Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Secure Communication over insecure network

Tejas Bubane
February 12, 2019
Programming
0
42

Secure Communication over insecure network

A look at the land of Cryptography and how it affects our online life. We won't be diving into cryptography algorithms - instead we will treat them as “black boxes” - and see how they fit together given the right input. A bird's eye look at TLS handshake.

Mostly requires just logical thinking of how all these different pieces fit together.

Tejas Bubane

February 12, 2019
Tweet

More Decks by Tejas Bubane

See All by Tejas Bubane
Learnings from POODR - part 1
tejasbubane
0
39
Purely Functional Data Structures
tejasbubane
0
79
Typechecking in Javascript using Flow
tejasbubane
0
48
Effective Git
tejasbubane
0
110
Contributing to Opensource
tejasbubane
0
45
The hidden features of ActiveRecord
tejasbubane
0
48

Other Decks in Programming

See All in Programming
dbtのドメイン分割による データ基盤の改善とDigdagとの連携
sakama
0
340
R言語の環境構築と基礎 Tokyo.R 112
bob3bob3
0
270
冗長なエラーログを削減し、スタックトレースを手に入れる / Reducing Verbose Error Logs and Obtaining Stack Traces
upamune
0
740
Build Apps for iOS, Android & Desktop in 100% Kotlin With Compose Multiplatform (mDevCamp 2024)
zsmb
0
340
単体テストを書かない技術 #phpcon_odawara
o0h
PRO
27
8.3k
⼤規模⾔語モデルの拡張(RAG)が 終わったかも知れない件について
nearme_tech
23
15k
Komplexe Oberflächen mit SVG und der Web Animation API
joergneumann
0
670
Goのmultiple errorsについて (2024年4月版)
syumai
3
880
見た目から始める生産性向上
ikumatadokoro
7
840
educure_カリキュラム生操作マニュアル.pdf
linew_official
0
800
0→1と1→10の狭間で Javaという技術選定を振り返る/Reflecting on the Decision to Choose Java Between Scaling from 0 to 1 and 1 to 10
jaguar_imo
2
380
大規模UIKitベースアプリへのTCAの段階的導入/gradual-adoption-of-tca-in-a-large-scale-uikit-based-app
takehilo
1
180

Featured

See All Featured
Thoughts on Productivity
jonyablonski
58
3.8k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
241
1.2M
Designing with Data
zakiwarfel
96
4.8k
Bootstrapping a Software Product
garrettdimon
PRO
302
110k
How to name files
jennybc
65
93k
Gamification - CAS2011
davidbonilla
76
4.6k
YesSQL, Process and Tooling at Scale
rocio
164
13k
GitHub's CSS Performance
jonrohan
1025
450k
Why You Should Never Use an ORM
jnunemaker
PRO
51
8.6k
GraphQLの誤解/rethinking-graphql
sonatard
50
9.2k
What the flash - Photography Introduction
edds
64
11k
Adopting Sorbet at Scale
ufuk
68
8.6k

Transcript

  1. SECURE COMMUNICATION HOW OUR LIVES DEPEND ON CRYPTOGRAPHY TEJAS BUBANE

    TUESDAY TALKS AT CYBRILLA
  2. None

  3. Communication?

  4. ! Communication?

  5. " ! Communication?

  6. " ! Communication?

  7. " ! Communication?

  8. Secure? " ! Communication?

  9. Secure? " ! #$ Communication?

  10. Secure? " ! #$ 1. Confidentiality Communication?

  11. Secure? " ! #$ 1. Confidentiality 2. Identity Communication?

  12. PROBLEM 1

  13. PROBLEM 1

  14. PROBLEM 1

  15. PROBLEM 1

  16. PROBLEM 1

  17. PROBLEM 1

  18. PROBLEM 1

  19. PROBLEM 1

  20. PROBLEM 1 Man in the middle attack

  21. PROBLEM 1 Man in the middle attack Incorrect identity

  22. PROBLEM 2

  23. PROBLEM 2

  24. PROBLEM 2

  25. PROBLEM 2

  26. PROBLEM 2

  27. PROBLEM 2

  28. PROBLEM 2

  29. PROBLEM 2 Eavesdropping attack

  30. PROBLEM 2 Eavesdropping attack No Secrecy

  31. E(text, key) = cipher D(cipher, key) = text cipher

  32. E(text, key) = cipher D(cipher, key) = text cipher Symmetric

    Key Cryptography

  33. E(text, key) = cipher D(cipher, key) = text cipher Symmetric

    Key Cryptography 1.Caesar Cipher (44 BC)

  34. E(text, key) = cipher D(cipher, key) = text cipher Symmetric

    Key Cryptography 1.Caesar Cipher (44 BC) CYBRILLA => FBEULOOD

  35. E(text, key) = cipher D(cipher, key) = text cipher Symmetric

    Key Cryptography 1.Caesar Cipher (44 BC) CYBRILLA => FBEULOOD 2. Vigenère Cipher (1553)

