 programme (EU), the European Research Council (EU), the General Secretariat for Research and Technology (Greece), the National Science Foundation (USA), the Department of Homeland Security (USA), and the National Institute of Standards and Technology (USA). He has received an ERC Starting Grant, a Marie Curie fellowship, an NSF Career Award, and a Fulbright Fellowship. He holds a Ph.D. from the City University of New York and he is a graduate of the Department of Mathematics at the University of Athens. He has more than 100 publications in journals and conference proceedings in the area. https://iohk.io/team/aggelos-kiayias/ -- Input Output See more at: https://iohk.io Get our latest news updates: https://iohk.io/blog/ Meet the team: https://iohk.io/team/ Learn about our projects: https://iohk.io/projects/cardano/ Read our papers: http://iohk.link/paper-ouroboros Visit our library: https://iohk.io/research/library/ In the press: https://iohk.io/press/ Work with us: https://iohk.io/careers/
Views: 2237 IOHK
Cryptographic and Information Security in the Post-Snowden Era - Bart Preneel
 
01:37:24
This lecture presents an overview of the Snowden revelations and the impact on our understanding of the security of our networks and systems. In particular, we discuss the known ways in which sophisticated attackers can bypass or undermine cryptography. We also speculate on how three-letter agencies could be breaking most encryption on the Internet. We relate this to the latest developments in cryptanalysis and discuss which cryptographic algorithms and implementations to select to stay protected. This lecture was delivered at SecAppDev 2015 in Leuven. Professor Bart Preneel of KU Leuven heads the iMinds COSIC (COmputer Security and Industrial Cryptography) research group. His main research areas are information security and privacy with a focus on cryptographic algorithms and protocols and efficient and secure implementations. He has authored more than 400 scientific publications and is inventor of five patents. He teaches cryptology, network security and discete algebra at the KU Leuven and was visiting professor at the Ruhr Universitaet Bochum (Germany), the T.U.Graz (Austria), the University of Bergen (Norway), DTU (Denmark) and the Universiteit Gent (Belgium). In '93-'94 he was a research fellow at the University of California at Berkeley. He undertakes industrial consulting for major players in the finance, telco and hardware industry and has co-designed the Belgian eID and e-voting scheme. He is active in international standaridzation . Professor Preneel has served as Director, (1997-present), Vice President (2002-2007) and President (2008-2013) of the International Association for Cryptologic Research (IACR) and is co-founder and chairman of LSEC vzw (Leuven Security Excellence Consortium). He is a fellow of the IACR, a member of the Permanent Stakeholders group of ENISA (European Network and Information Security Agency) and of the Academia Europaea. He has testified for the European and Belgian parliament. He has been invited speaker at more than 150 conferences and schools in 40 countries. In 2014 he received the RSA Award for Excellence in the Field of Mathematics.
Views: 498 secappdev.org
Cyber Codes
 
03:36
Do you trust the security of your email, text messages, and browser history? Learn how trustworthy online communication actually is and how encryption can protect your privacy. Sometimes. Play the Cybersecurity Lab: http://www.pbs.org/wgbh/nova/labs/lab/cyber/ Find discussion questions for this video and other resources in the Cybersecurity Lab collection on PBS LearningMedia: http://www.pbslearningmedia.org/resource/nvcy-sci-cybercodes/cyber-codes/ NOVA Labs Facebook: https://www.facebook.com/theNOVALabs NOVA Labs Twitter: https://twitter.com/theNOVALabs CREDITS Writer/Director/Producer Alex Rosenthal Animator Nick Hilditch Narrator George Zaidan Music Scorekeepers Music Library Freesound.org SFX 46630 quick writing with pencil on paper by 123jorre456 181774 rustling paper by keweldog 209583 oven mitt impact by Zott820 101921 rowing2 by juskiddink 70299 sonar by KIZILSUNGUR 167155 typing by DSPena 79145 sloshing waterbottle by Razzvio 191766 bamboo whip sound effect by UnderlinedDesigns 153235 swishes svihy by J.Zazvurek 119847 paper shake by kbnevel 144265 impact misc tools 0004 by D W
Views: 87316 NOVA PBS Official
IOHK | Why Peer Review?
 
07:35
Prof Aggelos Kiayias is the Chair in Cyber Security and Privacy at the University of Edinburgh. His research interests are in computer security, information security, applied cryptography and foundations of cryptography with a particular emphasis in blockchain technologies and distributed systems, e-voting and secure multiparty protocols as well as privacy and identity management. He joins IOHK as chief scientist through a long-term consulting agreement between IOHK and the University of Edinburgh, UK, where he is based and continues to do research and teach courses in cyber security and cryptography. Prof Kiayias is also Professor in Residence (gratis) at the University of Connecticut, USA, and Associate Professor of Cryptography and Security (on leave) at the National and Kapodistrian University of Athens, Greece. Prof Kiayias’s cyber security research over the years has been funded by the Horizon 2020 programme (EU), the European Research Council (EU), the General Secretariat for Research and Technology (Greece), the National Science Foundation (USA), the Department of Homeland Security (USA), and the National Institute of Standards and Technology (USA). He has received an ERC Starting Grant, a Marie Curie fellowship, an NSF Career Award, and a Fulbright Fellowship. He holds a Ph.D. from the City University of New York and he is a graduate of the Department of Mathematics at the University of Athens. He has more than 100 publications in journals and conference proceedings in the area. He currently serves as the program chair of the Financial Cryptography and Data Security 2017 conference. https://iohk.io/team/aggelos-kiayias/ -- See more at: https://iohk.io Get our latest news updates: https://iohk.io/blog/ Meet the team: https://iohk.io/team/ Learn about our projects: https://iohk.io/projects/ Visit our library: https://iohk.io/research/library/ In the press: https://iohk.io/press/ Work with us: https://iohk.io/careers/
Views: 1613 IOHK
Current Topics in Cybersecurity
 
