Multiparty Encryption – Our Talk at DefCon 25 – August 2017

Category : security

print
I just found a video of our presentation at DefCon last year, which I haven’t watched since. The talk included a live demonstration connecting to a bank of smart-cards in Cambridge, UK. Organizers warned us not to do it as the network was pretty locked-down and a lot of …. interesting traffic was flowing around.

Still, we did it, in fact the demo was so smooth that I finished it in 15 minutes instead of 20-25 minutes as we had expected to hit a snag or two.

Without cutting any corners – smart cards, RESTful API, web-sockets orchestration of demos was all running in real-time – we showed:

  • global connectivity and ability to do multiparty signatures across the pond – with one set of smart cards in a small server on a desk in front of me and another in Cambridge;
  • transaction throughput, which linearly scales with the number of smart cards – no visible bottlenecks there – smart cards talking to us at 1.2 Mbps with an FPGA making sure that the max throughput of  150 Mbps got in and out without any delays (a thorough measurement showed about <1% loss of throughput with zero processing time in smart cards and full-length commands; and
  • a simple demonstration of a 3-party signature resilience against attackers – with the real-time integration of smart-cards into web-sockets and RESTful API. The attack scenario was orchestrated with Node-RED.

All went really well, except for a wait for Cambridge smart-cards to connect – it was just over 80 seconds (we parallelized this a little bit later) – I surprised myself and kept calm in front of the big audience in one of the main hall.

It’s been a nice project with UCL and I quite enjoyed working with Vasilis and George Danezis, turning their theoretical crypto into an almost commercial implementation.

The same hardware platform is now available for anyone who wants to do really cool things with smart cards.


About Author

Dan Cvrcek

Co-founder of Radical Prime and Enigma Bridge. Indendent consultant on security and encryption systems (incl. large banking, payment, and enterprise systems) ... and a university professor.