BEGIN:VCALENDAR VERSION:2.0 PRODID:-//Talks.cam//talks.cam.ac.uk// X-WR-CALNAME:Talks.cam BEGIN:VEVENT SUMMARY:Cryptography at PwC - Holly Rostill and Matt Wixey\, PwC DTSTART:20180206T160000Z DTEND:20180206T170000Z UID:TALK98329@talks.cam.ac.uk CONTACT:CCA DESCRIPTION:*Part 1: Can we trust Elliptic Curve Cryptography?*\n\nEllipti c curves give us the most efficient form of public key cryptography by off ering equivalent security with a much smaller key size. However\, the conc ept of a secure curve has not been universally defined and since the Snowd en revelations of 2014 there is some scepticism around the security of ell iptic curve cryptography. \n\nSecurity for elliptic curve cryptography can be considered to be broader than the difficulty of the discrete logarithm problem - it can also include the implementation of the curve and how the curve is generated. \n\nWe will discuss how to define a secure curve and some examples of when this has failed. We will also touch on the role tha t standards play in helping society to be able to trust elliptic curves. T o illustrate these points we will use real life examples such as the backd oor in the DUAL EC DRBG algorithm and the Secp256k1 curve used in Bitcoin. \n\n*Part 2: The sandman: How timelock puzzles can be used for evil*\n\nOn e of the things malware writers often seek to do is to delay the execution of their malware for a certain amount of time. This is predominantly a de tection evasion measure\, to ‘wait out’ analysis by automated sandboxe s and antivirus software\, but is also sometimes used as a ‘time bomb’ approach\, so that the malware only begins to perform malicious actions o nce a certain amount of time has passed.\n\nHistorically\, malware writers have used a number of techniques to do this. The vast majority of these a re known and publicly documented\, meaning that in many cases\, sandboxes and antivirus software will detect and circumvent these techniques. One po ssible method\, which to date has been largely unexplored\, is the use of timelock puzzles.\n\nTimelock puzzles are cryptographic mechanisms for del aying the decryption of data. Historically\, they have been suggested as a kind of 'digital time capsule'\, and proposed for various uses - usually benign - including key escrow\, sealed auction bids\, the release of confi dential information\, and DDoS mitigation (via proof-of-work schemes\, sim ilar to those used in popular cryptocurrencies). \n\nIn this talk\, I demo nstrate multiple ways that different types of timelock puzzle could be use d offensively. I build on research I presented at last year's CRESTCon\, w here I proposed and demonstrated a novel method for delayed execution in o rder to bypass sandboxes and antivirus\, using a modified version of Bitco in's proof-of-work algorithm. I will cover simple methods using publicly a vailable information\, through to time sources\, repeated squaring\, chain ed puzzles\, and client-server methods.\n\nFor each method\, I'll show a s imple proof-of-concept and discuss how feasible it would be for attackers to implement in malware. I'll also specifically cover methods for detectio n and investigation for each technique.\n LOCATION:MR4 END:VEVENT END:VCALENDAR