Security and Cryptography in Linux

EGLUG session presented by – Amr Ali

Key points

● What the word “hacker” means?● Cryptography? You mean the username/password thing?● Security is NOT Cryptography.● Is there a security mindset?● I'm not a gov agency, why should I care about security?● Security through obscurity? Pffft .. yeah right.● Linux way of applying security measures and practical cryptography.

A hacker

Hacker (noun): Is an intelligent, talented, and innovative person that have a combination of skills that allows him/her to bring innovation to reality.

A hacker could be, an inventor, a programmer (mainly), a systems engineer, or anyone that could think outside of the box and bring ideas and solutions that are not present.

Cryptography, what?

Cryptography is not the username/password fields, this is called authentication, in the other hand, cryptography is thee art of encryption, which turns plain text to cipher text.

/* Authentication */Username: AlicePassword: ******

/* Cryptography (Encryption) */“I'm welling to pay you the agreed amount of money which is $2000.” ---> “AB76CD5E9F0F77D6A55E2A....”

As we can see encryption something really we don't see on daily bases if not at all, because most of the time it is implemented to be transparent to the user.

Security is not cryptography!

Cryptography is a security field, not security it self.

A cryptographer: is a person that makes (en/de)cryption algorithms to be implemented into a certain manner.

A security engineer: is a person that implements cryptographic algorithms into applications.

The strongest part of any security system is cryptography, however implementation might have weaknesses.

Security Minds

Being a security engineer is really not just a title and a high salary job with a pile of certifications. NO!

It takes dedication and hard work to “develop” security aware mind, for example ....

A security engineer would think if he could ...

● Shoplift at the mall while he's shopping, and how to exploit a certain vulnerability in the system itself.● Steal a car from the repair shop by knowing the car's owner last name.● Etc....

Security for everybody

Y'all might ask yourselves, why should I have security measures in my company network or home computer?

The answer is very simple, it is like giving out your car's keys to a stranger, if you didn't protect the key and the car, someone else going to make use of them, and 99% of the time it is not going to be in your best interest.

Security through obscurity

This security scheme of providing security by secrecy is proven to be defunct for many reasons, despite the fact that it does not really make your system any stronger, but rather weaker.

From an attacker point of view, if you are following this scheme, you are basically making it harder to probe your system for security weaknesses, however that exact measure gives a higher probability that there are weaknesses in the system, which once found, your whole product becomes vulnerable to that weakness and with time, exploitation is inevitable.

The good way to go is to harden the security design itself so you don't have to worry about reverse engineering, besides, it gives more confidence to your future client, that he knows what exactly is happening.

The Linux Way

Linux gives us the freedom to apply cryptographic measures without doing any coding at all. There are hundreds of tools and resources Linux provides, we will have a look at them in the following order ....

● /dev/random & /dev/urandom● aespipe, loop-aes and dm-crypt (weaker due to design)● Sha1sum, sha256sum, sha512sum, md5sum (INSECURE)

/dev/random & /dev/urandom

/dev/random: is a TRNG or a True Random Number Generator, it uses different sources as entropy (e.g hardware clocks, network traffic, etc...). This character device provides very high level of entropy, however if the internal pool got exhausted, it blocks until more environmental noise is available.

/dev/urandom: (“unlocked” random) is a CSPRNG or a Cryptographically Secure Pseudo Random Number Generator, the big difference here is that it reuses the pool after it gets exhausted, which in return a bit less entropy in the output than its counter part /dev/random.

aespipe, loop-aes & dm-crypt

aespipe: I guess its name explains its function pretty well, but it is basically an application that you could pipe through plain-text data and get cipher-text data as output, which in result makes it a very good handy tool in your cryptographic collection.

Examples:~# echo “Cryptos are fun” | aespipe -e aes256 -H sha512~# mkisofs -r /home/d4de | aespipe -e aes196 -T > image.iso

As we can see in the first example, we just simply encrypted the phrase “Cryptos are fun” with AES256 cipher and hashed the key with SHA512, simple enough?

