455cb556438cdb82ab3b627abc84dad0
by Charlotte

I'm a software developer who's worked mostly on packet-processing network appliances. C is my desert island language, but I also enjoy python, go, and writing awkward autobiography blurbs.

No video of the event yet, sorry!

SSL/TLS is the de facto cryptographic protocol for the web and has a long history. Nevertheless, every few months someone releases highly publicized vulnerabilities around it. TLS also has political and privacy implications, as evidenced by the level of NSA involvement and tampering. But the protocol itself can still be daunting if you're first learning it. So this presentation will cover some basics of SSL/TLS.

Hopefully you'll learn: What's this TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 cipher suite? Wait, what is a cipher suite? What's the deal with perfect-forward secrecy (PFS)? What's the difference between RSA and DSA? Or between CBC and GCM? And why are there so many acronyms?!

The goal is to cover not only on "what is this?" but also "why do you care?". So we'll range from the math (at a high-level) to the packet traces to some source code (golang's implementation).

Date:
2016 November 12 14:00
Duration:
1 h
Room:
Room 3178
Conference:
Seattle GNU/Linux Conference 2016
Difficulty:
Easy