Name: Are our systems using up-to-date cryptography?
Start: 2023-06-18T14:45:00+0200
End: 2023-06-18T15:20:00+0200

Back To Schedule

Are our systems using up-to-date cryptography?

Feedback form is now closed.

As every cryptographic algorithm has its own security lifetime, old algorithms can become vulnerable as research advances. For system administrators, it is important to keep the managed systems up-to-date with latest standards. At DevConf CZ 2020, we've presented an idea of inspecting which cryptographic algorithms a particular deployment is using in practice, e.g., which TLS ciphersuites are negotiated the most. The proposal was to instrument system cryptographic libraries with USDT probes and collect statistical data with eBPF and bpftrace. Since then, the project has evolved further to providing a system-wide service and utilities, enabling analysis of long term trends and real-time diagnostics. In this session we will talk about the architecture, logging format, and possible integration with consumers, such as Insights Core and Grafana.

Speakers

Daiki Ueno

Principal Software Engineer, Red Hat

Daiki Ueno works as a software engineer in the RHEL Crypto team at Red Hat, where he leads the development of low-level cryptographic libraries, such as GnuTLS and p11-kit, while helping a variety of security related projects.

presentation pdf

Sunday June 18, 2023 2:45pm - 3:20pm CEST
G202 | Talks

DevOps and Automation & Security and Compliance, Talk

Audience Intermediate
Stream only https://youtube.com/live/_igS-VWZ5-Y
Chat https://matrix.to/#/#g202:devconf.cz

Devconf.cz 2023

Daiki Ueno

Attendees (80)

Devconf.cz 2023

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Daiki Ueno

Attendees (80)