Now if you are going after encrypting an ISO image file and then burn it to a blank CD, so you would be asked for a password to be able to mount the CD; this one line in the second example should do it for you.

aespipe, loop-aes & dm-crypt

loop-aes: Is just your normal loop device except it provides encryption/decryption with the use of AES ciphers. As we speak loop-aes have patches for kernels up to 2.6.27, however if you are going to use the bleeding edge 2.6.28, I'm afraid that you are going to patch your kernel like I did myself.

dm-crypt: This is a weak alternative to loop-aes for those who want easy setup for their encrypted partitions, I said this is weak but not insecure because of the fact that it is actually hard to mount an attack on its design flaw but still feasible. The flaw is that dm-crypt stores key information and other arguments in the first block in the encrypted disk or partition, which makes it possible to identify the cipher used in the encryption process with the possibility of extracting more information from it.

Personally I took the effort of manually patching my kernel for loop-aes.

shaXsum and md5sum

Some of you might have heard about hashes before, they are implemented in many ways nowadays, but the most known ones are checking against a password by storing the computed hash for the password and compare it to the provided password's computed hash.

SHA Family is a suite-b NSA cryptographic hashing algorithms, which are pretty good compared to MD5 which is made by RSA Labs.

Examples:~# echo “Cryptos are fun” | sha1sum~# sha256sum /home/d4de/somefile -b

I meant to not give an example for MD5, because as of december 2008 at CCC conference, a practical collision attack mounted successfully which caused to forge and validate intermediate SSL certificates, in result most if not all CA's changed their hash algorithms to SHA or some strong equivalent.

Final words

Please remember the following points ...

(1) A hacker is not a cracker.(2) Security mindset is something you need to develop, not to “purchase”.(3) Cryptography is NOT Security.(4) A strong cryptographic cipher weakly implemented makes your “security” vulnerable, but that does NOT mean that the cipher is weak.(5) Hire a thief to teach you how to protect your car, do NOT hire a cop.

This presentation will be available at my website at (http://amr-ali.co.cc).

Security and Cryptography in Linux

EGLUG session presented by – Amr Ali

Key points

● What the word “hacker” means?● Cryptography? You mean the username/password thing?● Security is NOT Cryptography.● Is there a security mindset?● I'm not a gov agency, why should I care about security?● Security through obscurity? Pffft .. yeah right.● Linux way of applying security measures and practical cryptography.

A hacker

Hacker (noun): Is an intelligent, talented, and innovative person that have a combination of skills that allows him/her to bring innovation to reality.

A hacker could be, an inventor, a programmer (mainly), a systems engineer, or anyone that could think outside of the box and bring ideas and solutions that are not present.

Cryptography, what?

Cryptography is not the username/password fields, this is called authentication, in the other hand, cryptography is thee art of encryption, which turns plain text to cipher text.

/* Authentication */Username: AlicePassword: ******

/* Cryptography (Encryption) */“I'm welling to pay you the agreed amount of money which is $2000.” ---> “AB76CD5E9F0F77D6A55E2A....”

As we can see encryption something really we don't see on daily bases if not at all, because most of the time it is implemented to be transparent to the user.

Security is not cryptography!

Cryptography is a security field, not security it self.

A cryptographer: is a person that makes (en/de)cryption algorithms to be implemented into a certain manner.

A security engineer: is a person that implements cryptographic algorithms into applications.

The strongest part of any security system is cryptography, however implementation might have weaknesses.

Security Minds

Being a security engineer is really not just a title and a high salary job with a pile of certifications. NO!

It takes dedication and hard work to “develop” security aware mind, for example ....

A security engineer would think if he could ...

● Shoplift at the mall while he's shopping, and how to exploit a certain vulnerability in the system itself.● Steal a car from the repair shop by knowing the car's owner last name.● Etc....

Security for everybody

Y'all might ask yourselves, why should I have security measures in my company network or home computer?

The answer is very simple, it is like giving out your car's keys to a stranger, if you didn't protect the key and the car, someone else going to make use of them, and 99% of the time it is not going to be in your best interest.

