Algorithms, cryptography and protocols DON’T EVER ROLL YOUR OWN PROTOCOL, CRYPTO ALGO, CRYPTO Use this space to add an image. IMPLEMENTATION, OR CRYPTO RNG Insert an image and change the scale to cover this box. ALSO, KEY MANAGEMENT IS VERY VERY HARD 1
Who? Kate Pearce - Head of Security at Trade Me (@secvalve) I work to ensure that the data Trade Me holds for our customers, and the services it provides them, are trusted, trustworthy, and trusty (resilient). Trade Me Multiple millions of Trade Me and its systems are incredibly prevalent in New accounts in a country Zealand: of 4.8 Million ● Marketplace (Auctions, listing goods new & secondhand) (~around 1M under ● Motors (New and used car listings) age 18) ● Property (Rental, Purchase, & Commercial) ● Jobs (Job Listings) ● Payments (Credit Card Processor) > 2 Million Daily ● Holiday Houses interactions ● Dating Trade Me has unparallelled Brand Presence in New Zealand, and the vast majority of New Zealand’s adult population in our systems. @Secvalve -- 2
3 CCSA, https://m.flikr.com/#/photos/4nitsirk
1. Principles & Use this space to add an image. Goals Insert an image and change the scale to cover this box. 2. Building Blocks 3. Protocols Security.ac.nz -- @secvalve - -4
tldr; DO Use Public DO NOT Roll-your-own CONCENTRATE ON Key Algorithms Algo/Function Distribution DO NOT Roll-your-own CONCENTRATE ON Key DO Use Public Protocols Protocol Management DO NOT Roll-your-own DO Use Secure PRNG for PRNG OR Use a Keys non-secure PRNG DO Use a Secure DO NOT Implement your Implementation own DO Use Recommended DO NOT Use Bad, Weak, Cipher Suites or Null Suites DO NOT Hash Secrets DO Use Slow Algorithms with simple or fast and Salt Secret Hashes hashes Security.ac.nz -- @secvalve - -5
This Presentation ● Is aiming at the key things people make mistakes with ● Is not going deep into details ○ Will not tell you which tech or configuration to use ● May have errors because cryptography is hard to do well Security.ac.nz -- @secvalve - -6
Principles & Goals Security.ac.nz -- @secvalve - -7
Protocols - 3 way handshake Use this space to add an image. Insert an image and change the scale to cover this box. Security.ac.nz -- @secvalve - -8
Principles - 3 Way handshake Hello, shall we talk? Sure, still good to talk? Yep! ….*starts talking* *talking intensifies* Security.ac.nz -- @secvalve - -9
Principles - 3 Way handshake SYN SYN ACK ACK ACK ACK ACK ACK ACK ACK Security.ac.nz -- @secvalve - -10
Cryptography Use this space to add an image. Insert an image and change the scale to cover this box. Security.ac.nz -- @secvalve - -11
Principles Cryptography Security.ac.nz -- @secvalve - -12
Principles Cryptography Security.ac.nz -- @secvalve - -13
Principles Secret Writing Cryptography Security.ac.nz -- @secvalve - -14
Principles Cryptography is Control Cryptography is Economics Cryptography is Openness Kerckhoffs's Principle - “A cryptosystem should be secure even if everything about the system, except the key, is public knowledge.” Shannon’s Maxim - “The enemy knows the system” Security.ac.nz -- @secvalve - -15
Cryptography Goals Confidentiality - Privacy Authenticity - Sender Integrity - Message Security.ac.nz -- @secvalve - -16
Primitives, and Building Blocks Security.ac.nz -- @secvalve - -17
Some Key Primitives (and components) Not going over all this in detail Public and Symmetric Private Message Keys Hashes Integrity Keys Codes Pseudo Random Trapdoor (one-way) Keys Number XOR S-BOX Function Generator (PRNG) Security.ac.nz -- @secvalve - -18
Symmetric Encryption Use this space to add an image. Insert an image and change the scale to cover this box. Security.ac.nz -- @secvalve - -19
Symmetric Cryptography Encryption ABCDEF W8$fd3 Cipher (Plaintext) (Ciphertext) Key BCDEFG X = 1 ABCDEF NOPQRS ROT(X) X = 13 X = 17 RSTUVW Security.ac.nz -- @secvalve - -20
Symmetric Cryptography BCDEFG X = 1 NOPQRS X = 13 ROT(X) ABCDEF X = 17 RSTUVW Key Decryption W8$fd3 ABCDEF (Plaintext) Cipher (Ciphertext) Security.ac.nz -- @secvalve - -21
Symmetric Cryptography Encryption ABCDEF W8$fd3 Cipher (Plaintext) (Ciphertext) Key Decryption W8$fd3 ABCDEF (Plaintext) Cipher (Ciphertext) Security.ac.nz -- @secvalve - -22
Hashing and Trapdoor Functions Use this space to add an image. Insert an image and change the scale to cover this box. Security.ac.nz -- @secvalve - -23