01:01:38
The 21st century is characterized by the use of the Internet for our personal and professional daily lives. National security depends on a stable, safe and resilient cyberspace. We rely on this vast array of networks to communicate, socialize, network, travel, automate our homes, run the world economy, and provide many government programs and services. Unfortunately, cyber intrusions and attacks have increased dramatically during the past decade, exposing sensitive personal and business information, disrupting critical business operations and disrupting economies. Get an overview of cybersecurity from multiple perspectives in this timely lecture.
Views: 2298 UC Berkeley Extension
DEF CON 23 - Crypto and Privacy Village - Robert Olson - Teaching Privacy Using Red Team Strategies
 
01:00:15
"Teaching Privacy Using Red Team Strategies: An Undergraduate General Education Curriculum" Robert Olson (nerdprof) Privacy is very important concept that, unfortunately, many undergraduate students don’t encounter frequently in their chosen courses of study. Often, when it is discussed, it’s discussed using a deeply philosophical approach to which students may have a difficult time connecting. This approach also often fails to connect privacy with many of the important technical nuances that can have a significant impact on modern privacy debates. This talk will discuss an alternative approach used in a Spring 2015 undergraduate general education course titled Hacking, Surveillance, and Privacy. The goal of this class was to take a technical approach to teaching privacy concepts in order to ensure students would understand the technical details of modern privacy debates in an addition to the philosophical concepts. Students were given hands-on experiences with penetration testing tools so that they might better understand how computer security impacts privacy while seeing first-hand how their privacy might be violated. Students were exposed to data-mining techniques so that they might understand the privacy implications of large-scale data collection. Finally, students were exposed to privacy tools so that they might understand the challenges in protecting one’s privacy against modern threats. Robert Olson is currently an instructor in the Department of Computer and Information Sciences at the State University of New York at Fredonia, where he teaches courses in security, data mining, and programming. He holds two graduate degrees in Interdisciplinary Studies (Cognitive Science) and Management Information Systems as well as several professional certifications. He has spoken at the Def Con 22 Crypto / Privacy Village, BSides Rochester, and several academic conferences. Most recently, his research has been focused on designing penetration testing agents and exploring new ideas in privacy protecting network protocols.
Views: 1044 DEFCONConference
Stanford cybersecurity expert: Dan Boneh
 
02:10
Professor Dan Boneh, head of the applied cryptography group in the Computer Science Department, discusses the importance of making encryption easier to use as computer security breaches become easier to monetize. Professor Boneh's research focuses on applications of cryptography to computer security, and his work includes cryptosystems with novel properties, web security, security for mobile devices, digital copyright protection, and cryptanalysis. He is the author of more than 100 publications in the field and a recipient of the Packard Award, the Alfred P. Sloan Award and the RSA award in mathematics.
Views: 4449 Stanford
“Battling Minds: Creativity and Computer Security” | Paul Kocher | TEDxSausalito
 
06:06
CHIEF SCIENTIST, CRYPTOGRAPHY RESEARCH DIVISION, RAMBUS Can creativity enable us to solve today's hard technical problems? Paul Kocher founded the Cryptography Research Division at Rambus and leads the company as its president and chief scientist. Kocher has gained an international reputation for his research and innovative designs in cryptography. An active contributor to major conferences and leading security initiatives, Kocher has designed numerous cryptographic applications and protocols, which are successfully deployed in real world systems. He was elected to the National Academy of Engineering in 2009, and inducted into the National Cyber Security Hall of Fame in 2014. This talk was given at a TEDx event using the TED conference format but independently organized by a local community. Learn more at http://ted.com/tedx
Views: 469 TEDx Talks
Solving Private Set Intersection via Cuckoo Hashing: Benny Pinkas, Bar-Ilan University, Israel
 
59:51
Private set intersection (PSI) allows two parties to compute the intersection of their sets without revealing any information about items that are not in the intersection. There has been considerable research on designing custom secure protocols for computing PSI, due to the fact that PSI has many interesting applications and yet is not easily solvable by generic methods for secure multi-party computation (MPC). The drawback of these custom protocols is that they are tailored for solving the basic intersection problem and cannot be easily modified to computing other variants of it, which are often of great interest. Generic MPC protocols can be readily changed to compute arbitrary variants of the PSI problem, but are considerably less efficient. This talk will survey several custom PSI protocols. It will then describe how to apply generic MPC protocols to computing PSI while computing only a linear number of comparisons. The construction is based on a new variant of Cuckoo hashing. A major technical issue in the need for guaranteeing a failure probability that is much smaller than is often required for applications of hashing. Joint work with Thomas Schneider, Christian Weinert, Udi Wieder and Michael Zohner. This talk is suitable for researchers with an interest in security and algorithms, and requires a basic knowledge of cryptography. Biography Benny Pinkas is a member of the Department of Computer Science at Bar Ilan University, and deputy director of the BIU Center for Research in Applied Cryptography and Cyber Security. He has worked in the research labs of Intertrust Technologies, Hewlett-Packard, Google and VMware. His main research areas are cryptography, computer security and privacy, with a focus on secure computation. He received a starting grant from the ERC, as well as multiple other research grants.
Cryptography to overcome cloud security concerns
 
13:31
Cloud Computing: the Golden Age of Cryptography Janus Dam Nielsen—a Research and Innovation Scientist at the Center for IT Security at the Alexandra Institute—explained modern advances in cryptography as an enabler to overcome some of the existing cloud security concerns. As an example he spoke on secure multiparty computation which can be used to mitigate vulnerability risks in cloud providers' security setup.
Views: 303 Natalia Usenia
IOHK | Research Collaborations update. May 2018.
 
