Matthew Green
Friday, April 14, 2017 at 12:30 PM in 373 Soda Hall
Title: Applied Kleptography
Abstract: In 1996, Adam Young and Moti Yung coined the term "kleptography" to refer to the deliberate subversion of a cryptographic system by its designers. While kleptographic techniques were once a matter of theoretical interest, recent events have uncovered several real-world examples of possible kleptographic subversion in commercial cryptographic products. In this talk I will discuss these examples of sabotage. In particular, I will focus on the specific problem of subverting pseudorandom number generators (PRNGs), and show how induced vulnerabilities can lead to the total failure of cryptographic security protocols. Finally, I will discuss mitigations designed to detect and reduce the severity of these attacks.
Bio: Matthew Green is a cryptographer and security technologist; he is an Assistant Professor of Computer Science at the Johns Hopkins Information Security Institute. He specializes in applied cryptography, privacy-enhanced information storage systems, anonymous cryptocurrencies, elliptic curve crypto-systems, and satellite television piracy. He is a member of the teams that developed the Zerocoin anonymous cryptocurrency and Zerocash. He has been involved in the groups that exposed vulnerabilities in RSA BSAFE, Speedpass, E-ZPass, and OpenSSL.