Security through obscurity

This security scheme of providing security by secrecy is proven to be defunct for many reasons, despite the fact that it does not really make your system any stronger, but rather weaker.

From an attacker point of view, if you are following this scheme, you are basically making it harder to probe your system for security weaknesses, however that exact measure gives a higher probability that there are weaknesses in the system, which once found, your whole product becomes vulnerable to that weakness and with time, exploitation is inevitable.

The good way to go is to harden the security design itself so you don't have to worry about reverse engineering, besides, it gives more confidence to your future client, that he knows what exactly is happening.

The Linux Way

Linux gives us the freedom to apply cryptographic measures without doing any coding at all. There are hundreds of tools and resources Linux provides, we will have a look at them in the following order ....

● /dev/random & /dev/urandom● aespipe, loop-aes and dm-crypt (weaker due to design)● Sha1sum, sha256sum, sha512sum, md5sum (INSECURE)

/dev/random & /dev/urandom

/dev/random: is a TRNG or a True Random Number Generator, it uses different sources as entropy (e.g hardware clocks, network traffic, etc...). This character device provides very high level of entropy, however if the internal pool got exhausted, it blocks until more environmental noise is available.

/dev/urandom: (“unlocked” random) is a CSPRNG or a Cryptographically Secure Pseudo Random Number Generator, the big difference here is that it reuses the pool after it gets exhausted, which in return a bit less entropy in the output than its counter part /dev/random.

aespipe, loop-aes & dm-crypt

aespipe: I guess its name explains its function pretty well, but it is basically an application that you could pipe through plain-text data and get cipher-text data as output, which in result makes it a very good handy tool in your cryptographic collection.

Examples:~# echo “Cryptos are fun” | aespipe -e aes256 -H sha512~# mkisofs -r /home/d4de | aespipe -e aes196 -T > image.iso

As we can see in the first example, we just simply encrypted the phrase “Cryptos are fun” with AES256 cipher and hashed the key with SHA512, simple enough?

Now if you are going after encrypting an ISO image file and then burn it to a blank CD, so you would be asked for a password to be able to mount the CD; this one line in the second example should do it for you.

aespipe, loop-aes & dm-crypt

loop-aes: Is just your normal loop device except it provides encryption/decryption with the use of AES ciphers. As we speak loop-aes have patches for kernels up to 2.6.27, however if you are going to use the bleeding edge 2.6.28, I'm afraid that you are going to patch your kernel like I did myself.

dm-crypt: This is a weak alternative to loop-aes for those who want easy setup for their encrypted partitions, I said this is weak but not insecure because of the fact that it is actually hard to mount an attack on its design flaw but still feasible. The flaw is that dm-crypt stores key information and other arguments in the first block in the encrypted disk or partition, which makes it possible to identify the cipher used in the encryption process with the possibility of extracting more information from it.

Personally I took the effort of manually patching my kernel for loop-aes.

shaXsum and md5sum

Some of you might have heard about hashes before, they are implemented in many ways nowadays, but the most known ones are checking against a password by storing the computed hash for the password and compare it to the provided password's computed hash.

SHA Family is a suite-b NSA cryptographic hashing algorithms, which are pretty good compared to MD5 which is made by RSA Labs.

Examples:~# echo “Cryptos are fun” | sha1sum~# sha256sum /home/d4de/somefile -b

I meant to not give an example for MD5, because as of december 2008 at CCC conference, a practical collision attack mounted successfully which caused to forge and validate intermediate SSL certificates, in result most if not all CA's changed their hash algorithms to SHA or some strong equivalent.

Final words

Please remember the following points ...

(1) A hacker is not a cracker.(2) Security mindset is something you need to develop, not to “purchase”.(3) Cryptography is NOT Security.(4) A strong cryptographic cipher weakly implemented makes your “security” vulnerable, but that does NOT mean that the cipher is weak.(5) Hire a thief to teach you how to protect your car, do NOT hire a cop.

This presentation will be available at my website at (http://amr-ali.co.cc).