02:15
Prof Aggelos Kiayias is the Chair in Cyber Security and Privacy at the University of Edinburgh. His research interests are in computer security, information security, applied cryptography and foundations of cryptography with a particular emphasis in blockchain technologies and distributed systems, e-voting and secure multiparty protocols as well as privacy and identity management. He joins IOHK as chief scientist through a long-term consulting agreement between IOHK and the University of Edinburgh, UK, where he is based and continues to do research and teach courses in cyber security and cryptography. Prof Kiayias is also Professor in Residence (gratis) at the University of Connecticut, USA, and Associate Professor of Cryptography and Security (on leave) at the National and Kapodistrian University of Athens, Greece. Prof Kiayias’s cyber security research over the years has been funded by the Horizon 2020 programme (EU), the European Research Council (EU), the General Secretariat for Research and Technology (Greece), the National Science Foundation (USA), the Department of Homeland Security (USA), and the National Institute of Standards and Technology (USA). He has received an ERC Starting Grant, a Marie Curie fellowship, an NSF Career Award, and a Fulbright Fellowship. He holds a Ph.D. from the City University of New York and he is a graduate of the Department of Mathematics at the University of Athens. He has more than 100 publications in journals and conference proceedings in the area. He currently serves as the program chair of the Financial Cryptography and Data Security 2017 conference. -- See more at: https://iohk.io Get our latest news updates: https://iohk.io/blog/ Meet the team: https://iohk.io/team/ Learn about our projects: https://iohk.io/projects/ Visit our library: https://iohk.io/research/library/ In the press: https://iohk.io/press/ Work with us: https://iohk.io/careers/
Views: 1025 IOHK
Principles of Computer Security - George Danezis
 
01:14:01
Principles of Computer Security, by George Danezis The opening lecture of SecAppDev 2014 by George Danezis on the foundational principles of computer security. Computer security: do the right thing in the face of a well-resourced strategic adversary. George Danezis is a Reader in Security and Privacy Engineering at the Department of Computer Science of University College London. He has been working on anonymous communications, privacy enhancing technologies (PET), and traffic analysis since 2000. He has previously been a researcher for Microsoft Research, Cambridge; a visiting fellow at K.U.Leuven (Belgium); and a research associate at the University of Cambridge (UK), where he also completed his doctoral dissertation under the supervision of Prof. R.J. Anderson. His theoretical contributions to the PET field include the established information theoretic metric for anonymity and pioneering the study of statistical attacks against anonymity systems. On the practical side he is one of the lead designers of the anonymous mail system Mixminion, and has worked on the traffic analysis of deployed protocols such as Tor. His current research interests focus around smart grid privacy, peer-to-peer and social network security, as well as the application of machine learning techniques to security problems. He has published over 50 peer-reviewed scientific papers on these topics in international conferences and journals. He was the co-program chair of ACM Computer and Communications Security Conference in 2011 and 2012, IFCA Financial Cryptography and Data Security in 2011, the Privacy Enhancing Technologies Workshop in 2005 and 2006. He sits on the PET Symposium board and he regularly serves in program committees of leading conferences in the field of privacy and security.
Views: 3007 secappdev.org
DEF CON 23 - Crypto and Privacy Village - Craig Young - Smart Home Invasion
 
22:10
SMART HOME INVASION Craig Young @craigtweets BIO: Craig is a computer security researcher with Tripwire's Vulnerability and Exposures Research Team (VERT). He has identified and disclosed dozens of vulnerabilities in products from Google, Amazon, IBM, NETGEAR, Adobe, HP, and others. His research has resulted in numerous CVEs and recognition in the Google Application Security Hall of Fame. Craig won in track 0 and track 1 of the first ever SOHOpelessly Broken contest at DEF CON 22 by demonstrating 10 0-day flaws in SOHO wireless routers. ABSTRACT: Smart home technology has been a dream for many perhaps inspired by the likes of George Jetson. Unfortunately the technology is in its infancy still and the question remains as to whether vendors can demonstrate the ability to make our homes smarter without simultaneously introducing new risks to personal safety and privacy. In an effort to answer this question, Tripwire VERT conducted a security assessment of the three top-selling ‘Smart Home Hub' products available on Amazon. The research revealed 0-day flaws in each product allowing an attacker to control smart home functionality. This presentation will reveal some of the findings from this study including vulnerability discoveries. If not addressed, smart home flaws can give rise to a new type of ‘smart criminal' able to case victims without being seen. Once a target is chosen, it is possible to unlock doors and disable security monitoring. REASON: Each product I tested had 0-day flaws Two of the three products evaluated contained 0-day flaws allowing a remote attacker to gain root access with limited to no user-interaction required. I will be demonstrating a PoC which determines the local IP address and searches for the vulnerable device. The PoC described in #3 is still 0-day in official firmware, the latest RC firmware, and possibly in the latest beta firmware.
Views: 1762 DEFCONConference
CERIAS - 2016-01-27 - Big Data Security and Privacy
 
