Colloquia — Summer 2018

Friday, May 18, 2018

Title: How cryptographic security fails in the real world
Speaker: Nadia Heninger, University of Pennsylvania
Time: 3:00pm‐4:00pm
Place: CMC 118

Sponsor: Jean-François Biasse


Cryptography is a cornerstone of modern computer security. After several decades of academic and scientific development, we have a good understanding of how to design provably secure schemes. However, there is a significant gap between our theoretical understanding and the reality present in deployed systems today. In this talk, I will show how algorithmic insights and an Internet-scale view of cryptographic protocols have allowed us to discover several catastrophic security failures in practice. These include the discovery of malfunctioning random number generators, dangerous use of hard-coded parameters that had been widely believed to be harmless, and multiple compromises of deliberately weakened cryptography.