Stanford Seminar - Bugs in Crypto Implementations

Whether it’s by email, text, or social media platform, the average person will send over 60 messages per day—that's 22,000 messages per year. With billions of messages sent around the world each day, how can you be sure that your messages are safe and secure?

Join professor Dan Boneh, one of the world’s leading experts of applied cryptography and network security, in this breakdown of vulnerabilities in WEP and iMessage.

This presentation is brought to you by the Stanford Computer Forum and the Stanford Advanced Computer Security Program. If you would like information on how to join the forum and attend the next meeting, see our website: http://forum.stanford.edu/about/howto....

0:00 Introduction
0:43 A basic question
1:12 Answer: authenticated encryption
2:02 Constructions Generic composition encrypt-then-MAC key = (kana kmal)
3:55 Nonces and associated data
5:24 Many more desirable properties
7:07 Lots of viable constructions
8:06 Implementation mistakes
8:26 Example 1: Apple RNCryptor.v1 [2013]
10:42 Why is this a problem?
13:02 Example 2: checksum-MAC (abstract WEP)
15:42 The chopchop attack (abstractly)
18:13 Signcryption: AE in the pub-key settings [O-RTT mutual authenticated key exchange, for messages] Sender
21:54 A beautiful mistake: iMessage (simplified)
24:21 The problem
27:17 Lessons
28:20 Shameless plug ...