Secure Networking, Connect Tech 2017

Transcript

1. Secure Networking Bolot Kerimbaev, Big Nerd Ranch

2. None

3. History

4. Caesar Cipher https://en.wikipedia.org/wiki/Caesar_cipher En(x) = (x + n) mod 26

   Dn(x) = (x - n) mod 26

5. Four Square https://en.wikipedia.org/wiki/Four-square_cipher a b c d e E X

   A M P f g h i j L B C D F k l m n o G H I J K p r s t u N O R S T v w x y z U V W Y Z K E Y W O a b c d e R D A B C f g h i j F G H I J k l m n o L M N P S p r s t u T U V X Z v w x y z Plaintext: he lp me ob iw an ke no bi Ciphertext: FY GM KY HO BX MF KK KI MD

6. Substitution

7. https://en.wikipedia.org/wiki/Scytale

8. Transposition | | | | | | | | I

   | a | m | h | u | | __| r | t | v | e | r |__| | | y | b | a | d | l | | | y | H | E | L | P | | | | | | | | IryyatbHmvaEhedLurlP I am hurt very badly HELP
9. None

10. https://en.wikipedia.org/wiki/al-Khwarizmi https://en.wikipedia.org/wiki/Al-Kindi

11. https://en.wikipedia.org/wiki/Coffee

12. Mechanized https://en.wikipedia.org/wiki/Jefferson_disk https://en.wikipedia.org/wiki/Cipher_disk

13. Polyalphabetic https://en.wikipedia.org/wiki/Vigenère_cipher Key: ABCDABCDABCDABCDABCDABCDABCD Plaintext: CRYPTOISSHORTFORCRYPTOGRAPHY Ciphertext: CSASTPKVSIQUTGQUCSASTPIUAQJB

14. None
15. None

16. Enigmatic https://en.wikipedia.org/wiki/C-36_(cipher_machine) https://en.wikipedia.org/wiki/CD-57 https://en.wikipedia.org/wiki/Kryha https://en.wikipedia.org/wiki/M-209 https://en.wikipedia.org/wiki/Enigma_machine

17. Padding https://en.wikipedia.org/wiki/The_world_wonders TURKEY TROTS TO WATER GG FROM CINCPAC ACTION

    COM THIRD FLEET INFO COMINCH CTF SEVENTY-SEVEN X WHERE IS RPT WHERE IS TASK FORCE THIRTY FOUR RR THE WORLD WONDERS DEAR SIR, THIS IS A SECRET MESSAGE YOURS SINCERELY
18. None

19. Diffie Hellman Key Exchange Alice Bob Beyonce Beatrice Bruce

20. Public Key Cryptography https://en.wikipedia.org/wiki/Diffie–Hellman_key_exchange

21. RSA https://en.wikipedia.org/wiki/RSA_(cryptosystem) https://ivokoller.com/rsa-part-3/ c ≡ me (mod n) cd ≡

    (me)d ≡ m (mod n) n = pq d * e ≡ 1 (mod n) n, d – private key n, e – public key d = (k * ɸ(n) + 1)/e

22. RSA n = 161,521,746,670,640,296,426,473,658,228,859,984, 306,663,144,318,152,681,524,054,709,078,245,736,590, 366,297,248,377,298,082,656,939,330,673,286,493,230, 336,261,991,466,938,596,691,073,112,968,626,710,792, 148,904,239,628,873,374,506,302,653,492,009,810,626, 437,582,587,089,465,395,941,375,496,004,739,918,498, 276,676,334,238,241,465,498,030,036,586,063,929,902,

