Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Don’t waste time on learning cryptography: better use it properly

vixentael
December 02, 2017
Programming
2
1.3k

Don’t waste time on learning cryptography: better use it properly

#crypto #security #trust

Presented at Owasp Winter 2017, Kyiv, Ukraine and at DevExperience18 in Iasi, Romania.

1. The typical engineering workflow "we should protect the data, what shall we do", and possible mistakes.
2. What is "boring crypto", what do we want from using crypto-products.
3. Possible solutions: HSM / TPM / software crypto.
4. How to select appropriate software crypto: libs, systems, containers.
5. We want crypto to be similar to the Edison lamp: controllable and boring system.

--------------------------------------

If you can't tap on the link inside slides, please open as pdf (button on the right).

--------------------------------------

Crypto in our lives: why you shouldn’t spend time learning all the details of the crypto-algorithms. Typical mistakes you make using crypto in your products. How to avoid late night commits, but to code 'fast and boring' instead.

--------------------------------------

Links to follow:

Boring crypto, Daniel J. Bernstein
https://cr.yp.to/talks/2015.10.05/slides-djb-20151005-a4.pdf

Why does cryptographic software fail?
https://pdos.csail.mit.edu/papers/cryptobugs:apsys14.pdf

API design for cryptography
https://2017.hack.lu/archive/2017/hacklu-crypto-api.pdf

Encrypting strings in Android: Let’s make better mistakes
https://tozny.com/blog/encrypting-strings-in-android-lets-make-better-mistakes/

Awesome crypto papers
https://github.com/pFarb/awesome-crypto-papers

12 And 1 Ideas How To Enhance Backend Data Security
https://www.cossacklabs.com/backend-data-security-modern-ideas.html

Attestation and Trusted Computing
https://courses.cs.washington.edu/courses/csep590/06wi/finalprojects/bare.pdf

vixentael

December 02, 2017
Tweet

More Decks by vixentael

See All by vixentael
Using YubiKey and FIDO U2F for secure authentication
vixentael
0
1.1k
Data is a new security boundary
vixentael
0
4k
Cryptographic protection of ML models
vixentael
0
2.5k
e2ee != security != privacy
vixentael
0
2.1k
Maintaining cryptographic library for 12 languages
vixentael
1
3.4k
10 lines of encryption, 1500 lines of key management
vixentael
2
1.5k
Security, privacy and cryptography at WWDC19
vixentael
1
610
Data encryption: CyberKids edition
vixentael
0
550
"Defense in depth": trench warfare principles for building secure distributed applications
vixentael
3
840

Other Decks in Programming

See All in Programming
二郎系ラーメンのコールで学ぶ AST 解析
memory1994
PRO
7
1.5k
try! Swift Tokyo 2024 参加報告 / try! Swift Tokyo 2024 Report
hironytic
0
140
デザインシステムで Tailwind CSSとCSS in JSに分散投資をしたら良かった話
fsubal
18
4.8k
OpenTelemetry のサービスという概念について
azukiazusa1
2
990
FigmaとPHPで作る1ミリたりとも表示崩れしない最強の帳票印刷ソリューション
ttskch
36
16k
puregoの活用例
aethiopicuschan
0
220
try! Swift Tokyo 初参加報告LT
hinakko2
0
160
1BRC--Nerd Sniping the Java Community
gunnarmorling
0
300
雑に思考を整理する技術と効能
konifar
16
6k
educure_カリキュラム生操作マニュアル.pdf
linew_official
0
320
フロントエンドパフォーマンス 入門
shouta2
7
1.6k
オブジェクト指向のリ・オリエンテーション~歴史を振り返り、AI時代に向きなおる~
hanyudaeiiti
9
5.5k