  36. E(text, key) = cipher D(cipher, key) = text cipher Symmetric

    Key Cryptography 1.Caesar Cipher (44 BC) CYBRILLA => FBEULOOD 2. Vigenère Cipher (1553) Plaintext: ATTACKATDAWN Key: LEMONLEMONLE Ciphertext: LXFOPVEFRNHR
  37. None
  38. None
  39. None
  40. None

  41. Enigma machine

  42. Enigma machine Bombe

  43. Enigma machine Bombe

  44. E(text, pubkey) = cipher D(cipher, privkey) = text pubkey hello!

    cipher

  45. E(text, pubkey) = cipher D(cipher, privkey) = text pubkey Public

    Key Cryptography hello! cipher

  46. Identity Certificate Binds Identity with public key OS/Mozilla Root certificates

    Browser verifies signature, matches URL

  47. SSL/TLS •SSL (Netscape, 1995) •TLS 1.0 (IETF 1999) •TLS 1.1

    (2006) •TLS 1.2 (2008) •TLS 1.3 (2018) Cryptographic Protocol

  48. TLS Handshake

  49. TLS Handshake

  50. ClientHello TLS Handshake Nc

  51. ClientHello ServerHello TLS Handshake Nc Ns

  52. ClientHello ServerHello ServerCertificate TLS Handshake Public Key (pk) Nc Ns

  53. ClientHello ServerHello ServerCertificate ServerHelloDone TLS Handshake Public Key (pk) Nc

    Ns

  54. ClientHello ServerHello ServerCertificate ServerHelloDone TLS Handshake Public Key (pk) kbs,

    ksb counter mk = RSA(pmk, Nc, Ns) Nc Ns

  55. ClientHello ServerHello ServerCertificate ServerHelloDone ClientKeyExchange PreMasterSecret = Enc(pmk) TLS Handshake

    Public Key (pk) kbs, ksb counter mk = RSA(pmk, Nc, Ns) Nc Ns

  56. ClientHello ServerHello ServerCertificate ServerHelloDone ClientKeyExchange PreMasterSecret = Enc(pmk) TLS Handshake

    Public Key (pk) kbs, ksb counter mk = RSA(pmk, Nc, Ns) Nc Ns kbs, ksb counter mk = RSA(pmk, Nc, Ns

  57. ClientHello ServerHello ServerCertificate ServerHelloDone ClientKeyExchange PreMasterSecret = Enc(pmk) Finished Encrypted

    ChangeCipherSpec TLS Handshake Public Key (pk) kbs, ksb counter mk = RSA(pmk, Nc, Ns) Nc Ns kbs, ksb counter mk = RSA(pmk, Nc, Ns

  58. ClientHello ServerHello ServerCertificate ServerHelloDone ClientKeyExchange PreMasterSecret = Enc(pmk) Finished Encrypted

    ChangeCipherSpec Decrypt TLS Handshake Public Key (pk) kbs, ksb counter mk = RSA(pmk, Nc, Ns) Nc Ns kbs, ksb counter mk = RSA(pmk, Nc, Ns

  59. ClientHello ServerHello ServerCertificate ServerHelloDone ClientKeyExchange PreMasterSecret = Enc(pmk) ChangeCipherSpec Finished

    Encrypted ChangeCipherSpec Decrypt Finished Encrypted TLS Handshake Public Key (pk) kbs, ksb counter mk = RSA(pmk, Nc, Ns) Nc Ns kbs, ksb counter mk = RSA(pmk, Nc, Ns
  60. None

  61. What now?

  62. What now? ‣Client & Server both have has ksb, kbs

  63. What now? ‣Client & Server both have has ksb, kbs

    ‣Use symmetric key encryption (AES) for all further communications

  64. What now? ‣Client & Server both have has ksb, kbs

    ‣Use symmetric key encryption (AES) for all further communications ‣Why not use public key everywhere?

  65. What now? ‣Client & Server both have has ksb, kbs

    ‣Use symmetric key encryption (AES) for all further communications ‣Why not use public key everywhere? ‣Public key encryption is slow - use it for key exchange (handshake) and use fast symmetric encryption thereafter
  66. None

  67. How secure?

  68. How secure? RSA based on prime factorization problem. 768 RSA

    = 1500 CPU years (2yrs realtime on many hundreds of computers) We use 1024/2048 bits RSA.

  69. How secure? RSA based on prime factorization problem. 768 RSA

    = 1500 CPU years (2yrs realtime on many hundreds of computers) We use 1024/2048 bits RSA. AES with a 128 bit key requires storing 288 bits of data = 38 trillion terabytes of space > all the data stored on all the computers on the planet in 2016.
  70. None

  71. Trust CAs

  72. Trust CAs Trust IETF

  73. Trust CAs Thanks! Trust IETF