Last Thursday I gave a talk (in German) in our local
Chaostreff in Heidelberg — the
NoName e.V. The main topic was to introduce
the various cryptographic algorithms used in modern cryptography and to
give practical advice how to improve the default configuration even
further. The talk mainly focuses on openssl
ciphers and TLS
connections as well as the settings applicable to the openssh
server
and client applications.
As usual you can find the slides attached below. Furthermore thanks to the camera, which NoName e.V. bought some time ago, there is a recording of the talk available on youtube.
Corrections
In my talk I got the purpose of MAC codes a little confused. I argue that a MAC is required in order to prevent a plaintext recovery attack by using forged ciphertext. That is not quite true, however. The main purpose is simply to provide integrity for the connection. A good discussion why it is nevertheless a good idea to use Encrypt-then-MAC can be found on StackExchange Cryptography.
Link |
---|
[c¼h] Vortrag: Härtere Crypto für unsere Services |