50:29
Abstract Technological advances and novel applications, such as sensors, cyber-physical systems, smart mobile devices, cloud systems, data analytics, and social networks, are making possible to capture, and to quickly process and analyze huge amounts of data from which to extract information critical for security-related tasks. In the area of cyber security, such tasks include user authentication, access control, anomaly detection, user monitoring, and protection from insider threat. By analyzing and integrating data collected on the Internet and Web one can identify connections and relationships among individuals that may in turn help with homeland protection. By collecting and mining data concerning user travels and disease outbreaks one can predict disease spreading across geographical areas. And those are just a few examples; there are certainly many other domains where data technologies can play a major role in enhancing security. The use of data for security tasks is however raising major privacy concerns. Collected data, even if anonymized by removing identifiers such as names or social security numbers, when linked with other data may lead to re-identify the individuals to which specific data items are related to. Also, as organizations, such as governmental agencies, often need to collaborate on security tasks, data sets are exchanged across different organizations, resulting in these data sets being available to many different parties. Apart from the use of data for analytics, security tasks such as authentication and access control may require detailed information about users. An example is multi-factor authentication that may require, in addition to a password or a certificate, user biometrics. Recently proposed continuous authentication techniques extend access control system. This information if misused or stolen can lead to privacy breaches. It would then seem that in order to achieve security we must give up privacy. However this may not be necessarily the case. Recent advances in cryptography are making possible to work on encrypted data – for example for performing analytics on encrypted data. However much more needs to be done as the specific data privacy techniques to use heavily depend on the specific use of data and the security tasks at hand. Also current techniques are not still able to meet the efficiency requirement for use with big data sets. In this talk we will discuss methods and techniques to make this reconciliation possible and identify research directions. About the Speaker Elisa Bertino is professor of computer science at Purdue University and serves as Research Director of the Center for Information and Research in Information Assurance and Security (CERIAS). She is also an adjunct professor of Computer Science & Info tech at RMIT. Prior to joining Purdue in 2004, she was a professor and department head at the Department of Computer Science and Communication of the University of Milan. She has been a visiting researcher at the IBM Research Laboratory (now Almaden) in San Jose, at the Microelectronics and Computer Technology Corporation, at Rutgers University, at Telcordia Technologies. Her recent research focuses on database security, digital identity management, policy systems, and security for web services. She is a Fellow of ACM and of IEEE. She received the IEEE Computer Society 2002 Technical Achievement Award and the IEEE Computer Society 2005 Kanai Award. She is currently serving as EiC of IEEE Transactions on Dependable and Secure Computing http://www.cerias.purdue.edu
Views: 1039 ceriaspurdue
Alma Whitten on 'Lessons from Googles Approach to Internet Security, Privacy and Encryption'
 
45:16
About the Speaker: Dr. Alma Whitten joined Google in 2003 and is currently Head of Googles Applied Security engineering team, and their engineering lead on privacy. Dr Whittens work at Google revolves primarily in the realm of security and protection of Googles log data. Alma was awarded a PhD and an M.S. in Computer Science from Carnegie Mellon University, and a B.S. in Computer Science from the University of Connecticut. Dr Whittens doctoral research focussed on creating a methodology for designing computer security that is manageable by ordinary computer users. As well as her presentation today, Dr Whitten has delivered several presentations in her capacity as Google privacy spokesperson. Topics of discussion have included: Are IP addresses personal?, and HTTPS security for web applications. Prior to todays IIEA event, Dr Whitten recently delivered a privacy presentation at the first ever Google Brussels Tech Talk for policy makers on January 28th of this year. The title of that presentation was An engineers vision for Internet Privacy. About the Presentation: Policy makers across the digital spectrum are increasingly beginning to discuss the concept of privacy by design. Privacy by design seeks to address the pertinent question of whether privacy represents an impediment to innovation in technology, or is innovation in technology the means for users to protect their privacy online? Dr. Whitten, in todays presentation to the IIEA, discussed some of these issues. Conscious of their important role as information custodian and data steward, Dr Whitten emphasised how Google has always sought to make user control of their privacy preferences a cornerstone of Googles product development. Dr Whitten also outlined some of the key developments that have emerged from Googles 2009 Privacy Initiatives Program. Developments cited by Alma included: Googles Privacy Dashboard which offers a user-centralised view of data associated with their account; being able to control the ads users see with Google internet-based advertising; the Google Privacy Center; and also the Data Liberation Front. Central to the Data Liberation Front is a team of Google engineers whose goal is to make the user the full controller of any data they store in Google products.
Views: 30212 IIEA1
IOHK | Cardano whiteboard; Ouroboros, with Prof. Aggelos Kiayias, Chief Scientist
 