Hashing and Trapdoor Functions Is this the same? Security.ac.nz -- @secvalve - -24
Hashing and Trapdoor Functions They had a red shirt Security.ac.nz -- @secvalve - -25
Hashing and Trapdoor Functions The number has a remainder of 1 when divided by 2 Security.ac.nz -- @secvalve - -26
Hashing and Trapdoor Functions The number has a remainder of 5 when divided by 15 Security.ac.nz -- @secvalve - -27
Hashing and Trapdoor Functions The number has a remainder of 11 when divided by 73 Security.ac.nz -- @secvalve - -28
Hashing and Trapdoor Functions They had a red shirt And green gumboots And a lot of hair And mittens And were a cat Security.ac.nz -- @secvalve - -29
Hashing and Trapdoor Functions Hashing SA#2KH ABCDEF gfh@f*2 Hash (Plaintext) (Hash) Security.ac.nz -- @secvalve - -30
Hashing and Trapdoor Functions Hashing cannot go the other way, as information is lost Red Shirt? Security.ac.nz -- @secvalve - -31
Hashing and Trapdoor Functions Hashing cannot go the other way, as information is lost But it may tell you enough to be confident something is the same to the hashed thing Security.ac.nz -- @secvalve - -32
Hashing and Trapdoor Functions Hashing can be used to verify authenticity Message A X Message b Hash(Msg A Message must A + MsgB) have come after Message C Hash(Msg those it signs B + MsgC) Message D Hash(Msg A past message cannot C + MsgD) be altered without Message e Hash(Msg breaking the later hashes D + MsgE) Security.ac.nz -- @secvalve - -33
Asymmetric Encryption Use this space to add an image. Insert an image and change the scale to cover this box. Security.ac.nz -- @secvalve - -34
Asymmetric Encryption? We can gain security from with operations that are vastly more difficult to reverse without some useful information Security.ac.nz -- @secvalve - -35
Asymmetric Encryption? We can gain security from with operations that are vastly more difficult to reverse without some useful information Security.ac.nz -- @secvalve - -36
Asymmetric Encryption? We can gain security from with operations that are vastly more difficult to reverse without some useful information Go through the hidden trapdoor activated by the statue’s eye Or, in mathematics: factoring numbers Security.ac.nz -- @secvalve - -37
Asymmetric Encryption? How do we protect our communications if we’ve never met? How do we share a key without observers being able to use it? With Public-Key Cryptography Security.ac.nz -- @secvalve - -38
Asymmetric Cryptography PRIVATE PUBLIC KEY KEY PRIVATE NEEDS TO BE SHARED NEVER SHARED EVER Shared PUBLICLY PRIVATE NEEDS TO BE SHARED Security.ac.nz -- @secvalve - -39
Asymmetric Cryptography K = ABC PRIVATE $(*2e4d RSA(k) DEF KEY K = PUBLIC KEY ABC RSA(k) DEF Security.ac.nz -- @secvalve - -40
Asymmetric Cryptography K = ABC PRIVATE $(*2e4d RSA(k) DEF KEY K = PUBLIC ABC RSA(k) KEY DEF Security.ac.nz -- @secvalve - -41
Asymmetric Cryptography SO WHAT? We now know: - If something is encrypted with a Public Key it can only be read with the corresponding private key - If something decrypts with a Public Key it was encrypted with the corresponding private key Now each party has a way to communicate to the other party secretly. Security.ac.nz -- @secvalve - -42
Asymmetric Cryptography Now each party has a way to communicate to the other party secretly. Example: (NOT HOW Diffie-Hellman Key Exchange WORKS) 1. BOTH Publicly: Let’s use our a common word “peregrine” 2. Alice sends a message [encrypted with Bob’s public Key] to use the secret word “ Opossum ” a. Only Bob can read this 3. Bob sends Alice a message [encrypted with his private key and then her public key] and then his to use the secret word “ WeaselSquawk ” a. Only Bob can have sent this, Only Alice can read it They now have a key to use for symmetric encryption: peregrineOpossumWeaselSquawk Security.ac.nz -- @secvalve - -43 Exercise: Find the vulnerability in this method (Hint: how does Bob Auth Alice?)
Asymmetric Cryptography Why not use Public-private cryptography all the time? It is thousands of times more computationally intensive (And key reuse should be avoided) Security.ac.nz -- @secvalve - -44
Signing and Message Integrity Codes Use this space to add an image. Insert an image and change the scale to cover this box. Security.ac.nz -- @secvalve - -45
Recommend
More recommend