Download - How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions
![Page 1: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/1.jpg)
Using Cryptography Properly in Applications
POSSCON 2015Andy WatsonIonic Security
![Page 2: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/2.jpg)
About:
Name: Andy WatsonOccupation: Byte ManglerEmployer: Ionic Security
http://ionicsecurity.com/
![Page 3: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/3.jpg)
Why:
I’ve seen too many people not using cryptography or using it incorrectly.
This information may help you not be one of them.
![Page 4: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/4.jpg)
Agenda:
● Random● Salt● Hash● Key Derivation● Symmetric Encryption● Famous Mistakes
![Page 5: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/5.jpg)
Random
![Page 6: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/6.jpg)
Random Number Generators
RNG: A computational or physical device designed to generate a sequence of numbers that lack any pattern
High quality generators depend on an entropy source like radioactive decay or radio frequency noise
For cryptographic functions, higher levels of entropy are required to work properly
![Page 7: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/7.jpg)
Pseudo
Computational RNG are known as Pseudo RNG
PRNG are “seeded” with a value to generate a series of numbers
![Page 8: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/8.jpg)
SALT
![Page 9: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/9.jpg)
What is a Salt?
Random data added to your input to create better output from one way functions
Useful for defending against dictionary and rainbow table attacks.
![Page 10: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/10.jpg)
Hash
![Page 11: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/11.jpg)
HASH!
![Page 12: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/12.jpg)
Hashing Function (n.)
A Function that represents data of arbitrary size as data of a fixed size.
$ echo 'Hello POSSCON 2015!' | md5
81ad0b0ba5f98e0f584c1cd9a2c324a3
$ echo 'Hello POSSCON 2015' | md5
0c9c470f340aedaba625908939ba3c7b
![Page 13: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/13.jpg)
When to Hash
Use hashing functions when saving the original data would be a liability you have no business dealing with
For Example: Linux Passwords
$6$pWVzxN/iFRstrZ/.$TNBvzXhc8b9SBkl1q36YNvF2DwuS4/7LsICepYgaWCKzM1MS.OBK5TvxrUQ4.I5x5NtqidhBTGobQLOqxBAFe1
![Page 14: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/14.jpg)
Don’t Store The Clear
Credentials should be salted and hashed when stored
During login, salt and hash the password entered and check it against the result you stored
![Page 15: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/15.jpg)
When Hashes Collide
These two blocks have the same md5 hash of 79054025255fb1a26e4bc422aef54eb4
This is called a collision
d131dd02c5e6eec4693d9a0698aff95c 2fcab58712467eab4004583eb8fb7f89 55ad340609f4b30283e488832571415a 085125e8f7cdc99fd91dbdf280373c5b d8823e3156348f5bae6dacd436c919c6 dd53e2b487da03fd02396306d248cda0 e99f33420f577ee8ce54b67080a80d1e c69821bcb6a8839396f9652b6ff72a70
d131dd02c5e6eec4693d9a0698aff95c 2fcab50712467eab4004583eb8fb7f8955ad340609f4b30283e4888325f1415a 085125e8f7cdc99fd91dbd7280373c5bd8823e3156348f5bae6dacd436c919c6 dd53e23487da03fd02396306d248cda0e99f33420f577ee8ce54b67080280d1e c69821bcb6a8839396f965ab6ff72a70
![Page 16: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/16.jpg)
Taste the Rainbow Table
A rainbow table is a precomputed table for reversing cryptographic hash functions, usually for cracking password hashes.
Password MD5 Hash123456 e10adc3949ba59abbe56e057f20f883e
password 5f4dcc3b5aa765d61d8327deb882cf99
![Page 17: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/17.jpg)
You. Must. Hash. Securely.
Cryptographically Secure Hash Function (n.)
