All Things Crypto

Join us for a night of crypto discussions with some of the best security and cryptography engineers in the industry.

For this meetup we are inviting people from academia and industry to talk about the interesting cryptographic algorithms or protocols they are working on. From hyperelliptic curves, lattice-based cryptography, new block chain modes, fully homomorphic cryptography, memory-hard hashing algorithms, to more obscure and promising ideas, this is the place to geek out.

There will be a networking welcome followed by three short talks from industry experts. These talks are intended to bring the main concepts and advantages of new crypto to an audience familiar with the more mainstream cryptographic primitives. It aims to be informative and thought provoking, practical examples are encouraged. And of course, pizza, beer and networking!

Speakers and topics

1st Speaker, Trevor Perrin

Trevor Perrin is an independent consultant who designs and reviews cryptographic systems.

Discussion Topic

There's been a recent surge of interest in end-to-end security for applications like chat, text messaging, and email. Besides deployment of existing protocols like OTR, PGP, and S/MIME, a number of projects are working on "next-generation" protocols to improve useability and security, protect new forms of communication (e.g. text messages or
group chat), and achieve more ambitious security notions (e.g. unobservability of communications, transcript consistency).

I'll discuss a few such protocol designs, focusing on TextSecure and Pond as examples. These protocols demonstrate several mechanisms gaining favor with protocol designers, such as forward-secrecy "ratcheting", ECDH key agreements, simple trust models (e.g. key fingerprints and key continuity), and using anonymity networks for unobservable communications.

2nd Speaker, Michael Hamburg

Michael is a cryptographer and software engineer. He did a PhD under Dan Boneh, and is working an Cryptography Research.

Discussion Topic

Elliptic curves have been the “next big thing” in cryptography for many years now, but they turn out to be very tricky to implement securely. Montgomery curves and Edwards curves give faster and simpler implementations. Dan Bernstein’s Curve25519 and Ed25519 have caught on. Now there is now interest in a stronger curve, without sacrificing too much of this speed or simplicity. I’ll discuss some alternatives in this space, in particular the curve “Ed448-Goldilocks."

3rd Speaker, Brian Warner

Brian is a security engineer with the Mozilla Cloud Services group, working on Firefox Sync and Firefox Accounts. Before Mozilla, he created the Buildbot continuous integration system, co-founded the Tahoe-LAFS secure distributed filesystem, and created Foolscap, Petmail,
and EGD. He mostly works in Python and, these days, Javascript.

Discussion Topic

Firefox Sync is a feature that securely copies bookmarks, saved passwords, open tabs, and other data between all of your Firefox browsers. The setup process has changed in Firefox 29 (released 29-Apr-2014) to use the new "Firefox Accounts" system. This talk will describe the cryptography used by the old and new systems, how it protects your data against everyone (even the Mozilla servers that host the ciphertext), and why we changed the setup process from "pairing" to a traditional email+password protocol.