Export to

• Google Calendar
• iCalendar file
• hCalendar markup
  <div class="vevent h-event"> <h1 class="summary p-name">OWASP Chapter Meeting</h1> <div class='date'><time class="dtstart dt-start" title="2013-07-02T18:30:00" datetime="2013-07-02T18:30:00">Tuesday, July 2, 2013 from 6:30</time>–<time class="dtend dt-end" title="2013-07-02T19:30:00" datetime="2013-07-02T19:30:00">7:30pm</time></div> <div class="location vcard p-location h-card"> <a class="url" href='http://calagator.org/venues/202390760'><span class='fn org p-name'>Portland State University Fourth Avenue Building (FAB)</span></a> <div class="adr p-adr h-adr"> <div class="street-address p-street-address">1900 SW 4th Ave.</div> <span class="locality p-locality">Portland</span> , <span class="region p-region">OR</span> <span class="postal-code p-postal-code">97201</span> <div class="country-name p-country-name">US</div> (<a href='https://maps.google.com/maps?q=1900%20SW%204th%20Ave.,%20Portland%20OR%2097201%20US'>map</a>) </div> </div> <div class="description p-description"> <p><i>Kevin P. Dyer presents:</i><br><br><b>P0wning DPI with Format-Transforming Encryption </b></p> <p>Deep packet inspection (DPI) technologies provide much-needed visibility and control of network traffic using port- independent protocol identification (PIPI), where a network flow is labeled with its application-layer protocol based on packet contents. In many cases PIPI can be used for good. As one example, it allows network administrators to elevate priority of time-sensitive (e.g., VoIP) data streams. In other cases PIPI can be used for harm, nation-states employ PIPI to block censorship circumvention tools such as Tor. There are many ways to perform PIPI, however, at the core of nearly all modern PIPI systems are regular expressions --- an expressive tool to compactly specify sets of strings.</p> <p>In this talk, Kevin reviews the state-of-the-art research on the capabilities of state-level DPI, then presents a novel cryptographic primitive called format-transforming encryption (FTE.) An FTE scheme, intuitively, extends conventional symmetric encryption with the ability to transform the ciphertext into a user-defined format using regular expressions. An FTE-based record layer will be presented that can encrypt arbitrary TCP traffic and coerce modern DPI systems into misclassifying any data stream as a target protocol (e.g., HTTP, SMB, RSTP, etc.) of the user's choosing. What's more, this work is not only theoretical in nature --- an open-source FTE prototype is publicly available and has had success in subverting modern DPI systems, including the Great Firewall of China.</p> <p>PSU is kindly providing coffee, tea, and cookies for us.</p> <hr><b>Kevin P. Dyer</b> is a PhD student at Portland State University. His research focuses on building protocols that are resistant to traffic-analysis attacks and discriminatory routing policies.. Previously, Kevin worked as a software engineer in telecommunications security, web security and network security. He holds an MSc in the Mathematics of Cryptography and Communications from Royal Holloway, University of London, and a BS in Computer Science and Mathematics from Santa Clara University. <hr> <p>The Open Web Application Security Project (OWASP) is a 501c3 not-for-profit worldwide charitable organization focused on improving the security of application software. To sign up for future meeting notes and to discuss security topics with local gurus, sign up on the OWASP Portland mailing list:</p> <pre><code> <a href="https://lists.owasp.org/mailman/listinfo/owasp-portland">https://lists.owasp.org/mailman/listinfo/owasp-portland</a> </code></pre> <p>Meetings are free and open to the public.</p> </div> <h3>Links</h3> <ul> <li><a class="url u-url" href="https://www.owasp.org/index.php/Portland">Website</a></li> </ul> </div>