keys crypto

Real World Crypto Symposium objective is to bring together cryptography researchers with developers implementing cryptography in real-world systems. Last week, the 2019 edition happened in San Jose California. Although I was at CES 2019 contemplating the proliferation of data capturing devices and IA which dominated this year’s gigantic conference in Las Vegas, we had one of our New Context security engineers attending the conference and sending me tweets and messages about the crypto conference.

Watch the recording of Real World Crypto 2019 – Day 1 – Morning Session 1.

Real World Crypto Symposium 2019

Here are some of my impressions about this event.

Politics, Governments and Elections

Several talks were discussing the potential intersection between public entities and the cybersecurity community. This is not really new since l0pht testified at the US Senate in 1998, but it is very interesting to see a dynamic in this direction.

Key takeaways:

  • Communication between representative and cybersecurity increases awareness and helps to prevent misunderstandings.
  • Election technologies have serious security challenges that need to be addresses (that was also a theme at DEFCON 26 voting Village)

As a result of awareness and knowledge, I believe that more policies and regulation will hit the digital society and economy.

A Few New Cool Pieces of Technology Worth Looking Into

Lots was discussed and presented during the talks, here are my picks:

  • OPAQUE – Strong client-server password authentication for standardization – very cool as it does not rely on PKI and is resistant to dictionaries attacks, and limits the impact of a PKI failure.
  • ALTS – Google’s TLS alternative, with application level security, more flexible for finer grain policies and more robust.
  • RISC-V showing significant adoption – the benefits of secure enclaves are getting understand and use cases were discussed, as well as overall advantages of RISC-V.
  • MLS – Messaging Layer Security – is also showing a larger and larger number of companies getting into it, likely because it provides strong end-to-end encryption.

–Dimitri Volkmann, CMO, New Context Services

New Context and the Cybersecurity Community

New Context will continue to participate and engage in the cybersecurity community. Our objective is to promote Lean Security as the foundation to helps DevOps team build and deliver software that has data security and compliance in its foundation. Here is the list of upcoming events where you can find us: