Your SlideShare is downloading.
×

×
Saving this for later?
Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.

Text the download link to your phone

Standard text messaging rates apply

Like this presentation? Why not share!

- Encryption by vasanthimuniasamy 2646 views
- Cryptography.ppt by kusum sharma 32941 views
- Wireless encryption and decryption ... by ASHOKKUMAR RAMAR 1706 views
- ENCRYPTION PPT PRESENTATION.ppt by Tech Dude 24064 views
- Basic Encryption Decryption Chapter 2 by AfiqEfendy Zaen 3394 views
- Secure Data Transmission by bjp4642 1037 views

2,376

Published on

No Downloads

Total Views

2,376

On Slideshare

0

From Embeds

0

Number of Embeds

9

Shares

0

Downloads

20

Comments

0

Likes

1

No embeds

No notes for slide

- 1. Introduction to Encryption 6th Feb 2014
- 2. Who am I? PHP Developer @faffyman @phpbelfast
- 3. What’s this talk about? Mostly the Why and the What And just a little bit of the How
- 4. What this talk is not about Probability Theory behind encryption encryption model definitions
- 5. Why Encrypt? Secure communications - TLS Email - SSL web Payment Gateways -Credit Cards -Bitcoins Filesystems -DVD -Memory Cards Cable TV Signals Online Voting DRM WEP Skype Calls
- 6. What is Encryption? Είναι όλα ελληνικά για μένα It’s all Greek to me
- 7. *Encryption is… “An algorithm that can encode a message such that it is only readable by authorized persons” *Generally speaking.
- 8. *Encryption is… a Cipher.. “A pair of algorithms such that the output ciphertext of the encoding algorithm can be efficiently transformed back to the original text by the decoding algorithm” *not always true
- 9. Examples of Encryption through history
- 10. The Caesar Cipher Also known as the shift cipher Or substitution cipher
- 11. Shift 3 chars left Plain : ABCDEFGHIJKLMNOPQRSTUVWXYZ Cipher: XYZABCDEFGHIJKLMNOPQRSTUVW Ciphertext: QEB NRFZH YOLTK CLU GRJMP LSBO QEB IXWV ALD Plaintext: the quick brown fox jumps over the lazy dog
- 12. The Vigener Cipher 16th Century Rome Is a Modulo shift cipher
- 13. Create a repeating key the same length as the message Plain : PHP BELFAST ENCRYTION TALK Key : BLI NKSTUDI OSBLINKST UDIO Cipher: RTY PPEZVWC TEEDHHTHH OEUZ P = 16 + B=2 = 18 = R H = 8 + L=12 = 20 = T L = 12 + S=19 = 31 % 26 = 5 = E
- 14. Playfair Mr Kennedy Famous WWII message involving JFK PHBEL FASTC DGIKM NOQRU VWXYZ http://j.mp/pFAIR IN TR OD UC TI ON TO EN CR YP TI ON DQ KY NG ZM SK QO AR PR TU VE SK QO
- 15. The One Time Pad 1917, Vernam Symantically secure, practically useless Very fast encode / decode Stream Cipher
- 16. The One Time Pad Uses A Random Key of equal length to the message AJDPWNCGS82NCPS03NCBS72HGTWX1EZMBLHPY04YDVS2D
- 17. Rotor Machines Lorenz Cipher (a.k.a. Tunny) Enigma “Nothing to report”
- 18. Encryption is just XOR? There is a lot if it - yes M: 0 1 1 0 1 1 1 Ke: 1 0 1 1 0 0 1 C: 1 1 0 1 1 1 0 Kd: 1 0 1 1 0 0 1 M: 0 1 1 0 1 1 1
- 19. Symmetric Ciphers D ( K, E(k, m) ) = M Decryption of Encrypted Message = Original Message
- 20. Symmetric Ciphers 2 Identical Inputs = 2 different outputs
- 21. Making It Practical Stream Ciphers And Block Ciphers In danger of getting complex now…
- 22. Pseudo Randomness Pseudo Random Key PRF – Pseudo Rand Function PRG – Pseudo Rand Generator PRP – Pseudo Rand Permutation
- 23. Pseudo Random Keys Short Input => Long Output
- 24. Data Encryption Standard DES 1970 – 1976 - IBMs Lucifer cipher approved as Fed. Standard 1997 - DES is broken by exhaustive search Internet search – took 3 months 1998 – Deep Crack does it in 3 days (cost $250K) 1999 – combined search 22 hours 2000 – New Fed Standard adopted. Rijndael or AES
- 25. Feistel Network Common Block Cipher Construction DES is a 16 round Fiestel construction http://j.mp/feistDES
- 26. Advanced Encryption Standard AES Uses block cipher – But NOT a Fiestel Construction 1997: DES Broken NIST requests proposal for new std 1999: 5 shortlisted options 2000: Rijndael chosen to be new AES
- 27. AES
- 28. Side Channel Attacks • • • • j.mp/1c9v9Vi Timing Attacks Power Attacks Sound Attacks Replay Attacks
- 29. ECB Electronic Code Book Encrypted with ECB j.mp/1kONKMk Encrypted in other modes show pseudo randomness
- 30. CBC Chain Block Cipher j.mp/1kONKMk
- 31. CTR Counter Mode
- 32. MICs and MACs Message Integrity or Authentication Code Basically - Hash Functions MD5 - weak SHA-1 - weak SHA-256 - better Anti-Tamper codes
- 33. Authenticated Encryption Encrypt then MAC - always provides A.E. MAC then Encrypt is open to CCA attacks - it’s ok IF you use rand-CBC or rand-CTR mode - still open to padding attacks
- 34. Key Exchange
- 35. Public/Private Keys Public key used to encrypt Private key used to decrypt Uses large primes (600+ digits) and modulus of the powers of factors of that prime
- 36. Public/Private Keys ALICE Generate array of public & private keys Alice decrypts with Secret key To obtain Bobs random number BOB Bob chooses one public key Chooses a random secret {0,1}128 encrypts it using Public Key They now have a shared secret or key (Bobs number) with which to encrypt future messages
- 37. PHP – password storage • • • • • • • Raw / Plaintext – do people really do this? Roll your own encryption mechanism MySQL Encrypt() MD5() – no collision too common SHA and store salt bcrypt – No salt storage required phpass – no salt storage required j.mp/1nPFttR
- 38. Golden Rule: Libraries, libraries, libraries Always use a tried & tested library *NEVER* Roll your own
- 39. PHP – MAC hash_hmac() hash_hmac ($algo, $data, $key [$raw_output = false]) hash_hmac(’sha256’,’phpbelfast rocks', ’MySecret'); php.net/hash_hmac
- 40. PHP crypt() j.mp/1nPFttR
- 41. PHP – openssl library openssl_get_cipher_methods() openssl_cipher_iv_length() openssl_encrypt() openssl_decrypt() j.mp/1dp8OTq
- 42. PHPass – for php v 5.4- j.mp/phpass
- 43. PHP password_hash() v5.5+ password_hash( $password, $algo [, $options] ) password_verify( $password, $hash ) php.net/password_hash j.mp/1err98n
- 44. Credits Cover image -Enigma Machine by Skittledog http://flic.kr/p/9VjJz5 Creative Commons http://creativecommons.org/licenses/by-nc-sa/2.0/ Fiestel Network Diagram Dan Boneh, Stanford Unversity (Coursera – Cryptography I course) Link Bundle j.mp/1iq3xA5
- 45. Final Thought “Only amateurs attack machines, professionals attack humans” - Bruce Schneier

Be the first to comment