Jose Cardona's Modern Cryptography Workshop | Functional Programming Insights 🔐
Explore a mathematics-focused, developer-friendly introduction to contemporary cryptography using functional programming principles in this comprehensive workshop proposal by Jose Cardona at λC 2018.
LambdaConf
22 views • Dec 20, 2018
About this video
This workshop proposal lays out a mathematics-heavy, developer introduction to modern cryptography in a functional programming context.
I plan to cover the following topics, often covered by university cryptography courses:
- A quick introduction to classical cryptography as a pathway to the goals and general properties of ciphers, as well as the common attack vectors used for basic cryptanalysis.
- Introduction to number theory and abstract algebra.
- Symmetric cryptography: Block and stream ciphers, modes of operation, key management.
- Asymmetric cryptography: The Diffie-Hellman problem, Elgamal PKCS, RSA, and code examples and implementations.
- Pseudorandom functions (PRF) and pseudorandom generators (PRGs)
- A section on combinatorics, probability, and information theory.
- Introduction to hashing, message authentication, and digital signatures. Applications with cryptocurrencies.
- Elliptic curve cryptography. Applications in ECDSA and ECEIS.
- Time-permitting: Lattice based crypto and advanced topics in cryptography.
Throughout the sections, we will develop a cryptographic library based on laws and formulated with typeclasses, each of which will play a part in developing a secure web application backend. Emphasis, in particular, will be placed on understanding cryptographic constructs both mathematically and from an application perspective. This includes common web application topics like deploying with TLS, tokens vs. cookies, JWTs explained, sessions, and common attacks. Even though we will begin from first principles, real-world emphasis will be put on using up-to-date cryptographic constructs, protocols, and avoiding outdated pitfalls, as well as what to look for in cryptographic libraries.
This workshop aims to empower developers not only to build your generic authenticated backend, but to go further into understanding the applications and uses of cryptographic protocols within a functional, lawful context. I aim to bring up cryptography and security from the afterthought that gets you Equifax'd, to a tangible tool in your developer and company arsenal.
I plan to cover the following topics, often covered by university cryptography courses:
- A quick introduction to classical cryptography as a pathway to the goals and general properties of ciphers, as well as the common attack vectors used for basic cryptanalysis.
- Introduction to number theory and abstract algebra.
- Symmetric cryptography: Block and stream ciphers, modes of operation, key management.
- Asymmetric cryptography: The Diffie-Hellman problem, Elgamal PKCS, RSA, and code examples and implementations.
- Pseudorandom functions (PRF) and pseudorandom generators (PRGs)
- A section on combinatorics, probability, and information theory.
- Introduction to hashing, message authentication, and digital signatures. Applications with cryptocurrencies.
- Elliptic curve cryptography. Applications in ECDSA and ECEIS.
- Time-permitting: Lattice based crypto and advanced topics in cryptography.
Throughout the sections, we will develop a cryptographic library based on laws and formulated with typeclasses, each of which will play a part in developing a secure web application backend. Emphasis, in particular, will be placed on understanding cryptographic constructs both mathematically and from an application perspective. This includes common web application topics like deploying with TLS, tokens vs. cookies, JWTs explained, sessions, and common attacks. Even though we will begin from first principles, real-world emphasis will be put on using up-to-date cryptographic constructs, protocols, and avoiding outdated pitfalls, as well as what to look for in cryptographic libraries.
This workshop aims to empower developers not only to build your generic authenticated backend, but to go further into understanding the applications and uses of cryptographic protocols within a functional, lawful context. I aim to bring up cryptography and security from the afterthought that gets you Equifax'd, to a tangible tool in your developer and company arsenal.
Tags and Topics
Browse our collection to discover more content in these categories.
Video Information
Views
22
Duration
01:05:01
Published
Dec 20, 2018
Related Trending Topics
LIVE TRENDSRelated trending topics. Click any trend to explore more videos.