Upload
adam-englander
View
136
Download
0
Embed Size (px)
Citation preview
@adam_englander
Tales From the CryptoA Cryptography Primer
@adam_englander
Who Am I?
@adam_englander
We are going to talk about the common methods and terms used for
cryptography in application development
@adam_englander
What is Cryptography?
@adam_englander
Cryptography…is the practice and study of techniques for secure communication in the presence of third parties called adversaries.
Wikipedia
@adam_englander
Cryptography obscures data in such a way that it is costly to
duplicate or difficult to reverse.
@adam_englander
Good cryptography makes it extremely difficult to identify patterns
in the obscured data.
@adam_englander
Type of Cryptography We Will Cover
• Encryption/Decryption
• Digital Signatures
• Hashing
@adam_englander
Encryption
@adam_englander
Encrypting data ensures only certain parties can read it.
@adam_englander
Encrypted data can be decrypted.
@adam_englander
Encryption uses mathematical algorithms called ciphers.
@adam_englander
The ciphers use secrets called cipher keys.
@adam_englander
Cipher keys can be symmetric (shared secrets) or asymmetric
(public key cryptography).
@adam_englander
Symmetric Key Encryption
@adam_englander
Symmetric key encryption applies ciphers against data producing a
cipher text.
@adam_englander
There are two types of symmetric key ciphers:
stream and block.
@adam_englander
Stream ciphers use a cipher key with a cryptographically secure
pseudorandom cipher digit stream called a keystream to
product the cipher text.
@adam_englander
Cryptographically secure pseudorandom values are
issued to be random enough not to generate distinguishable
patterns.
@adam_englander
Block ciphers execute against a fixed length group of bits.
@adam_englander
Cipher Block Execution Modes
@adam_englander
Electronic Cookbook (ECB)
@adam_englander
DO NOT USE ECB!
@adam_englander
Electronic cookbook encrypts each block separately.
@adam_englander
@adam_englander
It is not secure as patterns are created from the same data resulting
in the same cipher text.
@adam_englander
If you manage to decrypt one block of the cipher text, you can now
decrypt all of the others.
@adam_englander
Plain ECB CBC
Mode Comparison
Tux the Penguin, the Linux mascot. Created in 1996 by Larry Ewing with The GIMP.
@adam_englander
DO NOT USE ECB!
@adam_englander
Block Chain and Feedback Modes: CBC, CFB, and OFB
@adam_englander
All use an initialization vector (IV) to provide the chain/feedback on the
first block.
@adam_englander
All base the cipher value of the current block on some portion of
the previous block.
@adam_englander
@adam_englander
@adam_englander
@adam_englander
Unless you have a specific use case, use CBC.
@adam_englander
Use PKCS7 padding as it is secure and has the widest compatibility.
@adam_englander
Asymmetric Key Encryption: Public Key Cryptography
@adam_englander
Public Key Cryptography use key pairs, public/private.
@adam_englander
Public keys can be disseminated to anyone.
@adam_englander
Public keys can encrypt data but cannot decrypt the data it
encrypts.
@adam_englander
Private keys are secret.
@adam_englander
Public keys can encrypt and decrypt data.
@adam_englander
Public Key Cryptography Implementations
@adam_englander
RSA is the only form available in PHP.
@adam_englander
RSA encryption is computationally expensive
using very large prime integers and exponential computation.
@adam_englander
RSA encryption is limited to the amount of data it can encrypt
based on the size of the private key.
@adam_englander
RSA encryption is often used to exchange secret keys for symmetric key encryption.
@adam_englander
The Diffie/Hellmen key exchange in SSL/TLS is a great example.
@adam_englander
Diffie-Hellman Key Exchange
The “Common Paint” is a random number generated on the client and
encrypted with the public key from the server. It is transmitted to the server and decrypted using the private key. They
negotiate a shared secret and then utilize symmetric key encryption with that secret to communicate further.
@adam_englander
Always use PKCS1 OAEP Padding. PKCS#1 v1.5 is the PHP default but
must not be used.
@adam_englander
Hashing
@adam_englander
Hashes can not be reversed. They can only be recreated and verified.
@adam_englander
Hashing data is used to verify the integrity of data or store the
data obscured.
@adam_englander
Electronic Signatures
@adam_englander
Hashes are used in conjunction with secrets to create electronic
signatures.
@adam_englander
Symmetric Key Signatures
@adam_englander
Symmetric key signatures are known as a Hash-based Message
Authentication Code or HMAC
@adam_englander
HMACs use a hashing algorithm in combination with a shared secret to
generate a verifiable hash.
@adam_englander
The minimum hashing algorithm for an HMAC is SHA-1. SHA-256 or
better is preferred.
@adam_englander
Key size determines the cryptographic strength of the
signature.
@adam_englander
Asymmetric Key Signatures
@adam_englander
The private key is used to sign the data.
@adam_englander
The public key is used to verify the signature.
@adam_englander
RSA is the only asymmetric key signature available in PHP.
@adam_englander
The amount of data RSA can sign is based on the size of the private key.
@adam_englander
RSA uses hashing algorithms for data larger than the key allows.
@adam_englander
SHA1 is the “suggested” minimum hashing algorithm for RSA.
@adam_englander
Password Hashing
@adam_englander
Hashes are used for passwords or any value that will be
presented for verification.
@adam_englander
Proper password hashing is done via a Key Derivation Function (KDF).
@adam_englander
Never use a standard hashing algorithm for passwords EVER!
@adam_englander
Key derivation functions use a “salt” to create differentiation for the same
password.
@adam_englander
Key derivation functions apply the salted hash for a defined iteration
count.
@adam_englander
Hashes must be cryptographically pseudorandom and large.
@adam_englander
Iteration counts must be as large as can be tolerated.
@adam_englander
HASH UNTIL IT HURTS!
@adam_englander
PHP provides PBKDF2 and BCRYPT for password hashing.
@adam_englander
It also provides convenience functions: http://php.net/manual/en/
ref.password.php
@adam_englander
Suggestions
@adam_englander
Encrypt all data that is secret or private.
@adam_englander
Sign all significant data in transit.
@adam_englander
Use the strongest encryption you can support.
@adam_englander
Do NOT use rand() or mt_rand() to generate keys or IVs. Use
Use random_bytes().
paragonie/random_compat is a PHP 5.x polyfill.
@adam_englander
Use the OpenSSL extension for everything but password hashing
@adam_englander
If you are writing a library, you can use phpseclib/phpseclib as
an abstraction layer to OpenSSL, MCrypt, or no crypto
extensions installed.
@adam_englander
Use OPENSSL_PKCS1_OAEP_PADDING
for RSA encryption and OPENSSL_ALGO_SHA256/384/512 for
signatures
@adam_englander
Use aes-256-cbc for symmetric key encryption and
aes-256-cbc-hmac-sha256 for symmetric key signatures
@adam_englander
Use built in password hashing functions to do it right.
@adam_englander
Use a large number of iterations. Shoot for at least 500ms of hashing.
@adam_englander
Further Reading
• http://php.net/manual/en/book.openssl.php
• http://php.net/manual/en/function.password-hash.php
• http://php.net/manual/en/book.csprng.php
• https://github.com/phpseclib/phpseclib
• Wikipedia
@adam_englander
20162016