{"guid":"11dca000-b5f0-5ff3-96c0-d5f7c65569c8","title":"Cryptography is easy, but no magic. Use it. Wisely.","subtitle":null,"slug":"mch2022-231-0-cryptography-is-easy-but-no-magic-use-it-wisely-","link":"https://program.mch2022.org/mch2022/talk/S7GEZF/","description":"Using cryptography can give you easy assurances, keep data confidential and keep prying eyes from stuff where they should not be.\n\nHowever it's not magic.\nThis talk is intended for programmers, users and software designers.\n\nThis talk is about hardcore mathematics while you should not have to understand what the mathematics are but what they do.\n\nWhat does cryptography do: encrypt, decrypt, sign and verify.\nHow are certificates used in cryptogaphy and why are they totally not a magical thing.\n\nIt covers what cool hardware is available, open design and open source, hardware tokens and how to use TPM for cool features.\n\nAnd last but not least: it contains best practices and warnings. After this talk you might be able to see what's snakeoil and what is real.\n\n== NFT's are a scam. If you are into crypto-bullshit please stay away. ==\n\nCryptography seems like magic anytime you at first look at it.\nIn the past years I have been helping a lot of projects and customers with my more-than-basic knowledge about applied cryptography.\n\nI'll talk about:\n* What is cryptography (basic math)\n  - encryption\n  - decryption\n  - digital signatures\n  - digital signature verification\n* What can it do for you?\n  - Deliver security\n  - Deliver privacy\n  - Deliver dataloss\n* When to use encryption\n  - what cryptography do you want to build (hint: none)\n  - what cryptography do you want to use (a- or symetrical encryption).\n  - how do you do key management\n  - where to find the best practices\n* About hardware\n  - Provide security\n  - Provide speed\n  - HSM, TPM, processor and other acceleration\n* Standards\n  - The good, the bad, the ugly\n  - Old ones\n  - New ones\n  - Very special ones\n* Limitations and workarounds\n* Software\n  - How to avoid OpenSSL\n* This all in random() order. Random = 4","original_language":"eng","persons":["Lord BugBlue"],"view_count":513,"promoted":false,"date":"2022-07-26T14:00:00.000+02:00","release_date":"2022-07-26T00:00:00.000+02:00","updated_at":"2026-04-02T11:45:06.356+02:00","tags":["mch2022","231","2022","MCH2022 Curated content"],"length":1706,"duration":1706,"thumb_url":"https://static.media.ccc.de/media/events/MCH2022/231-11dca000-b5f0-5ff3-96c0-d5f7c65569c8.jpg","poster_url":"https://static.media.ccc.de/media/events/MCH2022/231-11dca000-b5f0-5ff3-96c0-d5f7c65569c8_preview.jpg","timeline_url":"https://static.media.ccc.de/media/events/MCH2022/231-11dca000-b5f0-5ff3-96c0-d5f7c65569c8.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/events/MCH2022/231-11dca000-b5f0-5ff3-96c0-d5f7c65569c8.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/mch2022-231-0-cryptography-is-easy-but-no-magic-use-it-wisely-","url":"https://api.media.ccc.de/public/events/11dca000-b5f0-5ff3-96c0-d5f7c65569c8","conference_title":"May Contain Hackers 