Useful Cryptography, An Introduction

Transcript

1. @rdegges @oktadev Useful Cryptography An Introduction

2. @rdegges @oktadev Hey, I'm Randall Builder Python / JS /

   Go Hacker Author Open Source Chief Hacker @ Okta

3. @rdegges @oktadev I am not a cryptographer!

4. @rdegges @oktadev Why even? you website database website "how to

   store passwords" password hashing god

5. @rdegges @oktadev I literally can't even. Developers should never do

   crypto.

6. @rdegges @oktadev Hashing

7. @rdegges @oktadev What is a Hash Function? hash(s) Input Hash

   (Digest) "ilovemymom" "6cd7c44ad701d00aa59b4225978e9c7ddf00c682" "ilovemymom" "6cd7c44ad701d00aa59b4225978e9c7ddf00c682" "wooooboyyyyyyyyy" "968360efa4e572ba34504af1d438b1fc60871943" deterministic unique irreversible

8. @rdegges @oktadev Hahes are great for information that you need

   to verify but never persist. web server Email: [email protected] Password: ilovemymom db Password: <hash(pw)> pwn3d! Password: ilovemymom I want to create an account.

9. @rdegges @oktadev How User Login Works with Hashing web server

   Email: [email protected] Password: ilovemymom db Email: [email protected] I want to log into my account. Password: <hash> Compute hash("ilovemymom") Compare hash("ilovemymom") == <hash> Equal? Login successful! Unequal? No login for you!

10. @rdegges @oktadev There are two types of hashing algorithms. ??!?!

    Cryptographic hash functions Password hash functions Oh my!

11. @rdegges @oktadev Cryptographic Hash Functions AKA: the fast ones ubuntu-18.04.2-desktop-amd64.iso

    (1.9 GB) $ sha1sum ubuntu-18.04.2-desktop-amd64.iso bcdb9099024c468047f3f31c7d23e68a35ea4de2 (3.176 seconds) ubuntu ubuntu-18.04.2-desktop-amd64.iso Hash: bcdb9099024c468047f3f31c7d23e68a35ea4de2

12. @rdegges @oktadev Cryptographic hash functions are useful for verifying the

    integrity of data. MD5 (1991) SHA-1 (1995) SHA-2 (2001) SHA-3 (2015) BLAKE 2 (2012) *Latacora (2018) * Ron Rivest RSA!

13. @rdegges @oktadev Password Hash Functions AKA: the slow ones Password:

    "ilovemymom" db sha2("ilovemymom") sha2(pass) ??!?! Brute force! for pw in pw_generator(): if sha2(pw) == stolen_hash: print 'Password found!' Dictionary lists Sequential Breached password databases

14. @rdegges @oktadev

15. @rdegges @oktadev Password hash functions are useful for storing sensitive

    password data and keys. PBKDF2 (2000) bcrypt (1999) scrypt (2009) argon2 (2015) argon2i argon2d argon2id hash(pass) hash( )

16. @rdegges @oktadev

17. @rdegges @oktadev Randomness API Keys Random Numbers Passphrases Database IDs

18. @rdegges @oktadev There are two "kinds" of security. computational information-theoretic

19. @rdegges @oktadev The best way to generate random numbers is

    /dev/urandom. OS kernel keyboard timings mouse movements storage timings random pool /dev/random /dev/urandom app OSX FreeBSD Linux NetBSD CSPRNG

20. @rdegges @oktadev

21. @rdegges @oktadev Encryption

22. @rdegges @oktadev Encryption is useful for hiding data you need

    to eventually see again. app s3 passwords.txt passwords.txt.enc shit :/ ciphertext

23. @rdegges @oktadev There are two types of encryption. symmetric asymmetric

24. @rdegges @oktadev Symmetric Encryption data secret ciphertext secret data ciphertext

    Encryption Decryption Long, random string.

25. @rdegges @oktadev Symmetric encryption is useful in circumstances where you

    can keep a trusted secret safe. web server AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY SIGNING_KEY ENCRYPTION_KEY ...

26. @rdegges @oktadev How should you do symmetric encryption? * Amazon

    KMS *Latacora (2018) AWS Encryption SDK KMS master key(s) data data key encryption algorithm ciphertext encryption algorithm encrypted data key encrypted message

27. @rdegges @oktadev How should you do symmetric decryption? KMS master

    key(s) data data key decryption algorithm ciphertext encrypted data key encrypted message decryption algorithm

28. @rdegges @oktadev It sounds complex, but... aws.encrypt(plaintext) aws.decrypt(encrypted message)

29. @rdegges @oktadev Asymmetric encryption is useful in circumstances where you

    need to exchange data securely between untrusted parties. inbox email rdegges.com tls

30. @rdegges @oktadev Asymmetric Encryption ciphertext data public key private key

    Bob Alice ciphertext data public key private key shareable

31. @rdegges @oktadev How should you do asymmetric encryption? * NaCl/libsodium

    *Latacora (2018) Box API Bob Alice public key private key public key private key box(bs, ap) ciphertext data box.encrypt(data)

32. @rdegges @oktadev How should you do asymmetric decryption? Bob Alice

    public key private key public key private key ciphertext data box(as, bp) box.decrypt(c)

33. @rdegges @oktadev Don't roll your own crypto. Use crypto and

    be smart about it.

34. @rdegges @oktadev

35. @rdegges @oktadev Thank You rdegges.com developer.okta.com

36. @rdegges @oktadev Sources • "Cryptographic Right Answers": https://latacora.micro.blog/2018/04/03/cryptographic-right-answers.html • "Password

    Hashing Competition": https://password-hashing.net/ • "Myths About /dev/urandom": https://www.2uo.de/myths-about-urandom/ • "When to use /dev/random vs /dev/urandom": https://unix.stackexchange.com/questions/324209/when-to-use-dev-random-vs-dev-urandom • "djb" on /dev/urandom: https://www.mail-archive.com/[email protected]/msg04763.html • KMS FAQ: https://aws.amazon.com/kms/faqs/ • PyNaCl: https://pynacl.readthedocs.io/en/stable/public/