Mastering Cryptography Fundamentals with Node’s crypto module

A presentation at Node.TLV in June 2023 in Tel Aviv-Yafo, Israel by Yonatan Mevorach

Slide 1

Slide 1

Orqixfkee Rkmrkmvkoryw Unbfrktghccq lbhj Emsx’g eiwemc ofbjes

Slide 2

Slide 2

Mastering Cryptography Fundamentals with Node’s crypto module

Slide 3

Slide 3

Cryptography (the study of the techniques of secret writing)

Slide 4

Slide 4

Slide 5

Slide 5

Slide 6

Slide 6

Slide 7

Slide 7

Slide 8

Slide 8

Slide 9

Slide 9

Slide 10

Slide 10

Slide 11

Slide 11

Slide 12

Slide 12

Yonatan Mevorach @cowchimp blog.yonatan.dev

Slide 13

Slide 13

Cryptography Fundamentals Encryption

Slide 14

Slide 14

Alice Eve Bob

Slide 15

Slide 15

Slide 16

Slide 16

plaintext ciphertext

Slide 17

Slide 17

NodeTLV PfbtMZX

Slide 18

Slide 18

PfbtMZX

Slide 19

Slide 19

PfbtMZX NodeTLV

Slide 20

Slide 20

Slide 21

Slide 21

Slide 22

Slide 22

Slide 23

Slide 23

AES Advanced Encryption Standard

Slide 24

Slide 24

aes-256-cbc

Slide 25

Slide 25

ciphertext algorithm

Slide 26

Slide 26

CBC Cipher Block Chaining

Slide 27

Slide 27

IV Initialization Vector

Slide 28

Slide 28

IV plaintext ciphertext

Slide 29

Slide 29

b905af Hello 0402a10291

Slide 30

Slide 30

e6c24c Hello c2cfc0a26

Slide 31

Slide 31

f23bbf Hello 7fa587061

Slide 32

Slide 32

iv ciphertext algorithm

Slide 33

Slide 33

f23bbf 7fa587061 Hello

Slide 34

Slide 34

Slide 35

Slide 35

Slide 36

Slide 36

Slide 37

Slide 37

Slide 38

Slide 38

Slide 39

Slide 39

Slide 40

Slide 40

Slide 41

Slide 41

Slide 42

Slide 42

Slide 43

Slide 43

Slide 44

Slide 44

Slide 45

Slide 45

Slide 46

Slide 46

Slide 47

Slide 47

h0pper 🔑 h0pper

Slide 48

Slide 48

Slide 49

Slide 49

Cryptography Fundamentals Key Derivation Functions

Slide 50

Slide 50

h0pper 🔑 Sp9IxQEzyzdZ94B4VyQoF+6e3EKgJPdoQDF99Ta

Slide 51

Slide 51

Password Key password XohImNooBHFR0OVvjcYpJ3NgPQ1qq73WKhHvch0VQtg= 123456 jZae727K08KaOmKSgOaGzww/XVqGr/PKEgIMkjrcbJI= qwerty ZehL4zUy+3hMSBKWdfnv86aCsnFowOp0Syz1juAjN8U= 111111 vLFfghR5tNV3K9DKhmwArV+SbjWAcgZZzIDTnJ0JgCo= ppppp dylyfv5OoHljyL+JdqS6YiURDJgRwo+Rgdb/gRTptps= 1q2w3e4r cquZT6LrQmwFHvWcrWF3UL/gbXz2MRKF/3nBnDKv0jY= 123123123 ky88G1YlfOhTmsJp16q0JVDaz4gY0HXwvfGZBWKq4+8= aueuaueu mzVJAUV6pKrLwUQ/+U+vcBAfkP4Vv9iSFzAWI7+eW60=

Slide 52

Slide 52

h0pper 🔑 🧂 oFzBqXkAn5TxjIvhWi Sp9IxQEzyzdZ94B4VyQoF+6e3EKgJPdoQDF99Ta

Slide 53

Slide 53

🧂 IV plaintext ciphertext 🔑

Slide 54

Slide 54

628436 e6b883 Hello e4bb62e8d 4bbeb7

Slide 55

Slide 55

628436 e6b883 e4bb62e8d Hello 4bbeb7

Slide 56

Slide 56

Slide 57

Slide 57

Slide 58

Slide 58

Slide 59

Slide 59

Notable mentions 🧐 ● crypto.hkdf ( HMAC-based Key Derivation Function) ● crypto.pbkdf2 (Password-Based Key Derivation Function 2)

