Encryption is used everywhere in software, from custom network protocols to password vaults. We will walk through the process of reverse-engineering software to identify encryption protocols and analysing them for vulnerabilities through real-world applications. We will look at common encryption patterns in source code as well as common mistakes made by developers.

[caption id="attachment_27160" align="alignright" width="150"] Mr. Eugene Lim, Cybersecurity Specialist, GovTech Singapore[/caption]

Eugene (@spaceraccoon) hacks for good! From Amazon to Zendesk, he helps secure products globally. In 2019, he won the Most Valuable Hacker award at the H1-213 live hacking event organized by HackerOne, the US Air Force, the UK Ministry of Defense, and Yahoo. He has reported vulnerabilities in Microsoft Office, Apache OpenOffice, D-Link, and more. He also presented research on AI-powered phishing at Black Hat USA and DEF CON in 2021. At GovTech, he secures citizen data and government systems through application security research and sustainable DevSecOps development. Later this year, he will be speaking at DEF CON 30 on hacking calendars including Apple Calendar, Google Calendar, and Microsoft Outlook.

Cryptography uses mathematical techniques to transform data and prevent it from being tampered with by unauthorised parties. This enables exchanging secure messages even in the presence of adversaries. In this presentation, I will talk about how cryptography is used in the government, plus give a brief overview of the latest advances in the cryptographic world.

[caption id="attachment_27718" align="alignright" width="150"] Teo Sui Guan, Lead Cybersecurity Policy developer, GovTech Singapore[/caption]

Sui Guan is currently a Lead Cybersecurity Policy developer at GovTech’s Cybersecurity Group. He has about 10 years of experience spanning consultancy, audit, and policy development work. Prior to starting his cybersecurity career, he graduated with a PhD in Cryptography from the Queensland University of Technology. His thesis studied sequences produced by keystream generators as well as how components used in stream ciphers can affect its security.