How Cryptography Fails in Practice

Cryptography is a cornerstone of modern computer security. After
several decades of academic and scientific development, we have a good
understanding of how to design provably secure schemes. However, there
is a significant gap between our theoretical understanding and the
reality present in deployed systems today.

In this talk, I will show how algorithmic insights and massive
quantities of real-world data on the most widely used public-key
cryptography have led to the discovery of catastrophic cryptographic
failures in practice. In the case of the Diffie-Hellman key exchange,
a surprising number of servers on the Internet use standardized or
hard-coded parameters that turn out to be much less secure than
commonly believed, bringing the cost of large-scale attacks within the
range of feasibility today. In the case of RSA, efficient algorithms
to compute pairwise greatest common divisors and factor with partial
knowledge led to the discovery of widespread random number generation
problems in headless and embedded devices such as routers and smart
cards.
Nadia Heninger is an assistant professor in the Computer and
Information Science department at the University of Pennsylvania. Her
research focuses on security, applied cryptography, and algorithms.
Previously, she was an NSF Mathematical Sciences Postdoctoral Fellow
at UC San Diego and a visiting researcher at Microsoft Research New
England. She received her Ph.D. in computer science in 2011 from
Princeton and a B.S. in electrical engineering and computer science in
2004 from UC Berkeley.