47:40
Developing Cardano is no small feat. There is no other project that has ever been built to these parameters, combining peer reviewed cryptographic research with an implementation in highly secure Haskell code. This is not the copy and paste code seen in so many other blockchains. Instead, Cardano was designed with input from a large global team including leading experts and professors in the fields of computer programming languages, network design and cryptography. We are extremely proud of Cardano, which required a months-long meticulous and painstaking development process by our talented engineers. Prof Aggelos Kiayias is the Chair in Cyber Security and Privacy at the University of Edinburgh. His research interests are in computer security, information security, applied cryptography and foundations of cryptography with a particular emphasis in blockchain technologies and distributed systems, e-voting and secure multiparty protocols as well as privacy and identity management. He joins IOHK as chief scientist through a long-term consulting agreement between IOHK and the University of Edinburgh, UK, where he is based and continues to do research and teach courses in cyber security and cryptography. Prof Kiayias is also Professor in Residence (gratis) at the University of Connecticut, USA, and Associate Professor of Cryptography and Security (on leave) at the National and Kapodistrian University of Athens, Greece. Prof Kiayias’s cyber security research over the years has been funded by the Horizon 2020 programme (EU), the European Research Council (EU), the General Secretariat for Research and Technology (Greece), the National Science Foundation (USA), the Department of Homeland Security (USA), and the National Institute of Standards and Technology (USA). He has received an ERC Starting Grant, a Marie Curie fellowship, an NSF Career Award, and a Fulbright Fellowship. He holds a Ph.D. from the City University of New York and he is a graduate of the Department of Mathematics at the University of Athens. He has more than 100 publications in journals and conference proceedings in the area. He currently serves as the program chair of the Financial Cryptography and Data Security 2017 conference. -- See more at: https://iohk.io Get our latest news updates: https://iohk.io/blog/ Meet the team: https://iohk.io/team/ Learn about our projects: https://iohk.io/projects/cardano/ Read our papers: http://iohk.link/paper-ouroboros Visit our library: https://iohk.io/research/library/ In the press: https://iohk.io/press/ Work with us: https://iohk.io/careers/ See more on Cardano: https://iohk.io/projects/cardano/ -- The Cardano PortfolioThe Cardano HubThe source for all things Cardanohttps://www.cardanohub.org/en/home/ Cardano Blockchain Explorer An open source block explorer for the Cardano project https://cardanoexplorer.com Cardano Documentation Full technical documentation of the project https://cardanodocs.com Cardano Roadmap Development path of the Cardano project https://cardanoroadmap.com Why Cardano The philosophy behind the project https://whycardano.com Daedalus Platform Open source platform https://daedaluswallet.io The Cardano Foundation Supervisory and educational body for the Cardano Protocol https://cardanofoundation.org Cardano Foundation YouTube All the latest videos & tutorials https://www.youtube.com/channel/UCbQ9... Cardano Foundation Follow the Foundation https://twitter.com/CardanoStiftung Cardano Slack Join the conversation https://cardano.herokuapp.com Cardano reddit Join the conversation https://www.reddit.com/r/cardano/ IOHK Development partner https://iohk.io IOHK blog Read about the latest technology advancements https://iohk.io/blog/ —
Views: 18037 IOHK
12 Jan 2015, Computing on Encrypted Data - Somewhat Homomorphic Encryption
 
52:37
Summary of Talk: By equipping everyday devices with sensors and connecting them to the Internet, the Internet of Things opens up many exciting new applications. At the same time, however, the vast amount of data that is being collected and offloaded to the cloud poses a significant privacy risk. In this talk, I give a high-level overview of some of the existing cryptographic tools for privacy-preserving computation. I then focus on somewhat and fully homomorphic encryption, a powerful cryptographic primitive that has generated significant interest in the research community in the last few years. Finally, I show some experimental results on applying somewhat homomorphic encryption to performing elementary statistical analysis as well as private information retrieval in the cloud. Author Bio: David Wu is currently a second-year PhD student at Stanford working with Dan Boneh on problems in applied cryptography. Currently, his research is focused on developing practical privacy-preserving protocols for the cloud. He is currently supported by an NSF Graduate Research fellowship.
AppSecUSA 2016 - Keynote - Matthew Green - Cryptography in the age of Heartbleed
 
44:25
Keynote - Cryptography in the age of Heartbleed The past decade has seen an unprecedented number of high-profile data breaches. To address this threat, businesses have begun to invest heavily in encryption technologies, both to protect data and to reduce liability in the event of a breach. However, the widespread deployment of encryption has placed a new burden on application developers, a burden that is made worse by the fact that many of our existing protocols and software libraries are themselves flawed. In this talk I will discuss the problems facing both cryptographers and application developers who implement cryptography. I will focus on where we stand with making cryptography easy to use; recent vulnerabilities in some of the protocols that power the secure web; and the challenging problem of securing cryptographic software against sophisticated nation-state attackers. Matthew Green Cryptographer & Assistant Professor Dr. Matthew Green, a respected cryptographer and security technologist, has over fifteen years of industry experience in computer security. Dr. Green is an Assistant Professor of Computer Science at the Johns Hopkins Information Security Institute. He specializes in applied cryptography, privacy-enhanced storage systems, and anonymous cryptocurrencies. Dr. Green led the team that developed the first anonymous cryptocurrencies, Zerocoin and Zerocash. His research team has exposed flaws in more than one third of SSL/TLS encrypted web sites as well as vulnerabilities in encryption technologies, including RSA BSafe, Exxon/Mobil Speedpass, EZpass, and automotive security systems. Dr. Green writes the Blog “A Few Thoughts on Cryptographic Engineering”. - Managed by the official OWASP Media Project https://www.owasp.org/index.php/OWASP_Media_Project
Views: 445 OWASP
CodeX Speaker Series | Using Cryptographic Techniques to Ensure Fair Randomness in Legal Processes
 
