The encryption vs. inspection debate

Thursday 5 October 14:00 - 15:30, Small talks

Nick Sullivan (Cloudflare)



There is a tension in the security industry right now between the proponents of end-to-end encryption and those who use network inspection as a core tool to understand threats and information flows. This debate is particularly relevant to the web, where HTTPS adoption passed 50 per cent this year. Recent research also shows that a large percentage of this traffic is not end-to-end encrypted from the browser to the server, and that both intercepting proxies and anti-virus software can reduce the security of encrypted connections significantly. In this presentation, I will explore the various angles of this debate and entertain ways to relieve the tension.

 

Nick-Sullivan-web.jpg

Nick Sullivan

Nick Sullivan is a leading cryptography and security technologist. As Head of Cryptography at Cloudflare, a top Internet performance and security company, he is responsible for overseeing all cryptographic products and strategy. He was instrumental in building Cloudflare’s security engineering team and led major projects including Keyless SSL and TLS 1.3. Prior to joining Cloudflare, he was a digital rights management pioneer, helping build and secure Apple’s multi-billion dollar iTunes store. He holds an M.Sc. in cryptography, is the author of more than a dozen computer security patents, and regularly speaks at major security conferences.

 



VB2018 MONTREAL!

VB2017 OVERVIEW

VB2017 SPEAKERS

VB2017 PROGRAMME

2017 PÉTER SZŐR AWARD


Other VB2017 papers

Walking in your enemy's shadow: when fourth-party collection becomes attribution hell

Juan Andres Guerrero-Saade (Kaspersky Lab)
Costin Raiu (Kaspersky Lab)

Attribution is complicated under the best of circumstances. Sparse attributory indicators and the possibility of overt…

Keynote address: Inside Cloudbleed

John Graham-Cumming (Cloudflare)

In February 2017, Cloudflare was revealed to have been leaking private information including HTTP headers, cookies and POST data…

Mariachis and jackpotting: ATM malware from Latin America

Thiago Marques (Kaspersky Lab)

Fabio Assolini (Kaspersky Lab)

Of all the forms of attack against financial institutions in the world, the ones that are most likely to combine traditional…

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.