Slide 60

Slide 60

Cryptography Fundamentals Randomness

Slide 61

Slide 61

Slide 62

Slide 62

Slide 63

Slide 63

Slide 64

Slide 64

Slide 65

Slide 65

Slide 66

Slide 66

Slide 67

Slide 67

Slide 68

Slide 68

Slide 69

Slide 69

Slide 70

Slide 70

Slide 71

Slide 71

Cryptography Fundamentals Key Distribution Problem

Slide 72

Slide 72

Slide 73

Slide 73

RONALD L. RIVEST: PHOTOS

Slide 74

Slide 74

bob’s private key bob’s public key

Slide 75

Slide 75

bob’s public key

Slide 76

Slide 76

bob’s public key plaintext ciphertext

Slide 77

Slide 77

ciphertext

Slide 78

Slide 78

bob’s public key plaintext ciphertext bob’s private key bob’s public key ciphertext plaintext

Slide 79

Slide 79

Slide 80

Slide 80

Slide 81

Slide 81

Slide 82

Slide 82

Slide 83

Slide 83

Slide 84

Slide 84

Slide 85

Slide 85

Slide 86

Slide 86

Slide 87

Slide 87

Slide 88

Slide 88

Slide 89

Slide 89

Slide 90

Slide 90

Slide 91

Slide 91

Slide 92

Slide 92

Slide 93

Slide 93

Slide 94

Slide 94

Slide 95

Slide 95

Slide 96

Slide 96

Slide 97

Slide 97

Slide 98

Slide 98

Notable mentions 🧐 ● crypto.createDiffieHellman (Diffie-Hellman key exchange) ● crypto.createECDH (Elliptic Curve Diffie-Hellman)

Slide 99

Slide 99

Slide 100

Slide 100

Cryptography Fundamentals Signing and Verifying

Slide 101

Slide 101

alice’s private key alice’s public key message signature

Slide 102

Slide 102

alice’s public key message signature

Slide 103

Slide 103

alice’s private key message alice’s public key signature alice’s public key message signature

Slide 104

Slide 104

Slide 105

Slide 105

Slide 106

Slide 106

Slide 107

Slide 107

Slide 108

Slide 108

Slide 109

Slide 109

Slide 110

Slide 110

Slide 111

Slide 111

Slide 112

Slide 112

Slide 113

Slide 113

Slide 114

Slide 114

Slide 115

Slide 115

Slide 116

Slide 116

Slide 117

Slide 117

Slide 118

Slide 118

Slide 119

Slide 119

Slide 120

Slide 120

Notable mentions 🧐 ● crypto.createHmac (Hash-Based Message Authentication Code)

Slide 121

Slide 121

Slide 122

Slide 122

Slide 123

Slide 123

github.com/ehn-dcc-development/eu-dcc-hcert-spec

Slide 124

Slide 124

Slide 125

Slide 125

Slide 126

Slide 126

Cryptography Fundamentals Certificates

Slide 127

Slide 127

Slide 128

Slide 128

Alice Carol Bob

Slide 129

Slide 129

alice’s private key alice’s public key metadata TBS carol’s private key signature alice’s certificate carol’s public key

Slide 130

Slide 130

carol’s private key carol’s public key alice’s certificate signature metadata alice’s public key

Slide 131

Slide 131

Slide 132

Slide 132

Slide 133

Slide 133

Slide 134

Slide 134

Slide 135

Slide 135

Slide 136

Slide 136

Slide 137

Slide 137

Slide 138

Slide 138

Slide 139

Slide 139

Alice Carol Bob

Slide 140

Slide 140

Alice Carol Doris Bob

Slide 141

Slide 141

Slide 142

Slide 142

Slide 143

Slide 143

Cryptography Fundamentals ● Encryption ● Key Derivation Functions ● Randomness ● Key Distribution Problem \ Asymmetric Encryption ● Signing and Verifying ● Certificates

Slide 144

Slide 144

Slide 145

Slide 145

github.com/cowchimp/crypto-talk-code

Slide 146

Slide 146

@cowchimp blog.yonatan.dev

Slide 147

Slide 147

Questions?

Slide 148

Slide 148