    368,192,004,233,172,032,080,188,726,965,600,617,167 http://jensign.com/JavaScience/dotnet/CSPPrimes/index.html p = 13,144,131,834,269,512,219,260,941,993,714,669,605, 006,625,743,172,006,030,529,504,645,527,800,951,523, 697,620,149,903,055,663,251,854,220,067,020,503,783, 524,785,523,675,819,158,836,547,734,770,656,069,477 q = 12,288,506,286,091,804,108,262,645,407,658,709,962, 803,358,186,316,309,871,205,769,703,371,233,115,856, 772,658,236,824,631,092,740,403,057,127,271,928,820, 363,983,819,544,292,950,195,585,905,303,695,015,971 FA F7 2D 97 66 5C 47 66 B9 BB 3C 33 75 CC 54 E0 71 12 1F 90 B4 AA 94 4C B8 8E 4B EE 64 F9 D3 F8 71 DF B9 A7 05 55 DF CE 39 19 3D 1B EB D5 FA 63 01 52 2E 01 7B 05 33 5F F5 81 6A F9 C8 65 C7 65 EA A0 F7 B0 11 D8 58 BC 1F E7 D9 EA E6 2B E3 68 48 39 7A 0C 16 5D E3 58 95 DB B7 CB E8 F0 24 B4 65 62 5A EB 28 08 79 0A 30 53 18 C5 36 35 DC 5C F6 66 77 44 F2 B4 BA 46 CF 30 0A DF 05 AE 40 23 E6 03 BC F9 FA 9B 40 5C D8 51 AC 0A 3D 33 F9 12 0C 89 57 E7 98 25 C2 A5 BD AE 35 00 0C 5E 6B 1D 30 21 62 20 0D D3 56 59 C2 AE 13 8E FF 1E 6B B3 94 A7 45 F0 F8 71 B8 AF 86 13 71 10 6F A0 DB 08 7C 74 AC 64 DF 7C 8B 41 F3 36 3F 7A 79 1D 83 3D 68 02 90 52 3F C7 4D 0B 99 26 07 44 68 1B FE 8C C7 0B 67 7D 15 D1 54 6A 34 F2 F4 D3 61 A4 3F ED 28 55 52 39 47 14 20 E4 1A 82 E7 4D 57 69 82 CF

23. RSA d = 41,898,007,131,862,688,851,336,682,940,790, 999,484,463,332,978,448,747,820,451,501,508,005,821, 475,444,818,243,471,841,362,973,098,686,565,541,150, 570,146,885,787,493,140,609,789,099,942,329,777,897, 729,009,552,119,041,834,459,756,156,737,774,704,660, 390,263,044,954,441,300,965,889,554,289,955,246,646, 459,293,357,418,064,290,859,538,858,002,497,217,075,

    149,520,884,160,660,726,287,315,820,627,693,535,591 e = 65537

24. AES https://en.wikipedia.org/wiki/Advanced_Encryption_Standard http://www.moserware.com/2009/09/stick-figure-guide-to-advanced.html Big idea #1: Confusion Big idea #2:

    Diffusion Big idea #3: Secrecy only in the key

25. Cryptanalysis • Faulty key generation • Random number generator •

    Timing attacks • Adaptive chosen cipher text attacks • Side-channel analysis attacks

26. ECB CBC CTR

27. Block Cipher Uses • Stream ciphers • Cryptographic hash functions

    • Cryptographically secure PRNG • Message authentication codes • Authenticated encryption

28. Hash https://en.wikipedia.org/wiki/Cryptographic_hash_function https://en.wikipedia.org/wiki/SHA-1

29. OTP vs ITP https://en.wikipedia.org/wiki/Gilbert_Vernam + = https://en.wikipedia.org/wiki/One-time_pad

30. TCP/IP

31. TCP/IP Stack Application Presentation Session Transport Network Datalink Physical HTTP,

    IRC, FTP, TFTP, SSH, Telnet, SMTP, POP, IMAP, SNMP NFS XDR RPC TCP, UDP IP / ICMP ARP, RARP, Ethernet CAT5 https://en.wikipedia.org/wiki/Internet_protocol_suite

32. Data Encapsulation Frame Header IP Header TCP Header Data Frame

    Footer Application Transport Internet Link IP Header TCP Header Data TCP Header Data Data https://en.wikipedia.org/wiki/Internet_protocol_suite

33. TCP Connection https://en.wikipedia.org/wiki/Transmission_Control_Protocol

34. TLS

35. Certificate

36. PKI

37. TLS Handshake https://blog.cloudflare.com/keyless-ssl-the-nitty-gritty-technical-details/

38. Wireshark

39. TLS Versions https://en.wikipedia.org/wiki/Transport_Layer_Security

40. Attacks on TLS https://en.wikipedia.org/wiki/Transport_Layer_Security

41. okhttp

42. okhttp

43. OWASP

44. Questions? • @bolot • @bignerdranch • BNR Android Security Course

    – coming soon