Featured

See All Featured
Infographics Made Easy
chrislema
237
18k
10 Git Anti Patterns You Should be Aware of
lemiorhan
645
57k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
118
38k
Documentation Writing (for coders)
carmenintech
59
3.9k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
153
14k
The Illustrated Children's Guide to Kubernetes
chrisshort
28
46k
Become a Pro
speakerdeck
PRO
9
4.5k
Thoughts on Productivity
jonyablonski
57
3.8k
A Modern Web Designer's Workflow
chriscoyier
689
190k
Pencils Down: Stop Designing & Start Developing
hursman
115
11k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
226
16k
Fantastic passwords and where to find them - at NoRuKo
philnash
35
2.5k

Transcript

  1. DON’T WASTE TIME ON LEARNING CRYPTOGRAPHY: BETTER USE IT PROPERLY

    #devexperience18 @vixentael

  2. @vixentael Product Engineer Feel free to reach me with security

    questions. I do check my inbox :)
  3. None

  4. We want to protect our users’ data

  5. We want developers to protect data

  6. We want to protect our users’ data HOW? We want

    developers to protect data

  7. WE HAVE USER DATA. WHAT SHALL WE DO?

  8. #devexperience18 @vixentael PROTECTING USER DATA: STEPS MISTAKES WE DO

  9. 1. DEFINING THE DATA SCOPE sensitive user data GDPR /

    HIPAA / PCI DSS tech data (keys, logs) #devexperience18 @vixentael

  10. 1. DEFINING THE DATA SCOPE sensitive user data GDPR /

    HIPAA / PCI DSS tech data (keys, logs) mistake 1. wrong scope definition #devexperience18 @vixentael

  11. 2. SELECTING ALGORITHM twofish sha1 des md5 #devexperience18 @vixentael

  12. twofish sha1 des md5 #owaspkyiv @vixentael 2. SELECTING ALGORITHM mistake

    2. bad algo selection

  13. THINGS TO DECIDE ON KEY LENGTH DATA SCOPE ALGORITHM #devexperience18

    @vixentael

  14. https://wiki.openssl.org/index.php/EVP_Symmetric_Encryption_and_Decryption 3. USING ALGORITHM #devexperience18 @vixentael

  15. https://wiki.openssl.org/index.php/EVP_Symmetric_Encryption_and_Decryption 3. USING ALGORITHM #devexperience18 @vixentael

  16. https://wiki.openssl.org/index.php/EVP_Symmetric_Encryption_and_Decryption 3. USING ALGORITHM mistake 3. wrong params #devexperience18 @vixentael

  17. THINGS TO DECIDE ON PADDING KEY LENGTH MODE DATA SCOPE

    ALGORITHM IV #devexperience18 @vixentael

  18. 4. KEY MANAGEMENT user password keys KDF #devexperience18 @vixentael

  19. 4. KEY MANAGEMENT user password keys KDF mistake 4. bad

    key management https://www.owasp.org/index.php/Key_Management_Cheat_Sheet #devexperience18 @vixentael

  20. THINGS TO DECIDE ON PADDING KEY LENGTH KEY ROTATION MODE

    KEY DERIVATION KEY STORAGE KEY EXCHANGE DATA SCOPE ALGORITHM IV KEY REVOCATION #devexperience18 @vixentael

  21. 5. INFRASTRUCTURE #devexperience18 @vixentael

  22. PADDING KEY LENGTH KEY ROTATION MODE KEY DERIVATION KEY STORAGE

    THINGS TO DECIDE ON KEY EXCHANGE BACKUPS PLATFORMS DATA SCOPE ALGORITHM IV KEY REVOCATION #devexperience18 @vixentael
  23. None

  24. https://pdos.csail.mit.edu/papers/cryptobugs:apsys14.pdf 269 CVEs from 2011-2014 17% 83% bugs inside crypto

    libs misuses of crypto libs by individual apps #devexperience18 @vixentael

  25. AS USERS WE WANT… more ciphers? #devexperience18 @vixentael

  26. AES DES 3DES CBC CFB SEAL Salsa20 RSA DSA #devexperience18

    @vixentael

  27. AES DES 3DES CBC CFB SEAL Salsa20 RSA DSA OFB

    SHARK RC4 DSS ECB CTR SEED Blowfish #devexperience18 @vixentael

  28. AES DES 3DES CBC CFB SEAL Salsa20 RSA DSA OFB

    Blowfish SHARK RC4 DSS ECB CTR Twofish Camelia SEED Rabbit ECDSA #devexperience18 @vixentael

