(c) Can Stock Photo / ibreakstock

Cryptography

ICANN and ISOC Norway will hold a session discussing Cryptography. Experts in applied cryptography will discuss current practices, including key management and quantum key cryptography, and generally talk about the state of cryptography in ICT in 2023.

• Date: September 26 2023
• Time: 17:00-20:00
• Venue: Rebel, Universitetsgata 2, 0164 Oslo

The meeting will be open for all.

Recording from the event: https://livestream.com/internetsociety/discussingcryptography

Agenda

• Quantum-readiness and high function crypto. Arne Tobias Malkenes Ødegaard, Norwegian National Security Authority (NSM)
• Automated key rollovers in the DNS. Lars-Johan Liman, Netnod
• Real-world crypto mistakes. Tor Erling Bjørstad, Mnemonic
• A Brief Primer on Managing the Keys to the Internet. David Huberman, ICANN

Quantum-readiness and high function crypto – Arne Tobias Malkenes Ødegaard

Quantum computers are becoming increasingly powerful, and in a number of years they will be powerful enough to break a lot of the cryptography we use today. In this talk I will mention what both the cryptographic community at large and we at NSM are doing to help society get ready for a future where powerful quantum computers are ubiquitous. In addition, I will talk a bit about a new research project at NSM which tries to find applications of advanced cryptographic tools to improve security and privacy in new settings.

Automated key rollovers in the DNS – Lars Johan Liman, Netnod

The distribution of crypto keys is the Achilles heel of all crypto systems, and replacing old keys with new ones is cumbersome and errorprone. Within the domain name system new methods have been developed to automate key rollovers using new records types and zone scanning.

Real-world crypto mistakes – Tor Erling Bjørstad, Mnemonic

Building secure systems is hard. Despite having strong crypto primitives available, the devil is very much present in the details. In this talk, we will take a closer look at some common ways that cryptography fails. I will be using examples from my experience as a security auditor and penetration tester, and also share some thoughts on how to avoid these pitfalls.

A Brief Primer on Managing the Keys to the Internet – David Huberman, ICANN

If you hear about the “keys to the Internet,” the topic usually relates to a very specific thing — a digital key, cryptographically signed, that is used to verify the security of the DNS. This talk will explore these keys are, how they are managed, and how they are kept secure.

Biographies

• Tor Erling Bjørstad has been working in security and privacy for more than 15 years. He has been at mnemonic as a consultant since 2013. Tor holds a Ph.d. in cryptography from the University of Bergen.
• David Huberman has been in the internet engineering industry since 1999. Prior to joining ICANN, he was at companies such as Microsoft, Global Crossing, Oracle, and Telocity. He also spent 10 years at ARIN. David graduated from Indiana University in 1996 with a bachelors of arts degree for a double major (telecommunications and geography). He lives with his family in Ashburn, Virginia, USA.
• Lars-Johan Liman, M.Sc., is technical and policy lead for the DNS root name service provided by Netnod – a role that he has held for almost 30 years. He has held a variety of positions in the DNS instry, ranging from the (then) committee for domain name rules for .SE, via working group chairfor the DNSOP WG in the IETF, to chair for the Root Server System Advisory Committee in ICANN, and the ICANN Customer Standing Committee. Liman has served in numerous committees in ICANN and other places, and is a well-known DNS nerd in the IETF, ICANN, and RIPE communities. Inaddition he has also taught countless courses on all aspects of the DNS.
• Arne Tobias Ødegaard is working as a researcher at the Norwegian National Security Authority (NSM). He graduated from the University of Bergen with a PhD in cryptography in 2022.