Real World Crypto: debriefing posted January 2016

There is no day 4, this is over... And I've got a ton to work on/read about/catch up with.

But first! I'm spending the week end in San Francisco before flying to Austin, if anyone wants to hang out in SF feel free to contact me on twitter =)

(and if you work for Dropbox, feel free to invite me to eat at your one michelin star cafetaria)

Take-home message

• Tor's security seems a bit shaky to me
• QUIC crypto will die. Just look at tls 1.3
• TLS 1.3 is still a clusterfuck
• Lots of stuff to break in SSE and PPE
• Intel is doing something really cool with SGX
• The Juniper paper is going to be a big deal
• The BREACH improvement is going to be a big deal

Papers to read

First, a bunch of slides are already available through the real world crypto webpage. And I've been taking notes every day: day1, day2, day3.

Now here's my to read list from the important talks:

• Anything about SGX
• Inference Attacks on Property-Preserving Encrypted Databases
• On the Security of TLS 1.3 and QUIC Against Weaknesses in PKCS#1 v1.5 Encryption
• SLOTH or Transcript Collision Attacks: Breaking Authentication in TLS, IKE, and SSH
• Argon2: the memory-hard function for password hashing and other applications
• Guidelines for Using the CryptDB System Securely
• TLS 1.3 draft 11
• TLS mailing list

And bonus, here are some paper that have nothing to do with RWC but that I still want to read right now:

• Failures in NIST’s ECC standards
• The Uneasy Relationship Between Mathematics and Cryptography
• Another Look at “Provable Security”
• ANOTHER LOOK AT “PROVABLE SECURITY”. II

Next conventions to attend

I actually have no idea about that. You?