01:05:42
A recent Cornell Law Review article casts doubt on the notion that the assignment of judges to the three-judge panels in the federal courts of appeal is truly random. Using quantitative techniques, the article’s authors come to the surprising conclusion that “several of the circuit courts have panels that are non-random in ways that impact the ideological balance of panels.” Though a review of the study reveals a number of methodological flaws, we find the issue of randomness in the legal system worthy of further study. In this talk, we demonstrate that cryptographic protocols can yield effective methods for producing unbiased panel assignments, truly random tax audits, and verifiably random visa lottery results. We present the theory behind these protocols and sketch how the courts and other public institutions could apply them in practice. This talk is based on a joint work with Keith Winstein. Speaker: Henry Corrigan-Gibbs PhD Student in Computer Science, Stanford University Henry Corrigan-Gibbs is a fourth-year PhD student in computer science at Stanford, advised by Dan Boneh. Henry’s research focuses on applied cryptography and computer security and, in particular, his work uses cryptographic techniques to bring rigorous privacy properties to large-scale computer systems. Henry’s recent research projects include a system for anonymous messaging at million-user scale, a cryptographic hashing algorithm for secure password storage, and a scheme for protecting cryptographic secrets on devices with poor sources of randomness. For these research efforts, Henry and his co-authors have received the 2015 IEEE Security and Privacy Distinguished Paper Award and the 2016 Caspar Bowden Award for Outstanding Research in Privacy Enhancing Technologies. Henry has had a longstanding interest in the interaction of technology and society. Before coming to Stanford, Henry spent a year deploying health information systems for an NGO in rural Uganda. He also has conducted fieldwork on computer security challenges in Internet cafes in Ghana, worked on network infrastructure for a rural Internet service provider in Nepal, and studied the culture around online courses in India. Henry received a B.S. in computer science (with distinction) from Yale University in 2010, and he graduated from Berkeley High School in 2006. An NSF Graduate Research Fellowship and an NDSEG Fellowship have generously funded Henry’s research at Stanford.
Views: 163 stanfordlawschool
IOHK | Cardano Community Meetup in London: Ouroboros PoS Research - Prof. Aggelos Kiayias
 
01:43:05
In this video, Prof. Aggelos Kiayias presents Ouroboros PoS research, protocol design, stake pools incentives, and sidechains to the Cardano community in London at the Cardano meetup event. The Ouroboros protocol stands out as the first proof of stake algorithm that is provably secure, meaning that it offers security guarantees that are mathematically proven. This is essential for a protocol that is intended to be used in cryptocurrency, an infrastructure that must be relied on to carry billions of dollars worth of value. In addition to security, if blockchains are going to become infrastructure for new financial systems they must be able to comfortably handle millions of users. The key to scaling up is proof of stake, a far more energy efficient and cost effective algorithm, and as such this research represents a significant step forward in cryptography. Ouroboros also has the distinction of being implemented – the protocol will be an integral part of Cardano, a blockchain system currently in development. Prof Aggelos Kiayias is the Chair in Cyber Security and Privacy at the University of Edinburgh. His research interests are in computer security, information security, applied cryptography and foundations of cryptography with a particular emphasis in blockchain technologies and distributed systems, e-voting and secure multiparty protocols as well as privacy and identity management. He joins IOHK as chief scientist through a long-term consulting agreement between IOHK and the University of Edinburgh, UK, where he is based and continues to do research and teach courses in cyber security and cryptography. Prof Kiayias is also Professor in Residence (gratis) at the University of Connecticut, USA, and Associate Professor of Cryptography and Security (on leave) at the National and Kapodistrian University of Athens, Greece. Prof Kiayias’s cyber security research over the years has been funded by the Horizon 2020 programme (EU), the European Research Council (EU), the General Secretariat for Research and Technology (Greece), the National Science Foundation (USA), the Department of Homeland Security (USA), and the National Institute of Standards and Technology (USA). He has received an ERC Starting Grant, a Marie Curie fellowship, an NSF Career Award, and a Fulbright Fellowship. He holds a Ph.D. from the City University of New York and he is a graduate of the Department of Mathematics at the University of Athens. He has more than 100 publications in journals and conference proceedings in the area. https://iohk.io/team/aggelos-kiayias/ -- See more at: https://iohk.io Get our latest news updates: https://iohk.io/blog/ Meet the team: https://iohk.io/team/ Learn about our projects: https://iohk.io/projects/ Visit our library: https://iohk.io/research/library/ In the press: https://iohk.io/press/ Work with us: https://iohk.io/careers/
Views: 2262 IOHK
DEF CON 22 - Kenneth White and Matthew Green - The Open Crypto Audit Project
 
51:16
Slides here: https://defcon.org/images/defcon-22/dc-22-presentations/White-Green/DEFCON-22-Kenneth-White-and-Matthew-Green-The-Open-Crypto-Audit-Project-Updated.pdf The Open Crypto Audit Project Kenneth White CO-FOUNDER, OPEN CRYPTO AUDIT PROJECT Matthew Green RESEARCH PROFESSOR, JOHNS HOPKINS UNIVERSITY Join us for the story of the origins and history of the Open Crypto Audit Project (OCAP). OCAP is a community-driven global initiative which grew out of the first comprehensive public audit and cryptanalysis of the widely used encryption software TrueCrypt®. Our charter is to provide technical assistance to free and open source software projects in the public interest. We serve primarily as a coordinator for volunteers and as a funding mechanism for technical experts in security, software engineering, and cryptography. We conduct analysis and research on FOSS and other widely software, and provide highly specialized technical assistance, analysis and research on free and open source software. This talk will present how we audited TrueCrypt, detailing both the Phase I security assessment, and the Phase II cryptanalysis. Looking forward, in light of GotoFail and HeartBleed, we will discuss future plans for our next audit projects of other open source critical infrastructure. Kenneth White is a co-founder of the CBX Group, and formerly principal scientist and senior security R&D engineer at Social & Scientific Systems. His work focuses on cloud security, machine learning, and distributed database architecture. At SSS, White led the Biomedical Informatics team that designed and runs the operations center for the largest clinical trial network in the world, with research centers in over 100 countries. Together with Matthew Green, White co-founded the TrueCrypt audit project, a community-driven initiative to conduct the first comprehensive cryptanalysis and public security audit of the widely used TrueCrypt encryption software. White holds a MEd from Harvard and is a PhD candidate in neuroscience and cognitive science, with research focusing on expert systems, real-time classification and machine learning. He is a technical reviewer for the Software Engineering Institute, and publishes and speaks frequently on computational neuroscience, signal processing, and security engineering. Twitter: @kennwhite Matthew D. Green, PhD is a professor of computer science at Johns Hopkins University. He teaches applied cryptography and builds secure systems. Green trained under Susan Hohenberger and Avi Rubin, and his research includes techniques for privacy-enhanced information storage, anonymous payment systems, and bilinear map-based cryptography. Green formerly served as a senior research staff member at AT&T Labs. Together with Kenneth White, he co-founded the TrueCrypt audit project, a community-driven initiative to conduct the first comprehensive cryptanalysis and public security audit of the widely used TrueCrypt encryption software. He blogs at Cryptography Engineering, and talks about cryptography and privacy. Twitter: @matthew_d_green Web: https://opencryptoaudit.org/people
Views: 3393 DEFCONConference
Cryptography   Online Cyber Security Trainings
 
