Mastering Cryptography Fundamentals with Node’s crypto module

A presentation at JSConf Japan 2023 in November 2023 in Tokyo, Japan by Yonatan Mevorach

Slide 1

Slide 1

Orqixfkee Rkmrkmvkoryw Unbfrktghccq lbhj Emsx’g eiwemc ofbjes

Slide 2

Slide 2

Mastering Cryptography Fundamentals with Node’s crypto module

Slide 3

Slide 3

Cryptography (the study of the techniques of secret writing)

Slide 4

Slide 4

Slide 5

Slide 5

Slide 6

Slide 6

Slide 7

Slide 7

Slide 8

Slide 8

Yonatan Mevorach @cowchimp blog.yonatan.dev

Slide 9

Slide 9

Cryptography Fundamentals Encryption

Slide 10

Slide 10

Alice Eve Bob

Slide 11

Slide 11

Slide 12

Slide 12

plaintext ciphertext

Slide 13

Slide 13

JSConf JP PfbtMZX

Slide 14

Slide 14

PfbtMZX

Slide 15

Slide 15

PfbtMZX JSConf JP

Slide 16

Slide 16

Slide 17

Slide 17

Slide 18

Slide 18

Slide 19

Slide 19

AES Advanced Encryption Standard

Slide 20

Slide 20

aes-256-cbc

Slide 21

Slide 21

CBC Cipher Block Chaining

Slide 22

Slide 22

IV Initialization Vector

Slide 23

Slide 23

IV plaintext ciphertext

Slide 24

Slide 24

b905af Hello 0402a10291

Slide 25

Slide 25

e6c24c Hello c2cfc0a26

Slide 26

Slide 26

f23bbf Hello 7fa587061

Slide 27

Slide 27

iv ciphertext algorithm

Slide 28

Slide 28

f23bbf 7fa587061 Hello

Slide 29

Slide 29

Slide 30

Slide 30

Slide 31

Slide 31

Slide 32

Slide 32

Slide 33

Slide 33

Slide 34

Slide 34

Slide 35

Slide 35

Slide 36

Slide 36

Slide 37

Slide 37

Slide 38

Slide 38

Slide 39

Slide 39

Slide 40

Slide 40

Slide 41

Slide 41

Slide 42

Slide 42

Slide 43

Slide 43

h0pper 🔑 h0pper

Slide 44

Slide 44

Slide 45

Slide 45

Cryptography Fundamentals Key Derivation Functions

Slide 46

Slide 46

h0pper 🔑 Sp9IxQEzyzdZ94B4VyQoF+6e3EKgJPdoQDF99Ta

Slide 47

Slide 47

Password Key password XohImNooBHFR0OVvjcYpJ3NgPQ1qq73WKhHvch0VQtg= 123456 jZae727K08KaOmKSgOaGzww/XVqGr/PKEgIMkjrcbJI= qwerty ZehL4zUy+3hMSBKWdfnv86aCsnFowOp0Syz1juAjN8U= 111111 vLFfghR5tNV3K9DKhmwArV+SbjWAcgZZzIDTnJ0JgCo= ppppp dylyfv5OoHljyL+JdqS6YiURDJgRwo+Rgdb/gRTptps= 1q2w3e4r cquZT6LrQmwFHvWcrWF3UL/gbXz2MRKF/3nBnDKv0jY= 123123123 ky88G1YlfOhTmsJp16q0JVDaz4gY0HXwvfGZBWKq4+8= aueuaueu mzVJAUV6pKrLwUQ/+U+vcBAfkP4Vv9iSFzAWI7+eW60=

Slide 48

Slide 48

h0pper 🔑 🧂 oFzBqXkAn5TxjIvhWi dPuYLRSLIr9w23egqkqAQP+z5rFz1DDYy8jcXTo

Slide 49

Slide 49

Notable mentions 🧐 ● crypto.hkdf ( HMAC-based Key Derivation Function) ● crypto.pbkdf2 (Password-Based Key Derivation Function 2)

