Slide 1

Slide 1 text

Encriptação de A a Z

Slide 2

Slide 2 text

Quem é o Hussani?

Slide 3

Slide 3 text

No content

Slide 4

Slide 4 text

Cryptography

Slide 5

Slide 5 text

“Cryptography is the science and art of coding and decoding of secret messages, information or data.”

Slide 6

Slide 6 text

No content

Slide 7

Slide 7 text

Cryptography components

Slide 8

Slide 8 text

No content

Slide 9

Slide 9 text

No content

Slide 10

Slide 10 text

Ciphers

Slide 11

Slide 11 text

A cipher is a set of rules for converting between plaintext and ciphertext.

Slide 12

Slide 12 text

Types of ciphers

Slide 13

Slide 13 text

Classical Cipher

Slide 14

Slide 14 text

Substitution

Slide 15

Slide 15 text

Caesar

Slide 16

Slide 16 text

char -> char + 3

Slide 17

Slide 17 text

A -> D

Slide 18

Slide 18 text

C -> F

Slide 19

Slide 19 text

Hello -> ?

Slide 20

Slide 20 text

Hello -> Khoor

Slide 21

Slide 21 text

Paper Cipher Wheel

Slide 22

Slide 22 text

No content

Slide 23

Slide 23 text

ROT-n

Slide 24

Slide 24 text

ROTate

Slide 25

Slide 25 text

Caesar = ROT-3

Slide 26

Slide 26 text

ROT-2 A -> C Hello -> Jgnnq

Slide 27

Slide 27 text

Max ROT = 13

Slide 28

Slide 28 text

alphabet = 26 chars

Slide 29

Slide 29 text

13 * 2 = 26

Slide 30

Slide 30 text

ROT-13 = inverse alphabet

Slide 31

Slide 31 text

Symmetric

Slide 32

Slide 32 text

{msg}Y -> {msg}(-Y)

Slide 33

Slide 33 text

Modern Ciphers

Slide 34

Slide 34 text

Block Cipher

Slide 35

Slide 35 text

char = 8 bytes = 1 bit

Slide 36

Slide 36 text

block = group of bits

Slide 37

Slide 37 text

32, 64, 128, 256, 512, 1024…

Slide 38

Slide 38 text

Asymmetric

Slide 39

Slide 39 text

No content

Slide 40

Slide 40 text

Public-Private Cryptography

Slide 41

Slide 41 text

{msg}X -> {msg}Y

Slide 42

Slide 42 text

Hashes

Slide 43

Slide 43 text

Convert data on single value

Slide 44

Slide 44 text

Most times irreversible

Slide 45

Slide 45 text

No content

Slide 46

Slide 46 text

OpenSSL

Slide 47

Slide 47 text

OpenSSL

Slide 48

Slide 48 text

OpenSSL Toolkit OpenSSL CLI

Slide 49

Slide 49 text

OpenSSL Toolkit OpenSSL CLI
 
 Can encrypt data using many ciphers

Slide 50

Slide 50 text

OpenSSL Toolkit OpenSSL CLI
 
 Can encrypt data using many ciphers
 
 Can use may key types

Slide 51

Slide 51 text

OpenSSL Toolkit OpenSSL CLI
 
 Can encrypt data using many ciphers
 
 Can use may key types Easy

Slide 52

Slide 52 text

$msg = openssl_encrypt('test', ‘des-ede3', 'my-test');
 // oSSMoiYum5s=

Slide 53

Slide 53 text

$msg = openssl_encrypt('test', ‘des-ede3', 'my-test');
 // oSSMoiYum5s= echo openssl_decrypt($msg, 'des-ede3', ‘my-test');
 // test

Slide 54

Slide 54 text

Hash

Slide 55

Slide 55 text

Password Hash API

Slide 56

Slide 56 text

Password Hash API

Slide 57

Slide 57 text

Password Hash API Recommended password API

Slide 58

Slide 58 text

Password Hash API Recommended password API Always updated

Slide 59

Slide 59 text

Password Hash API Recommended password API Always updated Too simple

Slide 60

Slide 60 text

Password Hash API Recommended password API Always updated Too simple Trivializes crypt to create bcrypt hashes

Slide 61

Slide 61 text

Password Hash API Recommended password API Always updated Too simple Trivializes crypt to create bcrypt hashes Implements Argon2 (PHP 7.2)

Slide 62

Slide 62 text

$hash = password_hash("my_p@sswd", PASSWORD_DEFAULT);
 // $2y$10$rwwStToOAzObe8xAkfJzP.CCVrOYgRBy8nmNRPPrleo var_dump(password_verify("my_p@sswd", $hash));
 // bool(true)

Slide 63

Slide 63 text

Deprecated

Slide 64

Slide 64 text

Deprecated • MHash • Mcrypt

Slide 65

Slide 65 text

Avoid

Slide 66

Slide 66 text

Avoid crypt function

Slide 67

Slide 67 text

Avoid crypt function MD5 for passwords

Slide 68

Slide 68 text

Avoid crypt function MD5 for passwords SHA1 for passwords

Slide 69

Slide 69 text

No content

Slide 70

Slide 70 text

No content

Slide 71

Slide 71 text

Obrigado :)