2022","conference_url":"https://api.media.ccc.de/public/conferences/MCH2022","related":[],"recordings":[{"size":148,"length":1706,"mime_type":"video/webm","language":"eng","filename":"mch2022-231-eng-Cryptography_is_easy_but_no_magic_Use_it_Wisely_webm-hd.webm","state":"new","folder":"webm-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2022-07-27T16:12:08.475+02:00","recording_url":"https://cdn.media.ccc.de/events/MCH2022/webm-hd/mch2022-231-eng-Cryptography_is_easy_but_no_magic_Use_it_Wisely_webm-hd.webm","url":"https://api.media.ccc.de/public/recordings/60789","event_url":"https://api.media.ccc.de/public/events/11dca000-b5f0-5ff3-96c0-d5f7c65569c8","conference_url":"https://api.media.ccc.de/public/conferences/MCH2022"},{"size":66,"length":1706,"mime_type":"video/webm","language":"eng","filename":"mch2022-231-eng-Cryptography_is_easy_but_no_magic_Use_it_Wisely_webm-sd.webm","state":"new","folder":"webm-sd","high_quality":false,"width":720,"height":576,"updated_at":"2022-07-27T15:33:17.642+02:00","recording_url":"https://cdn.media.ccc.de/events/MCH2022/webm-sd/mch2022-231-eng-Cryptography_is_easy_but_no_magic_Use_it_Wisely_webm-sd.webm","url":"https://api.media.ccc.de/public/recordings/60785","event_url":"https://api.media.ccc.de/public/events/11dca000-b5f0-5ff3-96c0-d5f7c65569c8","conference_url":"https://api.media.ccc.de/public/conferences/MCH2022"},{"size":16,"length":1706,"mime_type":"audio/opus","language":"eng","filename":"mch2022-231-eng-Cryptography_is_easy_but_no_magic_Use_it_Wisely_opus.opus","state":"new","folder":"opus","high_quality":false,"width":0,"height":0,"updated_at":"2022-07-26T23:24:03.506+02:00","recording_url":"https://cdn.media.ccc.de/events/MCH2022/opus/mch2022-231-eng-Cryptography_is_easy_but_no_magic_Use_it_Wisely_opus.opus","url":"https://api.media.ccc.de/public/recordings/60715","event_url":"https://api.media.ccc.de/public/events/11dca000-b5f0-5ff3-96c0-d5f7c65569c8","conference_url":"https://api.media.ccc.de/public/conferences/MCH2022"},{"size":59,"length":1706,"mime_type":"video/mp4","language":"eng","filename":"mch2022-231-eng-Cryptography_is_easy_but_no_magic_Use_it_Wisely_sd.mp4","state":"new","folder":"h264-sd","high_quality":false,"width":720,"height":576,"updated_at":"2022-07-26T23:20:51.117+02:00","recording_url":"https://cdn.media.ccc.de/events/MCH2022/h264-sd/mch2022-231-eng-Cryptography_is_easy_but_no_magic_Use_it_Wisely_sd.mp4","url":"https://api.media.ccc.de/public/recordings/60712","event_url":"https://api.media.ccc.de/public/events/11dca000-b5f0-5ff3-96c0-d5f7c65569c8","conference_url":"https://api.media.ccc.de/public/conferences/MCH2022"},{"size":26,"length":1706,"mime_type":"audio/mpeg","language":"eng","filename":"mch2022-231-eng-Cryptography_is_easy_but_no_magic_Use_it_Wisely_mp3.mp3","state":"new","folder":"mp3","high_quality":false,"width":0,"height":0,"updated_at":"2022-07-26T23:19:04.133+02:00","recording_url":"https://cdn.media.ccc.de/events/MCH2022/mp3/mch2022-231-eng-Cryptography_is_easy_but_no_magic_Use_it_Wisely_mp3.mp3","url":"https://api.media.ccc.de/public/recordings/60710","event_url":"https://api.media.ccc.de/public/events/11dca000-b5f0-5ff3-96c0-d5f7c65569c8","conference_url":"https://api.media.ccc.de/public/conferences/MCH2022"},{"size":175,"length":1706,"mime_type":"video/mp4","language":"eng","filename":"mch2022-231-eng-Cryptography_is_easy_but_no_magic_Use_it_Wisely_hd.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2022-07-26T17:29:52.470+02:00","recording_url":"https://cdn.media.ccc.de/events/MCH2022/h264-hd/mch2022-231-eng-Cryptography_is_easy_but_no_magic_Use_it_Wisely_hd.mp4","url":"https://api.media.ccc.de/public/recordings/60581","event_url":"https://api.media.ccc.de/public/events/11dca000-b5f0-5ff3-96c0-d5f7c65569c8","conference_url":"https://api.media.ccc.de/public/conferences/MCH2022"}]}