21 Apr 2016
Doubleheader

Does the Future of Wireless Network Security Lie at the Physical Layer? (1:10-1:50 pm ET)
and
How NOT to Store Passwords (and other Crypto-Fails) (2:00-2:40 pm ET)

Mark your calendars and come join your friends in the CAE community for a Tech Talk. We are a warm group that shares technical knowledge. CAE Tech Talks are free and conducted live in real-time over the Internet, so no travel is required. You can attend from just about anywhere (office, home, etc.) Capitol Technology University (CTU) hosts the presentations using their online delivery platform (Adobe Connect) which employs slides, VOIP, and chat for live interaction. Just log in as “Guest” and enjoy the presentation(s).
Below is a description of the presentation(s) and logistics of attendance:

Date: Thursday 21 Apr 2016
Time: 1:10 - 1:50 pm ET
Title/Topic: Does the Future of Wireless Network Security Lie at the Physical Layer?
Audience Skill Level:  Intermediate
Presenter: Dr. Kapil R. Dandekar (Drexel University)
Location: https://capitol.adobeconnect.com/cae_tech_talk/
Note: An overflow room is available at the address below:
http://capitol.adobeconnect.com/cae2/
Just login as “Guest” and enter your name. No password required.

Description:
Due to the unavoidable shared nature of the wireless radio spectrum, providing security for wireless communications presents unique challenges. Cryptographic keys and authentication methods have been used as a primary technique for securing wireless networks but are shown to be not completely effective. State-of-the-art wireless networks are still vulnerable to man-in-the-middle and brute force attacks. More recently, Physical (PHY) layer based techniques have gained significant attention, where the principle of channel reciprocity and the natural randomness of the measured wireless channel is leveraged to authenticate users and to generate secret keys. Physical characteristics of the wireless nodes, including their transceiver chains, antenna selection, and their locations within a room, become the decision makers for their security. Training on the PHY layer information, a more robust user authentication can be achieved. In addition, novel techniques have been proposed for PHY layer based secret key generation for use in data encryption. Dr. Kapil Dandekar’s talk will introduce current research in PHY layer authentication and secret key generation techniques. In addition, possible wireless network intrusion mitigation techniques at the Physical layer will also be discussed. The talk will also be complemented by the addition of reconfigurable antennas and the advantages they offer in PHY layer security techniques. Finally, Dr. Dandekar will also showcase his new educational tool, an Augmented Reality app, which is designed to be used for wireless cybersecurity courses.

Date: Thursday 21 Apr 2016
Time: 2:00 pm – 2:40 pm ET
Title/Topic: How NOT to Store Passwords (and other Crypto-Fails)
Audience Skill Level:  All levels
Presenter: U.S. Government
Location: https://capitol.adobeconnect.com/cae_tech_talk/
Note: An overflow room is available at the address below:
http://capitol.adobeconnect.com/cae2/
Just log in as “Guest” and enter your name. No password required.

Description:
Cryptography is a fantastic tool in the toolbox of cybersecurity professionals, and yet, it is often applied incorrectly leading to a vulnerability and a false sense of security. This talk will provide an introductory-level review of some relevant cryptography concepts and then it will explore the technical details of some prominent “crypto-fails” (some of which have been ripped straight from recent cybersecurity headlines!) focusing on the ways in which cryptography is used to protect passwords and other shared secrets.

CAE Tech Talks are also recorded. CTU will post a recording of the live presentations on its website:
https://capitol.instructure.com/courses/sis_course_id:CAE_Tech_Talk/external_tools/4

Contact
Announcements for CAE Tech Talk events can be found in the news and calendar section of the CAE community website: www.caecommunity.org
For questions on CAE Tech Talk, please send email to CAETechTalk@nsa.gov