How to Secure My Files

Transcript

1. How to Secure My Files 2020-08-05 Brice

2. None

3. Network

4. Network Security

5. Network Security

6. Network Security

7. Network Security

8. Network Security

9. Network Security How to Secure My Files

10. The States of Digital Data

11. The States of Digital Data

12. None
13. None
14. None

15. How to Secure Your Secret 2019.05.08 Brice Bang Buzzvil

16. Security Chain

17. How to save password securely

18. The Updated Version of This Naver Blog https://d2.naver.com/helloworld/318732

19. Save as Plain Text I don’t know

20. Save as Plain Text The hacker uploaded the database dump

    on PasteBin Winwinsoft denied our proposal to negotiate with us. But, we are generous and our window to negotiations is still open. We will disclose every information we have in a few days if the negotiation is denied. Until then, stay tuned :) P.S. Here are some informations that we have. It is dangerous because people generally use the same password on multiple services

21. Key Derivation Function (KDF) • It derives one or more

    secret keys from a secret value using pseudorandom function • Has the characteristics for a password hash function • DK = KDF(key, salt, iterations) • ex) • PBKDF2: NIST standard, government-friendly • bcrypt • scrypt • argon2: Password Hashing Competition Winner Master Key KDF Secret Key

22. How About Buzzvil

23. How About Buzzvil

24. How to save password securely

25. How to save password securely A. Use argon2 or PBKDF2

26. None

27. Our Solutions 1. How to create password securely • Password

    generator 2. How to manage password securely • Password manager 3. How to transfer password securely • TLS 1.2+ 4. How to save password securely • argon2, PBKDF2
28. None
29. None

30. Public PC on 3rd floor

31. Please delete the accredited certificate after using the public PC

32. Remaining Accredited Certificates in the Public PC on 4, Oct.

    2020

33. Cons of One-Way Hash Function – Speed Original password can

    be found on average of • 9.2 hours on a single core • 1.15 hours on a 8 cores

34. Hack the Accredited Certificates by Brute-force Attack 공인인증서 크래킹 -

    Inc0gnito 2015 6800 passwords per second in Intel Core i7-4770 Millions per second are also possible.

35. The Safest Way, Degaussing or Destruct

36. Prison: Welcome :)

37. None
38. None
39. None
40. None

41. Deleted Files Can Be Recovered

42. How the ‘Delete’ Function Works Just marked. The building has

    not been destroyed, so it can be recovered.

43. Overwrite

44. Download Big File

45. Zero-fill (Quick Format / Low Level Format)

46. We’re Living in the Analog World

47. In the analog world Real value 11 -11 9 -9

    Threshold 10 -10 10 -10 Read 1 0 1 1

48. In the analog world Real value 11 -11 9 -9

    Ideal value 10 -10 10 -10 Read 1 0 1 1 Difference 1 -1 -1 1 Amplifier (x10) 10 -10 -10 10 Restored 1 0 0 1

49. Increase the number of times the data is overwritten

50. Software-based Overwriting Algorithms for Secure Erasing • DoD 5220.22-M •

    Gutmann method

51. Software-based Overwriting Algorithms for Secure Erasing • DoD 5220.22-M •

    The standard of US • Data is overwritten in order (example: ECE of BCWipe): ▪ 0xD3 → 0x2C → random → a character → 0x95 → 0x6A → random • Gutmann method

52. Software-based Overwriting Algorithms for Secure Erasing • DoD 5220.22-M •

    The standard of US • Data is overwritten in order (example: ECE of BCWipe): ▪ 0xD3 → 0x2C → random → a character → 0x95 → 0x6A → random • Gutmann method • Designed by Peter Gutmann • Write a series of 35 patterns ▪ random 4 times -> 0x55 → 0xAA → 0x924924 → 0x492492 → 0x249249 → 0x00 → … → 0xFF →0x924924 → 0x492492 → 0x249249 → 0x6DB6DB → 0xB6DB6D → 0xDB6DB6 → random 4 times

53. The Drawbacks of Erasing Algorithms • Takes long time •

    Reduces the lifetime of data storage • Increases power consumption • Post-treatment is easy to forget • There are some cases we can’t do

54. My Laptop was Stolen

55. Erase or destroy my disk when I die

56. Crypto-Shredding

57. Crypto-Shredding

58. Crypto-Shredding

59. Crypto-Shredding

60. How to Secure Your Secret 2019.05.08 Brice Bang Buzzvil

61. Trusted Platform Module (TPM) • A key store for hardware

    authentication

62. Secure Enclave •

63. Crypto-Shredding

64. Disk Encryption

65. Disk Encryption

66. Requirement of Cipher for Disk Encryption • Length-preserving • AES-XTS

    • AES-CBC-ESSIV Disk OS Encryption Middleware Write 4096 bytes Write 4096 bytes Read 4096 bytes Read 4096 bytes

67. Mac - FileVault

68. Mac - FileVault - Performance

69. Mac - FileVault - Performance

70. Apple T2 Chip

71. Mac - SSD is Encrypted by Default

72. Windows Bitlocker Performance HDD SSD

73. Intel AES-NI Performance

74. AES Performance using TrueCrypt The max read speed of Samsung

    980 PRO M.2 NVMe (1TB): 6,500MB/s

75. Android • How to support lots of devices which do

    not have hardware support for AES? ◦ For TLS, ChaCha20-Poly1305 was the choice of Google

76. Adiantum: The ChaCha Stream Cipher in a Length-Preserving Mode •

77. iPhone • On devices running iOS 4–iOS 7 ◦ Open

    the General settings and choose Passcode (or iTouch & Passcode). ◦ Follow the prompts to create a passcode. • On device running iOS 8 ~ ◦ Open the Settings app ◦ Tap Touch ID & Passcode ◦ Follow the prompts to create a passcode.

78. Crypto-Shredding

79. The Drawbacks of Erasing Algorithms • Takes long time •

    Reduces the lifetime of data storage • Increases power consumption • Post-treatment is easy to forget • There are some cases we can’t do

80. The Drawbacks of Disk Encryption • Takes some time •

    Increases power consumption

81. References • Data erasure • Gutmann method • Crypto-shredding •

    파일의 완전 삭제란 - 제로필과 DoD 5220.22-M 와이핑 (Chrome shows warning now) • Caught On Camera: Berkeley Laptop Theft • Block cipher mode of operation • Ciphertext stealing • Trusted Platform Module • Secure Enclave overview • 하드 드라이브 암호화 문제 해결 • Use FileVault to encrypt the startup disk on your Mac • Do I Really Need FileVault? – MacMyths • About the Apple T2 Security Chip • About encrypted storage on your new Mac • Does the BitLocker Encryption Impact Your Disk Performance? • A Look at the Performance Impact of Hardware-Accelerated AES • Introducing Adiantum: Encryption for the Next Billion Users • 삼성전자, CES서 PCIe 4.0 M.2 SSD 980 Pro 시리즈 공개 : 기사 - 아이폰, 갤럭시S, 안드로이드 스마트폰을 위한 보드나라 모바일

82. For the next... • WPA Enterprise • VPN • DNS

    • My Smart Home • ...