Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Use Cryptography; Don't Learn It

vixentael
September 10, 2018
1.5k

Use Cryptography; Don't Learn It

Presentation from Swift and Fika conference.

We talked about securing data, and about mistakes developers make when they are trying to use encryption. And what they actually want from cryptography: they want high level functions, they want easy to use instruments that just works. They want boring crypto. But in a real world we have different levels of paranoia: from Faraday cage to hardware and software solutions. We named three layers of software solutions: boxed, crypto-systems and crypto-libs. And how to select which one to use. And about Edisson lamp as an example of boring, but working system.

vixentael

September 10, 2018
Tweet

Transcript

  1. @vixentael head of customer solutions, security software engineer OSS maintainer:

    Themis, Acra focused on applied crypto and building e2ee protocols Anastasiia Voitova
  2. database searchable encryption eprint.iacr.org/2019/806.pdf e2ee data collaboration cossacklabs.com/files/hermes-theory-paper-rev1.pdf zero knowledge

    authentication cossacklabs.com/files/secure-comparator-paper-rev12.pdf cossacklabs.com @vixentael Data security solutions based on R&D
  3. 1. Defining the data scope business-sensitive data regulations, compliance tech

    data (keys, logs, backups, tokens..) @vixentael Mistake 1. wrong scope definition
  4. 4. Key management @vixentael user password DEK, KEK, master key,

    transport key, ephemeral key, OTP, token, keypairs … encryption key KDF
  5. 4. Key management @vixentael user password DEK, KEK, master key,

    transport key, ephemeral key, OTP, token, keypairs … encryption key KDF Mistake 4. bad key management https://www.owasp.org/index.php/Key_Management_Cheat_Sheet
  6. Things to decide on: PADDING KEY LENGTH KEY ROTATION MODE

    KEY DERIVATION KEY STORAGE KEY EXCHANGE DATA SCOPE CIPHER IV KEY REVOCATION KMS @vixentael
  7. Things to decide on: PADDING KEY LENGTH KEY ROTATION MODE

    KEY DERIVATION KEY STORAGE KEY EXCHANGE DATA SCOPE CIPHER IV KEY REVOCATION BACKUPS PLATFORMS KMS @vixentael
  8. AES DES 3DES CBC CFB SEAL Salsa20 RSA DSA Kuznyechik

    Blowfish SHARK RC4 DSS ChaCha20 CTR AES-SIV Camelia SEED Rabbit ECDSA @vixentael
  9. — crypto that simply works, solidly resists attacks, never needs

    any upgrades https://cr.yp.to/talks/2015.10.05/slides-djb-20151005-a4.pdf Daniel J. Bernstein Boring crypto @vixentael
  10. I want to store data securely I want to send

    data securely I want to verify data integrity Solve use-cases @vixentael
  11. o store data securely o send data securely o verify

    data integrity KEY DERIVATION KEY EXCHANGE KEY ROTATION SIGN/VERIFY EPHEMERAL KEYS ENCR / DECR Solve use-cases @vixentael
  12. Crypto should be: cross-platform easy to install easy to use

    audited open source time proven well-documented compliant hard to mis-use @vixentael
  13. Matthew Green @vixentael blog.cryptographyengineering.com/2012/12/28/the-anatomy-of-bad-idea/ “OpenSSL is the space shuttle of

    crypto libraries. It will get you to space, provided you have a team of people to push the ten thousand buttons required to do so. NaCl is more like an elevator — you just press a button and it takes you there. No frills or options. I like elevators.”
  14. should be random should use KDF(key) uses AES CBC, not

    AES GCM padding? salt? High lvl API, easy to mis-use @vixentael
  15. hides cryptographic details: salt, IV, KDF, padding uses AES-256-GCM github.com/cossacklabs/themis

    built-in KDF to make keys stronger Themis: hard to mis-use @vixentael
  16. ACL based on crypto-keys @vixentael hermes python docs/examples/python/hermes_client.py --id USER1

    --config=docs/examples/python/config.json --private_key USER1.priv --doc secretfile --read
  17. 3. BOXED SOLUTIONS @vixentael unites crypto-systems and user functions for

    solving problems truecrypt ssh acra vault Oracle TDE