  29. AS USERS WE WANT… more ciphers! more vulnerabilities! more side

    channel attacks! more attacks! more constant time checks :) more protocols! more patches! #devexperience18 @vixentael
  30. None

  31. EXCITING, BUT FOR CRYPTO RESEARCHERS ONLY

  32. AS USERS WE WANT… more ciphers! BORING CRYPTO #devexperience18 @vixentael

  33. BORING CRYPTO — crypto that simply works, solidly resists attacks,

    never needs any upgrades https://cr.yp.to/talks/2015.10.05/slides-djb-20151005-a4.pdf Daniel J. Bernstein #devexperience18 @vixentael

  34. BORING CRYPTO PLUG & PLAY #devexperience18 @vixentael

  35. WHAT DO WE WANT? instead of adjusting our resources —

    SOLVE USE-CASES!

  36. WHAT DO WE WANT? — HIGH-LEVEL FUNCTIONS I want to

    store data securely I want to send data securely I want to verify data integrity #devexperience18 @vixentael

  37. WHAT DO WE WANT? store data securely send data securely

    verify data integrity key derivation key exchange key rotation sign/verify ephemeral keys encr / decr — HIGH-LEVEL FUNCTIONS #devexperience18 @vixentael

  38. NOBODY READS DOCS #devexperience18 @vixentael

  39. NOBODY READS DOCS “docs are for experts” “I just want

    to try” “gimme code!” #devexperience18 @vixentael

  40. 1. HOW TO START? pod try BoringSSL cmake -DANDROID_ABI=armeabi-v7a \

    -DCMAKE_TOOLCHAIN_FILE=../third_party/ android-cmake/android.toolchain.cmake \ -DANDROID_NATIVE_API_LEVEL=16 \ -GNinja .. https://boringssl.googlesource.com/boringssl/+/HEAD/BUILDING.md #devexperience18 @vixentael

  41. easy, architecture-independent installation 1. HOW TO START? #devexperience18 @vixentael

  42. 2. SUPPORTED PLATFORMS? *nix OSX web browsers embedded iOS Android

    Windows minimum expected: #devexperience18 @vixentael

  43. cross-platform is not an option anymore cross-platform is a must

    have 2. SUPPORTED PLATFORMS? #devexperience18 @vixentael

  44. OPTIONS WE HAVE

  45. #owaspkyiv @vixentael HSM

  46. HARDWARE SECURITY MODULE key generation provides cryptoprocessing key storage portable

    #devexperience18 @vixentael

  47. #owaspkyiv @vixentael TRUSTED PLATFORM MODULE key management disk protection trust

    anchor built-in remote attestation provides cryptoprimitives

  48. HSM & TPM: PROS fast hardware crypto! trusted environment known

    security guarantees keys calculations #devexperience18 @vixentael

  49. HSM & TPM: CONS vendor lock / vendor trust bad

    for interactive encryption complicated to maintain (install, upgrade, support, not cross-platform) #devexperience18 @vixentael

  50. HSM & TPM: PRO & CONS HSM app plaintext data

    plaintext data is far away from the place it is used #devexperience18 @vixentael

  51. SOFTWARE CRYPTO SYSTEMS https://github.com/sobolevn/awesome-cryptography any kind of encryption plaintext data

    is closer to its usage cross-platform

  52. https://github.com/sobolevn/awesome-cryptography SOFTWARE CRYPTO SYSTEMS any kind of encryption plaintext data

    is closer to its usage cross-platform NO DEVICE TRUST

  53. WEBBROWSER CRYPTO: CONS DOM, XSS, NO CODE TRUST #devexperience18 @vixentael

  54. HSM/TPM + SOFTWARE CS keys calculations TPM / own software

    cross-platform take best from both #devexperience18 @vixentael HSM
  55. None

  56. cross-platform easy to install easy to use USING CRYPTO SHOULD

    BE LIKE.. audited open source time proven well-documented #devexperience18 @vixentael

