Marcin Krzyżanowski | CryptoSwift: Crypto You Can Do

Slide 1

Slide 1 text

CryptoSwift Crypto You Can Do Marcin Krzyżanowski SwiftSummit, London 2015

Slide 2

Slide 2 text

Cryptography and Swift

Slide 3

Slide 3 text

Enigma

Slide 4

Slide 4 text

No content

Slide 5

Slide 5 text

Now we have computers

Slide 6

Slide 6 text

Calculations are performed by “the magic box”

Slide 7

Slide 7 text

Frameworks

Slide 8

Slide 8 text

Cryptography and Swift • CommonCrypto

Slide 9

Slide 9 text

Cryptography and Swift • CommonCrypto • OpenSSL

Slide 10

Slide 10 text

Cryptography and Swift • CommonCrypto • OpenSSL • NaCl

Slide 11

Slide 11 text

Cryptography and Swift • CommonCrypto • OpenSSL • NaCl • CryptoSwift

Slide 12

Slide 12 text

Cryptography and Swift • CommonCrypto • OpenSSL • NaCl • CryptoSwift • CryptoJS….

Slide 13

Slide 13 text

CommonCrypto

Slide 14

Slide 14 text

CommonCrypto • The C library • Part of the system (iOS and OS X) • Can be used with Swift (thanks to C interoperability)

Slide 15

Slide 15 text

CommonCrypto • The C library • Part of the system (iOS and OS X) • Can be used with Swift (thanks to C interoperability) ‣ Unsafe pointers

Slide 16

Slide 16 text

CommonCrypto • The C library • Part of the system (iOS and OS X) • Can be used with Swift (thanks to C interoperability) ‣ Unsafe pointers • Sources available at opensource.apple.com

Slide 17

Slide 17 text

CommonCrypto CCCrypt( UInt32(kCCEncrypt), UInt32(kCCAlgorithmAES128), UInt32(kCCOptionPKCS7Padding), keyBytes, // UnsafePointer(keyData.bytes) key.count, ivBytes, // UnsafePointer(ivData.bytes) dataBytes, // UnsafePointer(data.bytes) dataLength, cryptPointer, // UnsafeMutablePointer(cryptData!.mutableBytes) cryptLength, &numBytesEncrypted )

Slide 18

Slide 18 text

CryptoSwift http://github.com/krzyzanowskim/CryptoSwift

Slide 19

Slide 19 text

Why?

Slide 20

Slide 20 text

Because I can

Slide 21

Slide 21 text

I was curious

Slide 22

Slide 22 text

To learn

Slide 23

Slide 23 text

I’m an engineer to challenge myself

Slide 24

Slide 24 text

CryptoSwift

Slide 25

Slide 25 text

CryptoSwift Raise your hand if you already know it

Slide 26

Slide 26 text

CryptoSwift • Swift framework

Slide 27

Slide 27 text

CryptoSwift • Swift framework • iOS and OS X

Slide 28

Slide 28 text

CryptoSwift • Swift framework • iOS and OS X • Pure Swift implementation

Slide 29

Slide 29 text

CryptoSwift • Swift framework • iOS and OS X • Pure Swift implementation • Constantly improved

Slide 30

Slide 30 text

A cryptographic hash function allows one to easily verify that some input data matches a stored hash value, but makes it hard to construct any data that would hash to the same value or ﬁnd any two unique data pieces that hash to the same value. CryptoSwift - hash

Slide 31

Slide 31 text

CryptoSwift - hash • MD5, SHA1, SHA2, CRC32 import CryptoSwift "SwiftSummit".md5() "SwiftSummit".sha1() "SwiftSummit".sha512() "SwiftSummit".crc32()

Slide 32

Slide 32 text

“In cryptography, a cipher (or cypher) is an algorithm for performing encryption or decryption—a series of well-deﬁned steps that can be followed as a procedure.” CryptoSwift - ciphers

Slide 33

Slide 33 text

CryptoSwift - ciphers Symmetric ciphers plaintext encryption ciphertext key ciphertext decryption plaintext

Slide 34

Slide 34 text

CryptoSwift - ciphers • AES • The Advanced Encryption Standard, the symmetric block cipher ratiﬁed as a standard by National Institute of Standards and Technology of the United States (NIST) • Hardware acceleration (not for Swift) ‣ Advanced Encryption Standard Instruction Set (AES-NI)

Slide 35

Slide 35 text

import CryptoSwift let key = "1234567890123456" // key let iv = "1234567890123456" // random if let aes = AES(key: key, iv: iv, blockMode: .CBC) { if let encrypted = aes.encrypt([1,2], padding: PKCS7()) { let data = NSData.withBytes(encrypted) } } CryptoSwift - ciphers

Slide 36

Slide 36 text

CryptoSwift - ciphers • ChaCha20 ‣ The stream cipher by J. Bernstein, built on a pseudorandom function based on add-rotate-xor operations ‣ Adopted by Apple with HomeKit, by Google with Chrome. ‣ Lack of ofﬁcial support in OpenSSL. Patches are waiting to be merged.

