As a certified Cryptanalyst for the National Security Agency, the speaker was classically trained in manual cryptography, but also pioneered some of the first computer-based cryptographic systems produced by the agency. Topics discussed will include applications of classic cryptography including one-time pads and various cipher methods to machine-based systems (such as the Enigma) and ultimately to modern computer-based algorithms such as public key cryptography. The talk will also explore the speaker's experiences in the private sector and how the understanding of cryptography helped numerous times in penetration testing, vulnerability assessment, security architecture, and technical advising. Ultimately, this talk will guide you through a history and evolution of cryptography over the past thirty years using the speaker's own experiences as a backdrop for a discussion of the migration of cryptography from manual to machine and ultimately to digital. Understanding the history and evolution of cryptography is essential for applying modern cryptographic solutions to solve today's information security problems, particularly in understanding the residual risks, the shifting attack strategies, and the inherent weaknesses in the implementation or fielding of even the best cryptosystems and solutions.
Jeff has over 30 years of experience working in all aspects of computer, network, and information security, including risk management, vulnerability analysis, compliance assessment, forensic analysis and penetration testing. Earlier in his career, Jeff held security research, management and product development roles with NSA, the DoD and private-sector enterprises. For the past twenty years, Jeff has served as a pen tester, security architect, consultant, QSA, and PCI subject matter expert, providing consulting and advisory services to many of the nation's best known brands.