Export or edit this event...

OWASP: Crypto 101 - Part 1

New Relic
111 SW 5th Avenue, Suite 500
Portland, OR 97204, USA (map)

Access Notes

We will be on the 5th floor - the elevators will be unlocked and you should be able to take the elevator directly to the 5th floor.

New Relic will provide Pizza and beverages. Thank you New Relic!



The media keeps talking about this Cryptography thing. Information Security teams pressure internal operations and development, as well as, vendors to support encrypted data and transport.How can we responsibly implement cryptography in our projects?

In the first of a 2-part series, we will discuss major types of encryption, including symmetric, asymmetric and hashing. We will cover the simple principles behind symmetric encryption, then lightly touch modern asymmetric functions, without the math! We will also cover certificate usage.

After our talk, you will understand the difference between AES, RSA and SHA. You will also understand how the web uses encryption and certificates to keep our transactions secure.

The second part of the series presented by Tim Morgan, will focus on, SSL/TLS's PKI, certificate validation, how basic crypto goes wrong (lacking integrity protection, padding oracle attacks, weak password hashes, etc), and explore what safe cryptographic libraries are out there and how to use them.

SPEAKER: Brian Ventura

Brian is a SANS Instructor and works locally for the City of Portland as an Information Security Architect. Brian co-teaches a PCC course this fall, focused on preparing for the CISSP certification.