Slide 37

Slide 37 text

import CryptoSwift let key = "1234567890123456" // key let iv = "1234567890123456" // random if let chacha = ChaCha20(key: key, iv: iv) { if let encrypted = chacha.encrypt([1,2]) { let data = NSData.withBytes(encrypted) } } CryptoSwift - ciphers

Slide 38

Slide 38 text

enum Cipher { case ChaCha20(key: [UInt8], iv: [UInt8]) case AES(key: [UInt8], iv: [UInt8], blockMode: CipherBlockMode) func encrypt(bytes: [UInt8]) -> [UInt8]? func decrypt(bytes: [UInt8]) -> [UInt8]? static func randomIV(blockSize: Int) -> [UInt8] } CryptoSwift - ciphers

Slide 39

Slide 39 text

The block cipher operation is an algorithm that uses a block cipher to encrypt a large message CryptoSwift - block mode

Slide 40

Slide 40 text

• Electronic CodeBook ECB - Don’t use! ‣ Sequence of encrypted blocks, every block with the same key. CryptoSwift - block mode

Slide 41

Slide 41 text

CryptoSwift - block mode • Cipher-block Chaining CBC ‣ Sequence of encrypted blocks, every following block uses encrypted data as a key to the cipher. decryption is parallelizable

Slide 42

Slide 42 text

CryptoSwift - block mode • Cipher Feedback CFB ‣ Sequence of encrypted blocks, every following block uses encrypted data as a key to the cipher decryption is parallelizable

Slide 43

Slide 43 text

Block Mode NONCE? used only once - IV The IV provides semantic security identical messages have different ciphertexts

Slide 44

Slide 44 text

Authenticators The message authentication code is a short piece of information used to authenticate a message and to provide integrity and authenticity assurances on the message

Slide 45

Slide 45 text

CryptoSwift - authenticators • Poly1305 - a one-time authenticator ‣ takes a 32-byte one-time key and a message and produces the 16-byte tag.

Slide 46

Slide 46 text

CryptoSwift - authenticators • Poly1305 - a one-time authenticator ‣ takes a 32-byte one-time key and a message and produces the 16-byte tag. • HMAC - Keyed-Hashing for Message Authentication ‣ takes a key and message and produces a tag with one of the hash functions (MD5, SHA)

Slide 47

Slide 47 text

CryptoSwift enum Authenticator { case Poly1305(key: [UInt8]) case HMAC(key: [UInt8], variant: HMAC.Variant) func authenticate(message: [UInt8]) -> [UInt8]? }

Slide 48

Slide 48 text

CryptoSwift extension NSData { … } extension String { … } “message”.md5() “message”.sha512() “plaintext”.encrypt(Cipher.AES(…))

Slide 49

Slide 49 text

Performance

Slide 50

Slide 50 text

Performance • CryptoSwift implementation is signiﬁcantly slower than CommonCrypto • It’s better with the new version of Swift • NSMutableData is slow • memory allocation is slow if the “unsafe pointer” is not used. • Array enumeration is signiﬁcantly visible.

Slide 51

Slide 51 text

CryptoSwift Crypto You Can Do

Slide 52

Slide 52 text

CryptoSwift Crypto You Can Do HOW?

Slide 53

Slide 53 text

read

Slide 54

Slide 54 text

http://cr.yp.to

Slide 55

Slide 55 text

…understand nothing at ﬁrst

Slide 56

Slide 56 text

re-read

Slide 57

Slide 57 text

write code

Slide 58

Slide 58 text

do tests

Slide 59

Slide 59 text

share and ask for feedback

Slide 60

Slide 60 text

ﬁx

Slide 61

Slide 61 text

improve

Slide 62

Slide 62 text

contribute to CryptoSwift http://github.com/krzyzanowskim/CryptoSwift

Slide 63

Slide 63 text

Thank you marcin.krzyzanowski@gmail.com http://blog.krzyzanowskim.com