24:44
Subscribe our channel Like it Share it
Post Snowden Cryptography or Who Holds Your Keys? - Bart Preneel
 
01:30:35
Post-Snowden cryptography, by Bart Preneel. This lecture presents an overview of the Snowden revelations and the impact on our understanding of the security of our networks and systems. In particular, it discusses the known ways in which sophisticated attackers can bypass or undermine cryptography. We also speculate on how three-letter agencies could be breaking most encryption on the Internet. We relate this to the latest developments in cryptanalysis and discuss which cryptographic algorithms and implementations to select to stay protected. Learning objectives + Understand how sophisticated opponents can undermine cryptographic protection + Understand how to maximize your chances to resist sophisticated opponents using cryptographic techniques This lecture was delivered by Bart Preneel at SecAppDev 2014 in Leuven, Belgium. Professor Bart Preneel of KU Leuven heads the COSIC (COmputer Security and Industrial Cryptography) research group. His main research area is information security with a focus on cryptographic algorithms and protocols as well as their applications to both computer and network security, and mobile communications. He teaches cryptology, network security and coding theory at the KU Leuven and was visiting professor at the Ruhr Universitaet Bochum (Germany), the T.U.Graz (Austria), the University of Bergen (Norway), and the Universiteit Gent (Belgium). In '93-'94 he was a research fellow at the University of California at Berkeley. He has taught intensive courses around the world. He undertakes industrial consulting (Mastercard International, S.W.I.F.T., Proton World International,...), and participates in the work of ISO/IEC JTC1/SC27/WG2. Professor Preneel is Vice President of the International Association for Cryptologic Research (IACR) and co-founder and chairman of LSEC vzw (Leuven Security Excellence Consortium).
Views: 1801 secappdev.org
Ep. 3 – Future of Cryptography & The Significance of the Enigma Machine | Ask the Professor
 
02:38
Where is crypto headed? What does this mean for Post-Quantum Cryptography, Privacy and Machine Learning? Prof. Nigel Smart discusses the future of crypto, and explains the difference between Homomorphic Encryption vs. Secure Multi-Party Computation vs. Blind Computation and why the breaking of the Enigma Machine brought the end of WWII much faster. In the 'Ask the Professor' video series, Professor Nigel Smart, a world-renowned expert in applied cryptography, Vice President of the International Association of Cryptologic Research and Professor of Cryptography in Department of Computer Science at the University of Bristol, answers the internet's' most interesting questions about cryptography. Based on questions from popular blogs, forums, and social media—this series is relevant for both beginners and advanced crypto enthusiasts alike. Brought to you by Dyadic Security (https://www.dyadicsec.com) world leader in software defined cryptography, has developed a unique technology that combines both the high usability of software with the strong security guarantees that were previously only available through dedicated hardware. This technology is based on decades of research by two of the world’s leading cryptographers who founded Dyadic Security in 2014 together with a team of applied crypto experts.
Views: 128 Unbound Tech
Professor Aggelos Kiayias - Chief Scientist - What is the future of cryptocurrencies?
 
03:03
Aggelos Kiayias is chair in Cyber Security and Privacy at the University of Edinburgh. His research interests are in computer security, information security, applied cryptography and foundations of cryptography with a particular emphasis in blockchain technologies and distributed systems, e-voting and secure multiparty protocols as well as privacy and identity management. His research has been funded by the Horizon 2020 programme (EU), the European Research Council (EU), the Secretariat of Research and Technology (Greece), the National Science Foundation (USA), the Department of Homeland Security (USA), and the National Institute of Standards and Technology (USA). He has received an ERC Starting Grant, a Marie Curie fellowship, an NSF Career Award, and a Fulbright Fellowship. He holds a Ph.D. from the City University of New York and he is a graduate of the Mathematics department of the University of Athens. He has over 100 publications in journals and conference proceedings in the area. He currently serves as the program chair of the Financial Cryptography and Data Security conference.
Views: 1217 IOHK
DEF CON 23 -  Jean Philippe Aumasson - Quantum Computers vs Computers Security
 
