[Rodney Thayer] gave a 2 hour seminar on cryptographic technology. It was designed to give the audience a working knowledge for dealing with vendors. He gave some rules of thumb for choosing encryption. In order of preference, when doing symmetric key crypto: use AES with a minimum 128bit key, if not that 3-key Triple-DES, or last RC4 with 128bit key. For hashing: SHA 256 preferred, SHA 1 if you can’t do any better, and MD5 if you can’t SHA. For public key: RSA using at least a 2048bit key. The top choices in these lists were picked because they’ve stood up to years of scrutiny. One major theme of talk was to never roll your own crypto algorithm or buy someone elses. Proprietary algorithms get broken all the time, like the GSM A5 crypto we talked about earlier this year.
3 thoughts on “ToorCon 9: Crypto Boot Camp”
Leave a Reply
Please be kind and respectful to help make the comments section excellent. (Comment Policy)
What about ECC ? ECC384 or larger, is stronger than 3DES and RSA1024, and is now getting old enough to be trustworthy….
So is there a video of the presentation, or any more information at all?
hello i am a boy in iran i love hack the id