[Cryptography] Fwd: [EE CS Colloq] * 4:15PM, Wed May 13, 2015 in Gates B01
Bill Frantz
frantz at pwpconsult.com
Mon May 11 02:52:09 EDT 2015
People on this list may be interested in this lecture. If you
are not able to be there in person, it will be webcast in real
time and uploaded to utube about 24 hours later. See the web
site for details.
Cheers - Bill
====== Forwarded Message ======
Date: 5/9/15 6:19 AM
Received: 5/9/15 9:19 AM -0400
From: allison at stanford.edu (Dennis Allison)
To: frantz at pwpconsult.com
Stanford EE Computer Systems Colloquium
4:15PM, Wednesday, May 13, 2015
HP Auditorium, Gates Computer Science Building Room B1
Stanford University
http://ee380.stanford.edu[1]
Topic:
How not to generate random numbers
Speaker: Nadia Heninger
University of Pennsylvania
About the talk:
Randomness is essential to cryptography: cryptographic security
depends on private keys that are unpredictable to an attacker.
But how good are the random number generators that are actually
used in practice? In this talk, I will discuss several
large-scale surveys of cryptographic deployments, including TLS,
SSH, Bitcoin, and secure smart cards, and show that random number
generation flaws are surprisingly widespread. We will see how
many of the most commonly used public key encryption and
signature schemes can fail catastrophically if used with faulty
random number generators, and trace many of the the random number
generation flaws we encountered to specific implementations and
vulnerable implementation patterns.
Slides:
No slides are available at this time.
Videos:
Join the live presentation.[2] Wednesday May 13, 4:15-5:30. Â Requires
Microsoft Windows Media player.
View video by lecture sequence. [3] Spring 2015 series only,
HTML5. Available after 8PM on the days of the lecture.
View video on YouTube. Link available here approximately 48 hours
following the presentation.
About the speaker:
[speaker photo] Nadia Heninger is an assistant professor in the
Computer and Information Science department at the University of
Pennsylvania. Her research focuses on security, applied
cryptography, and algorithms. She is best known for her work
identifying widespread entropy problems in cryptographic keys on
the Internet (2012 Usenix Security best paper award), and
developing the "cold boot" attack against disk encryption systems
(2008 Usenix Security best student paper award). Previously, she
was an NSF Mathematical Sciences Postdoctoral Fellow at UC San
Diego and a visiting researcher at Microsoft Research New
England. She received her Ph.D. in computer science in 2011 from
Princeton and a B.S. in electrical engineering and computer
science in 2004 from UC Berkeley.
Contact information:
Nadia Heninger
Computer and Information Science
University of Pennsylvania
Embedded Links:
[ 1 ] http://ee380.stanford.edu
[ 2 ] http://coursematerials.stanford.edu/live/ee380.asx
[ 3 ] https://mvideos.stanford.edu/graduate#/SeminarDetail/Spring/2015/EE/380
ABOUT THE COLLOQUIUM:
See the Colloquium website, http://ee380.stanford.edu, for scheduled
speakers, FAQ, and additional information. Stanford and SCPD students
can enroll in EE380 for one unit of credit. Anyone is welcome
to attend;
talks are webcast live and archived for on-demand viewing over
the web.
MAILING LIST INFORMATION:
This announcement is sent to multiple mailing lists. If you are signed
up on our private EE380 list you can remove yourself using the widget
at the upper left hand corner of the Colloquium web page. Other lists
have other management protocols.
====== End Forwarded Message ======
-----------------------------------------------------------------------
Bill Frantz | gets() remains as a monument | Periwinkle
(408)356-8506 | to C's continuing support of | 16345
Englewood Ave
www.pwpconsult.com | buffer overruns. | Los Gatos,
CA 95032
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150510/82eaddf1/attachment.html>
More information about the cryptography
mailing list