Slide 50

Slide 50

Cryptography Fundamentals Randomness

Slide 51

Slide 51

Slide 52

Slide 52

Slide 53

Slide 53

Slide 54

Slide 54

Slide 55

Slide 55

Slide 56

Slide 56

Slide 57

Slide 57

Slide 58

Slide 58

Slide 59

Slide 59

Slide 60

Slide 60

Slide 61

Slide 61

Cryptography Fundamentals Key Distribution Problem

Slide 62

Slide 62

Slide 63

Slide 63

RONALD L. RIVEST: PHOTOS

Slide 64

Slide 64

bob’s private key bob’s public key

Slide 65

Slide 65

bob’s public key

Slide 66

Slide 66

bob’s public key plaintext ciphertext

Slide 67

Slide 67

ciphertext

Slide 68

Slide 68

bob’s public key plaintext ciphertext bob’s private key bob’s public key ciphertext plaintext

Slide 69

Slide 69

Slide 70

Slide 70

Slide 71

Slide 71

Slide 72

Slide 72

Slide 73

Slide 73

Slide 74

Slide 74

Slide 75

Slide 75

Slide 76

Slide 76

Slide 77

Slide 77

Slide 78

Slide 78

Slide 79

Slide 79

Slide 80

Slide 80

Slide 81

Slide 81

Slide 82

Slide 82

Slide 83

Slide 83

Slide 84

Slide 84

Slide 85

Slide 85

Slide 86

Slide 86

Slide 87

Slide 87

Slide 88

Slide 88

Notable mentions 🧐 ● crypto.createDiffieHellman (Diffie-Hellman key exchange) ● crypto.createECDH (Elliptic Curve Diffie-Hellman)

Slide 89

Slide 89

Slide 90

Slide 90

Cryptography Fundamentals Signing and Verifying

Slide 91

Slide 91

alice’s private key alice’s public key message signature

Slide 92

Slide 92

alice’s public key message signature

Slide 93

Slide 93

alice’s private key message alice’s public key signature alice’s public key message signature

Slide 94

Slide 94

Slide 95

Slide 95

Slide 96

Slide 96

Slide 97

Slide 97

Slide 98

Slide 98

Slide 99

Slide 99

Slide 100

Slide 100

Slide 101

Slide 101

Slide 102

Slide 102

Slide 103

Slide 103

Slide 104

Slide 104

Slide 105

Slide 105

Slide 106

Slide 106

Slide 107

Slide 107

Slide 108

Slide 108

Slide 109

Slide 109

Slide 110

Slide 110

Notable mentions 🧐 ● crypto.createHmac (Hash-Based Message Authentication Code)

Slide 111

Slide 111

Slide 112

Slide 112

Cryptography Fundamentals Public Key Certificates

Slide 113

Slide 113

Slide 114

Slide 114

Alice Carol Bob

Slide 115

Slide 115

alice’s private key alice’s public key metadata TBS carol’s private key signature alice’s certificate carol’s public key

Slide 116

Slide 116

carol’s private key carol’s public key alice’s certificate signature metadata alice’s public key

Slide 117

Slide 117

Slide 118

Slide 118

Slide 119

Slide 119

Slide 120

Slide 120

Slide 121

Slide 121

Slide 122

Slide 122

Slide 123

Slide 123

Slide 124

Slide 124

Slide 125

Slide 125

Alice Carol Bob

Slide 126

Slide 126

Alice Carol Doris Bob

Slide 127

Slide 127

Slide 128

Slide 128

Slide 129

Slide 129

Slide 130

Slide 130

Cryptography Fundamentals ● Encryption ● Key Derivation Functions ● Randomness ● Key Distribution Problem \ Asymmetric Encryption ● Signing and Verifying ● Public Key Certificates

Slide 131

Slide 131

Slide 132

Slide 132

Slide 133

Slide 133