Netdev 0x17 venue
Vancouver, Canada
Previous editions
Fosstodon
NETDEV VIDEOS
Session
Security Workshop
Chairs
Steffen Klassert
Label
Nuts and Bolts
Session Type
Workshop
Contents
Description
The security workshop will focus on recent development in the Linux network security area. Topics can be everything related to network security. The format will be a combination of presentations and discussions.
Presentations:
1.Quantum-Proofing Data: The Power Of Post-Quantum Cryptography
Speaker: Milena Olech
Quantum computers leverage principles from quantum mechanics to formulate and execute quantum algorithms. Currently, there are no quantum computers capable of compromising existing cryptographic techniques.
Nevertheless, quantum algorithms can efficiently solve intricate problems within a relatively brief time frame. Notably, Shor’s algorithm has the potential to break the RSA and Elliptic Curve Diffie-Hellman algorithms, which are pivotal for key exchange in Transport Layer Security (TLS).
Furthermore, quantum algorithms pose a threat to the cryptography utilized in the TLS protocol in two critical areas: key exchange and client/server authentication. As a result, the security of the TLS handshake process can be compromised, necessitating the adoption of post-quantum cryptography (PQC) algorithms.
The National Institute of Standards and Technology selected CRYSTALS-Kyber algorithm as the Key Encapsulation Mechanism (KEM) resistant to cryptanalytic attacks with powerful quantum computers.
This paper outlines the mathematical foundation of the CRYSTALS-Kyber algorithm and illustrates its application in the TLS handshake. In order to assess the efficacy of post-quantum cryptography (PQC), a comprehensive comparison between traditional cryptographic methods and post-quantum alternatives has been conducted. The study analyzes the outcomes and provides a condensed summary of the findings.
- Multi-core IPsec tunnels
Speakers: Daniel Xu, Vlad Dumitrescu, Antony Antony
Single pair Child Security Association (SA) IPsec tunnels, while being the de facto standard in network security, have a notable limitation: their design constrains them to a single CPU. This fails to take advantage of modern multi-core systems.
Our solution uses multiple identical child SAs which has the benefit that each stream has its own Sequence Number Counter, ensuring that CPUs don’t have to synchronize their crypto state or disable their packet replay protection.
This presentation will dive into the design, implementation, and performance of multi-child-SA IPsec tunnels.
Recent News
Group Booking Discount at Paradox Hotel
[Mon, 16, Oct. 2023]
Bronze Sponsor, Relianoid
[Fri, 06, Oct. 2023]
Registration is now Open
[Mon, 18, Sep. 2023]
Bronze Sponsor, NVIDIA
[Fri, 15, Sep. 2023]
Silver Sponsor, Intel®
[Tue, 12, Sep. 2023]
Important Dates
Closing of CFS | Aug 27th, 2023 |
Notification by | Sep 15th, 2023 |
Conference dates | Oct 30th - Nov 3rd, 2023 |