32:16
We've heard about hypothetical quantum computers breaking most of the public-key crypto in use—RSA, elliptic curves, etc.—and we've heard about "post-quantum" systems that resist quantum computers. We also heard about quantum computers' potential to solve other problems considerably faster than classical computers, such as discrete optimization, machine learning, or code verification problems. And we heard about a commercial quantum computer, and we heard vendors of quantum key distribution or quantum random number generators promise us security as solid as the laws of physics. Still, most of us are clueless regarding: How quantum computers work and why they could solve certain problems faster than classical computers? What are the actual facts and what is FUD, hype, or journalistic exaggeration? Could quantum computers help in defending classical computers and networks against intrusions? Is it worth spending money in post-quantum systems, quantum key distribution, or in purchasing or developing of a quantum computer? Will usable quantum computers be built in the foreseeable future? This talk gives honest answers to those questions, based on the latest research, on analyses of the researchers' and vendors' claims, and on a cost-benefit-risk analyses. We'll expose the fundamental principles of quantum computing in a way comprehensible by anyone, and we'll skip the technical details that require math and physics knowledge. Yet after this talk you'll best be able to assess the risk of quantum computers, to debunk misleading claims, and to ask the right questions. Speaker Bio: Jean-Philippe (JP) Aumasson is Principal Cryptographer at Kudelski Security, in Switzerland. He is known for designing the cryptographic functions BLAKE, BLAKE2, SipHash, and NORX. He has spoken at conferences such as Black Hat, RSA, and CCC, and initiated the Crypto Coding Standard and the Password Hashing Competition projects. He co-wrote the 2015 book "The Hash Function BLAKE". He is member of the technical advisory board of the Open Crypto Audit Project and of the Underhanded Crypto Contest. JP tweets as @veorq. Twitter: @veorq
Views: 4087 DEFCONConference
The Science of Internet Freedom - Cecylia Bocovich - University of Waterloo
 
01:01
Cecylia Bocovich is a PhD student at the University of Waterloo and a member of the Cryptography, Security, and Privacy Research Lab (CrySP). Her research focuses on many different aspects of censorship circumvention, with an emphasis on the implementation and real-world deployment of reliable and secure systems. She received a Masters of Mathematics in Computer Science from the University of Waterloo in 2014, during which she developed software engineering techniques to simplify the composition of large, feature-oriented systems.
Views: 1895 NSERCTube
Personal VPN Services for Security Overview
 
25:34
Info Level: Beginner Presenter: Eli the Computer Guy Date Created: June 13, 2013 Length of Class: 25:35 Research Assistance: Tracks Security / Data Integrity Prerequisites None Purpose of Class This class teaches students why Personal VPN Services are important, and what to think about when buying them. Class Notes VPN's have been used in corporations for 15 years, but regular people using VPN services is relatively new. Concept -- Personal VPN's allow you to encrypt your data from being sent from your computer to a VPN Server. This prevents hackers from stealing you information when you access the Internet from a public Wifi. Types of Encryption used in VPN's PPTP - Vulnerable IPSec - Enterprise SSL -- Ease of use and theoretically "clientless" When Purchasing VPN Services think about Cost -- Are you paying PER device or for an account for all devices you own? Which Devices Can use the Service Reliability of service and bandwidth that the service can actually provide Security? If I was a CIA Mastermind or Organized Crime Lord I'd invest a few million to setup "free" VPN services and then mine every bit of traffic that went through them. Provides Tunnelbear OkayFreedom Corrections Lab Setup Used in Demonstration N/A Study Guide N/A Resources https://www.tunnelbear.com/ https://www.okayfreedom.com/ http://openvpn.net/index.php/open-source/339-why-ssl-vpn.html https://en.wikipedia.org/wiki/Virtual_private_network
Views: 90082 Eli the Computer Guy
The Cryptographers' Panel
 
47:13
Moderator: Paul Kocher, President and Chief Scientist, Cryptography Research division of Rambus Panelists: Ron Rivest - MIT Institue Professor, MIT Adi Shamir - Professor, Computer Science Department, Weizmann Institute of Science, Israel Whitfield Diffie - Cryptographer & Security Expert, Cryptomathic Moxie Marlinspike - Chief Technology Officer, Whisper Systems Martin Hellman - Professor Emeritus of Electrical Engineering, Stanford University Join the founders and leaders of the field for an engaging discussion about the latest advances and revelations in cryptography, including research areas to watch in 2016 and insights drawn from lessons learned over the last three decades. https://www.rsaconference.com/events/us16/agenda/sessions/2720/the-cryptographers-panel
Views: 15390 RSA Conference
[DS15] The German Data Privacy Laws and IT Security   - Stefan Schumacher
 
45:52
Hesse introduced the first data privacy law in the world in 1970. Since then, the German data privacy laws evolved over time and led to the creations of several tools and methods to protect private data. Though it is aimed at data protection it can be utilized for IT security. This talk introduces the data privacy law and it's main ideas. I will also show how it can be used to further IT security especially in the SME sector. This mostly refers to the identification and description of processes that work with data and therefore have to be protected. Stefan Schumacher is the president of the Magdeburg Institute for Security Research and editor of the Magdeburg Journal for Security Research in Magdeburg/Germany. He started his hacking career before the fall of the Berlin Wall, on a small East German computer with 1.75 MHz and a Datasette drive. Ever since he liked to explore technical and social systems, with a focus on security and how to exploit them. He was a NetBSD developer for some years and involved in several other Open Source projects and events. He studied Educational Science and Psychology, has done a lot of unique research about the Psychology of Security with a focus on Social Engineering, User Training and Didactics of Security/Cryptography. Currently he's leading the research project Psychology of Security,focusing on fundamental qualitative and quantitative research about the perception and construction of security. He presents the research results regularly at international conferences like AusCert Australia, Chaos Communication Congress, Chaos Communciation Camp, DeepSec Vienna, DeepIntel Salzburg, Positive Hack Days Moscow or LinuxDays Luxembourg and in security related journals and books.