Upgrade to Pro — share decks privately, control downloads, hide ads and more …

How to Secure My Files

Buzzvil
August 05, 2020
230

How to Secure My Files

Buzzvil

August 05, 2020
Tweet

Transcript

  1. Save as Plain Text The hacker uploaded the database dump

    on PasteBin Winwinsoft denied our proposal to negotiate with us. But, we are generous and our window to negotiations is still open. We will disclose every information we have in a few days if the negotiation is denied. Until then, stay tuned :) P.S. Here are some informations that we have. It is dangerous because people generally use the same password on multiple services
  2. Key Derivation Function (KDF) • It derives one or more

    secret keys from a secret value using pseudorandom function • Has the characteristics for a password hash function • DK = KDF(key, salt, iterations) • ex) • PBKDF2: NIST standard, government-friendly • bcrypt • scrypt • argon2: Password Hashing Competition Winner Master Key KDF Secret Key
  3. Our Solutions 1. How to create password securely • Password

    generator 2. How to manage password securely • Password manager 3. How to transfer password securely • TLS 1.2+ 4. How to save password securely • argon2, PBKDF2
  4. Cons of One-Way Hash Function – Speed Original password can

    be found on average of • 9.2 hours on a single core • 1.15 hours on a 8 cores
  5. Hack the Accredited Certificates by Brute-force Attack 공인인증서 크래킹 -

    Inc0gnito 2015 6800 passwords per second in Intel Core i7-4770 Millions per second are also possible.
  6. How the ‘Delete’ Function Works Just marked. The building has

    not been destroyed, so it can be recovered.
  7. In the analog world Real value 11 -11 9 -9

    Threshold 10 -10 10 -10 Read 1 0 1 1
  8. In the analog world Real value 11 -11 9 -9

    Ideal value 10 -10 10 -10 Read 1 0 1 1 Difference 1 -1 -1 1 Amplifier (x10) 10 -10 -10 10 Restored 1 0 0 1
  9. Software-based Overwriting Algorithms for Secure Erasing • DoD 5220.22-M •

    The standard of US • Data is overwritten in order (example: ECE of BCWipe): ▪ 0xD3 → 0x2C → random → a character → 0x95 → 0x6A → random • Gutmann method
  10. Software-based Overwriting Algorithms for Secure Erasing • DoD 5220.22-M •

    The standard of US • Data is overwritten in order (example: ECE of BCWipe): ▪ 0xD3 → 0x2C → random → a character → 0x95 → 0x6A → random • Gutmann method • Designed by Peter Gutmann • Write a series of 35 patterns ▪ random 4 times -> 0x55 → 0xAA → 0x924924 → 0x492492 → 0x249249 → 0x00 → … → 0xFF →0x924924 → 0x492492 → 0x249249 → 0x6DB6DB → 0xB6DB6D → 0xDB6DB6 → random 4 times
  11. The Drawbacks of Erasing Algorithms • Takes long time •

    Reduces the lifetime of data storage • Increases power consumption • Post-treatment is easy to forget • There are some cases we can’t do
  12. Requirement of Cipher for Disk Encryption • Length-preserving • AES-XTS

    • AES-CBC-ESSIV Disk OS Encryption Middleware Write 4096 bytes Write 4096 bytes Read 4096 bytes Read 4096 bytes
  13. Android • How to support lots of devices which do

    not have hardware support for AES? ◦ For TLS, ChaCha20-Poly1305 was the choice of Google
  14. iPhone • On devices running iOS 4–iOS 7 ◦ Open

    the General settings and choose Passcode (or iTouch & Passcode). ◦ Follow the prompts to create a passcode. • On device running iOS 8 ~ ◦ Open the Settings app ◦ Tap Touch ID & Passcode ◦ Follow the prompts to create a passcode.
  15. The Drawbacks of Erasing Algorithms • Takes long time •

    Reduces the lifetime of data storage • Increases power consumption • Post-treatment is easy to forget • There are some cases we can’t do
  16. References • Data erasure • Gutmann method • Crypto-shredding •

    파일의 완전 삭제란 - 제로필과 DoD 5220.22-M 와이핑 (Chrome shows warning now) • Caught On Camera: Berkeley Laptop Theft • Block cipher mode of operation • Ciphertext stealing • Trusted Platform Module • Secure Enclave overview • 하드 드라이브 암호화 문제 해결 • Use FileVault to encrypt the startup disk on your Mac • Do I Really Need FileVault? – MacMyths • About the Apple T2 Security Chip • About encrypted storage on your new Mac • Does the BitLocker Encryption Impact Your Disk Performance? • A Look at the Performance Impact of Hardware-Accelerated AES • Introducing Adiantum: Encryption for the Next Billion Users • 삼성전자, CES서 PCIe 4.0 M.2 SSD 980 Pro 시리즈 공개 : 기사 - 아이폰, 갤럭시S, 안드로이드 스마트폰을 위한 보드나라 모바일