A hash function which is infeasible to reverse back to the original message and not subject to collisions
$ echo "hello POSSCON 2015" | shasum -a 512
0d294c5140972735a80131eca426da4838cf5de1b3eb1c8cb51c4bb24823e389d22a36be76be597a5c5a934dd5fada8b75e0986fb6e89329a820c22d96c4be17
![Page 18: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/18.jpg)
Key Derivation
![Page 19: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/19.jpg)
Key Derivation Functions
KDF create new secret keys from a secret value and a known value - like a password
Key Derivation Functions can be used in a “key stretching” routing to enhance hashing functions to provide much more protection from rainbow tables and brute force attacks
![Page 20: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/20.jpg)
Original KDF: crypt
● Invented in 1978 to protect UNIX passwords
● Used only a 12 bit salt● Limited passwords to 8 characters
![Page 21: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/21.jpg)
Modern KDFs
PDKDF2● 64 bit random salt● 5000 iterations of SHA1 (hashing function)
SCRYPT● Consumes large amounts of memory on
purpose
![Page 22: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/22.jpg)
PBKDF2 In A Nutshell™
Password
SALT + Password
Prepend SALT
Intermediate Hash
SHA1
REPEAT SHA1 5000 TIMES
Final Hash
![Page 23: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/23.jpg)
Save the Salt
Store the salt, the resulting hash and the number of iterations in your datastore
You’ll have to calculate the derived key of the credential again to verify it is correct
![Page 24: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/24.jpg)
Symmetric Encryption
![Page 25: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/25.jpg)
Symmetric Encryption
Used when your application needs to protect data at rest (on disk etc) but will need to use those values later
The most common algorithm for symmetric encryption is AES (Advanced Encryption Standard)
It can operate in multiple modes like ECB, CBC, CTR and GCM - each suited to different uses
![Page 26: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/26.jpg)
ECB Mode
Electronic Code BookOperates on blocks of plaintext
![Page 27: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/27.jpg)
Comparing ECB to other modes
http://en.wikipedia.org/wiki/Block_cipher_mode_of_operation
![Page 28: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/28.jpg)
Galois Counter Mode (GCM)
Authenticates and Encrypts Messages
Reduces the opportunity for interference with messages to go undetected
![Page 29: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/29.jpg)
It’s Complicated
Use a well known, well tested cryptographic library / framework - do not write your own!
Do research before shipping your code - make sure you’re using the right primitives / modes for your application
![Page 30: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/30.jpg)
Let’s point and laugh
Some Mistakes Were Made
![Page 31: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/31.jpg)
The Stupid. It Hurts.
![Page 32: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/32.jpg)
Le Sigh.
My password is stored in their database.
It was not hashed or they could not have emailed it to me!
![Page 33: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/33.jpg)
Which is bad because...
A lot of people use the same password everywhere and use their email address as their login!
![Page 34: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/34.jpg)
So...
An attacker that gets this password list can try to log in to all kinds of things as you!
1. email2. banks3. credit reporting4. even NetFlix!
![Page 35: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/35.jpg)
Adobe Hack
Millions of “encrypted” passwords stolenHashed with MD5Large numbers of them found in rainbow tables
Most Common Password: 123456http://stricture-group.com/files/adobe-top100.txt
![Page 36: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/36.jpg)
![Page 37: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/37.jpg)
Beware The Default Settings
Default settings for Android Bouncy Castle starting in 2.1 were not good
Defaulted to ECB mode!
![Page 38: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/38.jpg)
Empirical Study of Android Apps
11,748 applications analyzed5,656 used ECB mode by default3,644 used a constant symmetric key2,000 used ECB mode EXPLICITLY!1,932 used a constant IV1,629 seeded PRNG with static value
![Page 39: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/39.jpg)
Seeding the Pseudo
In 2006 a bug in Debian and Ubuntu caused the PID to be used as the output of the PRNG - only 32,768 possible values!
(hint: that’s not enough!)
![Page 40: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/40.jpg)
UnSalted Hashes
In 2012, LinkedIn password hashes were stolen
They were not salted so 60% of them were cracked
![Page 41: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/41.jpg)
Crisis Averted at Slack
User profile data stolen in February 2015
Passwords hashed with bcrypt and random salts
Change your password anyway...
![Page 42: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/42.jpg)
Unlocking Your Prius
System uses rotating codes in a small rangeSome built in (pre-shared) keys for repair use
No protection from replaying codesBrute force attacks possibleStill under investigation...
![Page 43: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/43.jpg)
Yay!
![Page 44: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/44.jpg)
More Resources For You
https://bitly.com/bundles/andrewwatson/2
![Page 45: How to Use Cryptography Properly: The Common Mistakes People Make When Using Cryptographic Functions](https://reader033.vdocuments.us/reader033/viewer/2022052401/55cc0bf7bb61eb3e798b475b/html5/thumbnails/45.jpg)
@andrewwatsonhttp://andywatson.space/
http://www.ionicsecurity.com/
Thank You