BEGIN:VCALENDAR VERSION:2.0 PRODID:-//jEvents 2.0 for Joomla//EN CALSCALE:GREGORIAN METHOD:PUBLISH BEGIN:VEVENT UID:a774ab71676d11303beaff248b1cc543 CATEGORIES:Lectures & Presentations CREATED:20200709T104338 SUMMARY:SBA Security Meetup: End-to-end File Encryption in the Web Browser, A Case Study LOCATION:SBA Research\, 1040 Vienna DESCRIPTION:End-to-end File Encryption in the Web Browser, A Case StudyEver thought tha t encrypting uploaded files in the web browser before it hits the server? M ost web browsers nowadays offer encryption modules via the Web Crypto API f or the encryption itself, but we’ll soon see that this isn’t enough. What a bout the correct cipher modes? How can we ensure confidentiality, integrity and authenticity? What about big files and limited memory availability?\nI n this talk, we’ll cover the following topics:\n - Issues you’ll face when implementing end-to-end file encryption in the browser\n - The crypto basic s behind file and metadata encryption\n - The Web Crypto API\n - The FileRe ader API for chunked uploads\n - The ReadableStream API for chunked downloa ds\n - Service Workers and how they’ll help us\n - Browser compatibility of the mentioned APIs\n - What we can do to support older browsers\n - The ha rdest part: key distributionSpeaker:Thomas Konrad, SBA Research\nTalk langu age: English\nAbout the Speaker:Thomas Konrad is Principal Security Consult ant at SBA Research and has been part of software security team since 2010. He focuses on secure software development, web application security, penet ration testing, secure software design, architecture, and process, and trai ns software development teams in those areas.\n X-ALT-DESC;FMTTYPE=text/html:
Ever thought that encrypting uploaded files in the web browser before it hits t he server? Most web browsers nowadays offer encryption modules via the Web Crypto API for the encryption itself, but we’ll soon see that this isn’t en ough. What about the correct cipher modes? How can we ensure confidentialit y, integrity and authenticity? What about big files and limited memory avai lability?
Thomas Konrad, SBA Research
T
alk language: English
Thomas Konrad is Pri ncipal Security Consultant at SBA Research and has been part of software se curity team since 2010. He focuses on secure software development, web appl ication security, penetration testing, secure software design, architecture , and process, and trains software development teams in those areas.
CONTACT:Bettina Jaber X-EXTRAINFO:3/15 DTSTAMP:20240329T132005 DTSTART:20200213T170000 DTEND:20200213T200000 SEQUENCE:0 TRANSP:OPAQUE END:VEVENT END:VCALENDAR