  57. crypto-libraries crypto-systems boxed solutions FORM-FACTOR STAIRS

  58. #devexperience18 @vixentael

  59. 1. CRYPTO-LIBS implements single or multiple security functions #devexperience18 @vixentael

    https://github.com/sobolevn/awesome-cryptography

  60. 1. CRYPTO-LIBS libsodium themis https://github.com/sobolevn/awesome-cryptography implements single or multiple security

    functions keyczar noise #devexperience18 @vixentael

  61. EXAMPLE https://github.com/cossacklabs/themis/wiki/Python-Howto secure messaging with forward secrecy #devexperience18 @vixentael

  62. 2. CRYPTO-SYSTEMS combines security functions for solving exact use-case #devexperience18

    @vixentael

  63. 2. CRYPTO-SYSTEMS axolotl hermes combines security functions for solving exact

    use-case SSL/TLS ZeroKit #devexperience18 @vixentael

  64. EXAMPLE https://github.com/cossacklabs/hermes-core/wiki/Python-tutorial data access control based on crypto-keys python docs/examples/python/hermes_client.py

    --id USER1 --config=docs/examples/python/config.json --private_key USER1.priv --doc secretfile --read #devexperience18 @vixentael

  65. 3. BOXED SOLUTIONS unites crypto-systems and user functions for solving

    problems #devexperience18 @vixentael

  66. 3. BOXED SOLUTIONS truecrypt ssh acra vault unites crypto-systems and

    user functions for solving problems #devexperience18 @vixentael

  67. EXAMPLE https://github.com/cossacklabs/acra/wiki/Trying-Acra-with-Docker database proxy for encrypting / decrypting git clone

    https://github.com/cossacklabs/acra cd acra/docker docker-compose -f acra-pgsql-ssl-proxy.yml up -d #devexperience18 @vixentael

  68. CAN I SOLVE MY USE-CASE USING… boxed solutions

  69. CAN I SOLVE MY USE-CASE USING… crypto-libraries crypto-systems boxed solutions

    more pain

  70. CAN I SOLVE MY USE-CASE USING… crypto-libraries crypto-systems boxed solutions

    more pain even more pain

  71. https://www.cossacklabs.com/choose-your-ios-crypto.html

  72. THE WORLD DOESN’T HAVE A PROBLEM WITH NEW CRYPTO-ALGORITHMS.

  73. THE WORLD DOESN’T HAVE A PROBLEM WITH NEW CRYPTO-ALGORITHMS. PROBLEM

    IS THAT THEY ARE NOT BORING ENOUGH

  74. #devexperience18 @vixentael

  75. VS #devexperience18 @vixentael

  76. make the light controllable #devexperience18 @vixentael

  77. #devexperience18 @vixentael

  78. make the crypto security controllable #devexperience18 @vixentael

  79. make the crypto security controllable and booooring #devexperience18 @vixentael

  80. #owaspkyiv @vixentael

  81. LINKS 1 Boring crypto, Daniel J. Bernstein https://cr.yp.to/talks/2015.10.05/slides-djb-20151005-a4.pdf Why does

    cryptographic software fail? https://pdos.csail.mit.edu/papers/cryptobugs:apsys14.pdf API design for cryptography https://2017.hack.lu/archive/2017/hacklu-crypto-api.pdf

  82. LINKS 2 Encrypting strings in Android: Let’s make better mistakes

    https://tozny.com/blog/encrypting-strings-in-android-lets-make-better-mistakes/ Awesome crypto papers https://github.com/pFarb/awesome-crypto-papers 12 And 1 Ideas How To Enhance Backend Data Security https://www.cossacklabs.com/backend-data-security-modern-ideas.html Attestation and Trusted Computing https://courses.cs.washington.edu/courses/csep590/06wi/finalprojects/bare.pdf

  83. MY OTHER SECURITY SLIDES https://github.com/ vixentael/my-talks …and more

  84. @vixentael Product Engineer Feel free to reach me with security

    questions. I do check my inbox :)