Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Encriptação de A a Z

Encriptação de A a Z

Quando você precisa comunicar algo, mas não quer que nenhum enxerido saiba da mensagem, o que você faz? Naturalmente “falar em códigos” é parece ser a melhor opção, mas pra isso você deve saber que padrão usar. SHA1, MD5, Bcrypt, SSL, ciphers, salt, e muito mais: Você talvez tenha ouvido falar de algumas dessas palavras, mas chegou a hora de conhecer como funciona um processo de criptografia e tudo o que há de melhor sobre isso no PHP.

Hussani Oliveira

May 27, 2017
Tweet

More Decks by Hussani Oliveira

Other Decks in Technology

Transcript

  1. Encriptação de A a Z

    View full-size slide

  2. Quem é o
    Hussani?

    View full-size slide

  3. Cryptography

    View full-size slide

  4. “Cryptography is the science and art
    of coding and decoding of secret
    messages, information or data.”

    View full-size slide

  5. Cryptography components

    View full-size slide

  6. A cipher is a set of rules for
    converting between plaintext and
    ciphertext.

    View full-size slide

  7. Types of ciphers

    View full-size slide

  8. Classical Cipher

    View full-size slide

  9. Substitution

    View full-size slide

  10. char -> char + 3

    View full-size slide

  11. Hello -> Khoor

    View full-size slide

  12. Paper Cipher Wheel

    View full-size slide

  13. Caesar = ROT-3

    View full-size slide

  14. ROT-2
    A -> C
    Hello -> Jgnnq

    View full-size slide

  15. Max ROT = 13

    View full-size slide

  16. alphabet = 26 chars

    View full-size slide

  17. ROT-13 = inverse alphabet

    View full-size slide

  18. {msg}Y -> {msg}(-Y)

    View full-size slide

  19. Modern Ciphers

    View full-size slide

  20. Block Cipher

    View full-size slide

  21. char = 8 bytes = 1 bit

    View full-size slide

  22. block = group of bits

    View full-size slide

  23. 32, 64, 128, 256, 512, 1024…

    View full-size slide

  24. Public-Private Cryptography

    View full-size slide

  25. {msg}X -> {msg}Y

    View full-size slide

  26. Convert data on single value

    View full-size slide

  27. Most times irreversible

    View full-size slide

  28. OpenSSL
    Toolkit OpenSSL CLI

    View full-size slide

  29. OpenSSL
    Toolkit OpenSSL CLI


    Can encrypt data using many ciphers

    View full-size slide

  30. OpenSSL
    Toolkit OpenSSL CLI


    Can encrypt data using many ciphers


    Can use may key types

    View full-size slide

  31. OpenSSL
    Toolkit OpenSSL CLI


    Can encrypt data using many ciphers


    Can use may key types
    Easy

    View full-size slide

  32. $msg = openssl_encrypt('test', ‘des-ede3', 'my-test');

    // oSSMoiYum5s=

    View full-size slide

  33. $msg = openssl_encrypt('test', ‘des-ede3', 'my-test');

    // oSSMoiYum5s=
    echo openssl_decrypt($msg, 'des-ede3', ‘my-test');

    // test

    View full-size slide

  34. Password Hash API

    View full-size slide

  35. Password Hash API

    View full-size slide

  36. Password Hash API
    Recommended password API

    View full-size slide

  37. Password Hash API
    Recommended password API
    Always updated

    View full-size slide

  38. Password Hash API
    Recommended password API
    Always updated
    Too simple

    View full-size slide

  39. Password Hash API
    Recommended password API
    Always updated
    Too simple
    Trivializes crypt to create bcrypt hashes

    View full-size slide

  40. Password Hash API
    Recommended password API
    Always updated
    Too simple
    Trivializes crypt to create bcrypt hashes
    Implements Argon2 (PHP 7.2)

    View full-size slide

  41. $hash = password_hash("my_p@sswd", PASSWORD_DEFAULT);

    // $2y$10$rwwStToOAzObe8xAkfJzP.CCVrOYgRBy8nmNRPPrleo
    var_dump(password_verify("my_p@sswd", $hash));

    // bool(true)

    View full-size slide

  42. Deprecated
    • MHash
    • Mcrypt

    View full-size slide

  43. Avoid
    crypt function

    View full-size slide

  44. Avoid
    crypt function
    MD5 for passwords

    View full-size slide

  45. Avoid
    crypt function
    MD5 for passwords
    SHA1 for passwords

    View full-size slide