Bitcoins posted April 2014
I just gave a talk about bitcoins at my uni, here are the slides
comment on this storyHey! I'm David, the author of the Real-World Cryptography book. I'm a crypto engineer at O(1) Labs on the Mina cryptocurrency, previously I was the security lead for Diem (formerly Libra) at Novi (Facebook), and a security consultant for the Cryptography Services of NCC Group. This is my blog about cryptography and security and other related topics that I find interesting.
Quick access to articles on this page:
more on the next page...
I just gave a talk about bitcoins at my uni, here are the slides
comment on this storyThe editor I'm using the most is Sublime Text 3. It's just super easy to use and super useful when you combine it with the right plugins and snippets.
But I love switching editors. I've used Frontpage, Dreamweaver, PHP Designer, Netbeans, Notepad++... and others I can't remember. I've recently tried the beta of Light Table and Brackets (that is truly amazing!), and I am eagerly waiting for Atom the open source IDE of github.
I also love spending time with Emacs. It's hard to master but I dig the "you don't need a mouse" aspect. One thing I found really annoying though is that most software use Vim by default. Wanting to master emacs, I didn't want to spend time learning Vim as well and I started tweaking the settings so that software X would use emacs by default. And that works well until... But then you run into some complications, for example I'm still trying to figure out how to do a git diff with emacs, or you run into a machine without emacs, and then it's either nano, which is shitty, or something else that is installed on the machine... and vim is (almost?) always installed by default.
So I decided to just learn Vim. And it was actually easier than it sounded and I feel like I'm going to avoid a lot of headaches now. Sometimes it's better to learn and adapt rather than try to use our own tools.
And if you're like me, you'll actually have a lot of fun learning vim :)
comment on this storyI run into a lot of great reads these days, so let me share one more with you,
Jean-Baptiste Quéru tries to explain how deep it goes when you just query google.com in your browser.
https://plus.google.com/+JeanBaptisteQueru/posts/dfydM2Cnepe
comment on this storygreat read!
Wife: You mean http like the beginning of what I type into the browser?
Ryan: Yeah. That first part tells the browser what protocol to use. That stuff you type in there is one of the most important breakthroughs in the history of computing.
http://www.looah.com/source/view/2284
comment on this storyI was very confused when I was introduced to signatures and macs because I thought they were just Hashes. I got to understand what it was and... it's actually super simple.
Here's a great explanation on the crypto stackexchange but here's mine:
hash = Hash(message)
. A hash is pretty small (for example a md5 hash is 32 characters) so it's no trouble.
My friend then receives the message and the hash, he can Hash(message)
it and see if it gives him the same hash. If it doesn't then he knows that the message was changed and he can ask me for a new copy.You can also call that an unkeyed hash, simply because it doesn't use a key. You just apply the algorithm to the message, no other arguments are given to the hash function.
Hash = HMAC(key, message)
. My friend can now hash it with the same key when he receives the message and see that we have the same hash.We just used a (symmetric) keyed hash or a HMAC (Hash-based message authentication code). Note that we could have used a MAC based on a Cipher as well (CMAC).
Hash = Sign(secret_key, message)
. People can then verifiy that Hash with the public key. Voila ! We just used a Signature or how I like to call them a asymmetric keyed hash. It allows for integrity of data, thanks to the hash, authentification of the authors, thanks to the secret key (this is a MAC), non-repudiation thanks to the public key (and now we have a signature).So if you got it right, Hash < Mac < Signature. They're all useful and you should use the one relevant according to the context.
I'll just copypasta the table on the stackoverflow answer, because it's a real nice summary:
Cryptographic primitive | Hash | MAC | Digital Security Goal | | | signature ------------------------+------+-----------+------------- Integrity | Yes | Yes | Yes Authentication | No | Yes | Yes Non-repudiation | No | No | Yes ------------------------+------+-----------+------------- Kind of keys | none | symmetric | asymmetric | | keys | keyscomment on this story
A video I found about Elliptic Curve Cryptography that talks about the Discreet Logarithm Problem and the Diffie-Hellman Handshake with ECCs. Class is in english, with bits of german and even some french :)
Such a nice lecture, Christof Paar makes me think of a younger Gilbert Strang, seems to be a great professor. I was captivated until the end and I started liking ECCs again :)
comment on this storyA teacher from my uni (and who was teaching Programming last semester) is organizing a Hacking Week next week. Signs up are still possible there : http://hackingweek.fr/contestant/list/
It should be a Capture The Flag kind of contest. It should be interesting, although I'm going to ski with some friends so I won't be able to be really into it...
comment on this storyI have to code a whitebox using DES encryption in a class. Which is pretty cool (I would have prefered doing it with AES but the other group got tails and we got heads).
Here is where the Stanford course I passed on Coursera shines. The explanation of DES on it is brilliant. I was wondering about the initial and final permutations that occurs in the algorithm though and Dan Boneh doesn't really talk about it besides saying it's not for cryptographic purposes.
I found a solution on a new sub-stackoverflow dedicated to Cryptography : http://crypto.stackexchange.com/questions/3/what-are-the-benefits-of-the-two-permutation-tables-in-des
5 commentsMy book Real-World Cryptography is finished and shipping! You can purchase it here.
If you don't know where to start, you might want to check these popular articles:
Here are the latest links posted:
You can also suggest a link.