• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Introduction To Encryption in Lasso 8.5

Introduction To Encryption in Lasso 8.5



Presentation at LDC09: Introduction To Encryption in Lasso 8.5

Presentation at LDC09: Introduction To Encryption in Lasso 8.5



Total Views
Views on SlideShare
Embed Views



2 Embeds 6

http://www.slideshare.net 3
http://www.linkedin.com 3



Upload Details

Uploaded via as OpenOffice

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

    Introduction To Encryption in Lasso 8.5 Introduction To Encryption in Lasso 8.5 Presentation Transcript

    • Session: Encryption Bil Corry lasso.pro
    • Caveat Emptor
      • I am not a cryptographer
      • I only have a rudimentary understanding of cryptography
      • When in doubt, hire a professional
    • Encryption is strong, yet fragile
      • Works well when implemented correctly
      • Easy to get wrong = broken implementation = insecure encryption
      • When there's a breach, keys have to be swapped out
    • Advice from Experts
      • Never create/implement your own cipher
      • Do not implement an encryption scheme using low-level APIs (OpenSSL, etc)
      • Use a high-level API such KeyCzar, GPGME, or cryptlib
        • http://www.keyczar.org/
        • http://www.gnupg.org/gpgme.html
        • http://www.cs.auckland.ac.nz/~pgut001/cryptlib/
    • High-Level APIs
      • Abstract technical details
      • Safe defaults for key lengths, algorithms, and modes
      • Allow for key rotation and versioning
      • Automated generation of initialization vectors and other setup requirements
    • Encryption Gone Bad
      • The default Pseudo Number Random Generator (PNRG) not suited for encryption
        • Use the following instead:
          • Java: java.security.SecureRandom
          • Unix: /dev/urandom
          • Windows: CryptGenRandom or RtlGenRandom from ADVAPI32.DLL
    • Encryption Gone Bad (cont)
      • Block Cipher Modes
        • OFB, CFB, CTR – fatal if output or counter reused
        • CCM, EAX, GCM, OCB – fatal if IV reused
      • ECB:
      ECB-encrypted image of Tux Plaintext image of Tux Image of Tux encrypted in other (chained) modes From: http://www.subspacefield.org/security/security_concepts/
    • Encryption Gone Bad (cont)
      • Encrypting IDs sent roundtrip to client doesn't protect from tampering (integrity)
        • Use HMAC to verify hasn't been tampered with
      • Custom hash constructions
        • hash(key + data) open to length extension attack to determine the key -> use HMAC instead
    • Encryption Gone Bad (cont)
      • Many real-world examples of popular webapps getting crypto wrong:
        • WSJ.com authentication flaws
        • Wordpress Cookie Integrity Vulnerability
        • Amazon Web Services v1 – lacked structure for data
    • Types of Encryption
      • Symmetric
      • Asymmetric
      • Hash
        • Message Authentication Code (MAC)
    • Symmetric
      • Secret key used to both encrypt and decrypt
      • Examples:
        • Blowfish
        • DES
        • 3DES
        • AES
    • Symmetric Example [ Encode_Hex( Cipher_Encrypt('Data', -Cipher='CAST5-CBC', -Key='supersecretpassword') ); '<br>'; Cipher_Decrypt( Decode_Hex('D7BF2BE2EA29D2C9'), -Cipher='CAST5-CBC', -Key='supersecretpassword' ); ] LP8: D7BF2BE2EA29D2C9 Data
    • Asymmetric
      • Public/Private Key Cryptography
      • Encrypt with public key to send over insecure channel that only can be decrypted with the private key
      • Encrypt with the private key, the public key can decrypt to verify the authenticity of the signer
      • Examples:
        • SSL, PGP, S/MIME
    • Asymmetric Example Currently in Lasso, you would need to use [os_process] to use PGP or similar command-line tool to sign/encrypt using public/private keys.
    • Hash
      • One-way algorithm
      • Used as an integrity check, storing passwords
      • Examples:
        • MD5
        • SHA-1
        • SHA-256
    • Hash
      • The ideal cryptographic hash function has four main properties:
        • it is easy to compute the hash value for any given message,
        • it is infeasible to find a message that has a given hash,
        • it is infeasible to modify a message without changing its hash,
        • it is infeasible to find two different messages with the same hash.
    • Hash Example [ encode_hex( cipher_digest('Data',-digest='RIPEMD160') ) ] LP8: 934C399FC545B1C385E96CC30EFE8321B84F107C
    • Rainbow Table Attack
      • Rainbow tables contain pre-computed hashes of most likely secrets – allows quick reversing of a hash
      • Example:
        • 934C399FC545B1C385E96CC30EFE8321B84F107C = Data
      • Use a 'salt' to defeat rainbow tables
      • Iterate hash 1000 times or more – key strengthening
      • Message Authentication Code (MAC)
      • Similar to hash, but takes a secret key
      • Protects integrity and authenticity
      • Secret key used to create MAC and validate its authenticity
      • HMAC is MAC using a specific algorithm (RFC 2104)
    • HMAC Example [Encrypt_HMAC( 'Data', 'supersecretpassword', -Digest='SHA1',-Cram) ] LP8: 13c6e2d6bafbbed0723a00a61f79cde424cb83b7
    • Recommendations for Lasso
      • SSL for transport
      • Do not use JavaScript encryption
      • Symmetric (data at rest)
        • [encrypt_blowfish]
        • [cipher_encrypt(-cipher='CAST5-CBC')]
      • Hash (passwords)
        • [cipher_digest(-cipher='RIPEMD160')]
    • Recommendations for Lasso
      • HMAC (roundtrip public data, w/symmetric encryption for roundtrip secret data)
        • [Encrypt_HMAC(-Digest='SHA1')]
      • Remember to allow for key rotation, key revocation, and algorithm changes
      • Use a unique salt for every hash
      • Use key strengthening of at least 1000 for hashes of passwords
      • Protect keys!
    • Don't Do This
      • Store passwords in plaintext
      • Use the same salt for all passwords
      • Use MD5 for anything
      • Use ECB mode
      • Re-use keys for different purposes
      • Create your own cipher
    • CarTalk: The Puzzler 2007-12-17 Imagine you have a friend who lives in Russia where the KGB spies on everyone and everything and you want to send a valuable object to this friend. So you have a box which is more than large enough to contain the object and you have several locks with keys. Now this box, I suppose you could call it a strongbox, has a lock ring which is more than large enough to have a padlock attached to it. In fact it's large enough to accommodate several locks. But your friend does not have to the key to any lock that you have. Now you can't send a key in the mail because the KGB will intercept it and they will copy it. And you can't not lock the box, because the object is very valuable. So you have to send it through the mail. You can't hand deliver it. You want to lock it so that your friend can open it, but the KGB can't. The question is, how would you do it? From: http://www.cartalk.com/content/puzzler/transcripts/200750/
    • CarTalk: The Puzzler Answer 2007-12-17 RAY: So the question is how do you package your valuable objects so that the KGB cannot open it, but your friend can? Now instead of a key, I would have mailed a hacksaw. But in the spirit of the puzzler that wouldn't have been fair. TOM: Sure. RAY: You put the valuable thing in the box. You put as many locks as you want on the clasp, making sure you leave room for at least one more. TOM: Yeah. RAY: You mail the thing to Russia. Your friend gets it. He doesn't have a key to any of these locks that you put on it. He puts another lock on it for which he has the key. He mails it back to you. You remove all of your locks and you can't get it open now. But you don't have to. TOM: He can. RAY: When you mail it back to him. From: http://www.cartalk.com/content/puzzler/transcripts/200750/answer.html
    • Thank You! Questions?