0
Introduction to
Encryption

6th Feb 2014
Who am I?
PHP Developer

@faffyman
@phpbelfast
What’s this talk about?
Mostly the Why and the What
And just a little bit of the How
What this talk is not about
Probability Theory behind encryption

encryption model definitions
Why Encrypt?
Secure communications
- TLS Email
- SSL web

Payment Gateways
-Credit Cards
-Bitcoins

Filesystems
-DVD
-Memo...
What is Encryption?
Είναι όλα ελληνικά για μένα
It’s all Greek to me
*Encryption is…
“An algorithm that can encode a message
such that it is only readable by authorized
persons”

*Generally s...
*Encryption is… a Cipher..
“A pair of algorithms such that the output
ciphertext of the encoding algorithm can be
efficien...
Examples of
Encryption through
history
The Caesar Cipher
Also known as the shift cipher
Or substitution cipher
Shift 3 chars left

Plain : ABCDEFGHIJKLMNOPQRSTUVWXYZ
Cipher: XYZABCDEFGHIJKLMNOPQRSTUVW

Ciphertext: QEB NRFZH YOLTK CLU...
The Vigener Cipher
16th Century Rome

Is a Modulo shift cipher
Create a repeating key the same length as the message

Plain : PHP BELFAST ENCRYTION TALK
Key : BLI NKSTUDI OSBLINKST UDIO...
Playfair Mr Kennedy
Famous WWII message involving JFK

PHBEL
FASTC
DGIKM
NOQRU
VWXYZ

http://j.mp/pFAIR

IN TR OD UC TI ON...
The One Time Pad
1917, Vernam

Symantically secure, practically useless
Very fast encode / decode
Stream Cipher
The One Time Pad

Uses A Random Key of equal length to the message
AJDPWNCGS82NCPS03NCBS72HGTWX1EZMBLHPY04YDVS2D
Rotor Machines
Lorenz Cipher (a.k.a. Tunny)

Enigma
“Nothing to report”
Encryption is just XOR?
There is a lot if it - yes
M: 0 1 1 0 1 1 1
Ke: 1 0 1 1 0 0 1
C: 1 1 0 1 1 1 0
Kd: 1 0 1 1 0 0 1
M...
Symmetric Ciphers
D ( K, E(k, m) ) = M

Decryption of Encrypted Message = Original Message
Symmetric Ciphers
2 Identical Inputs = 2 different outputs
Making It Practical
Stream Ciphers
And

Block Ciphers
In danger of getting complex now…
Pseudo Randomness
Pseudo Random Key
PRF – Pseudo Rand Function
PRG – Pseudo Rand Generator
PRP – Pseudo Rand Permutation
Pseudo Random Keys
Short Input => Long Output
Data Encryption Standard
DES
1970 – 1976 - IBMs Lucifer cipher approved as Fed. Standard
1997 - DES is broken by exhaustiv...
Feistel Network
Common Block Cipher Construction

DES is a 16 round Fiestel construction

http://j.mp/feistDES
Advanced Encryption Standard

AES
Uses block cipher – But NOT a Fiestel Construction
1997: DES Broken NIST requests propos...
AES
Side Channel Attacks
•
•
•
•

j.mp/1c9v9Vi

Timing Attacks
Power Attacks
Sound Attacks
Replay Attacks
ECB
Electronic Code Book

Encrypted with ECB

j.mp/1kONKMk

Encrypted in other modes
show pseudo randomness
CBC
Chain Block Cipher

j.mp/1kONKMk
CTR
Counter Mode
MICs and MACs
Message Integrity or Authentication Code
Basically - Hash Functions
MD5 - weak
SHA-1 - weak
SHA-256 - better...
Authenticated Encryption
Encrypt then MAC
- always provides A.E.

MAC then Encrypt is open to CCA attacks
- it’s ok IF you...
Key Exchange
Public/Private Keys
Public key used to encrypt
Private key used to decrypt
Uses large primes (600+ digits) and modulus of ...
Public/Private Keys
ALICE
Generate array of
public & private keys
Alice decrypts with Secret key
To obtain Bobs random num...
PHP – password storage
•
•
•
•
•
•
•

Raw / Plaintext – do people really do this?
Roll your own encryption mechanism
MySQL...
Golden Rule:
Libraries, libraries, libraries
Always use a tried & tested library

*NEVER*
Roll your own
PHP – MAC
hash_hmac()
hash_hmac ($algo, $data, $key [$raw_output = false])
hash_hmac(’sha256’,’phpbelfast rocks', ’MySecre...
PHP crypt()

j.mp/1nPFttR
PHP – openssl library
openssl_get_cipher_methods()

openssl_cipher_iv_length()
openssl_encrypt()
openssl_decrypt()
j.mp/1d...
PHPass – for php v 5.4-

j.mp/phpass
PHP password_hash()
v5.5+
password_hash( $password, $algo [, $options] )
password_verify( $password, $hash )

php.net/pass...
Credits
Cover image -Enigma Machine by Skittledog
http://flic.kr/p/9VjJz5
Creative Commons
http://creativecommons.org/lice...
Final Thought
“Only amateurs attack machines,
professionals attack humans”
- Bruce Schneier
Upcoming SlideShare
Loading in...5
×

Introduction to encryption

2,388

Published on

A brief overview of historical cryptography, moving into modern methods and a few How-To examples for PHP.

Talk given to @phpbelfast PHP User Group - Feb 2014 by @faffyman

Published in: Technology, Education
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
2,388
On Slideshare
0
From Embeds
0
Number of Embeds
9
Actions
Shares
0
Downloads
20
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • Because it’s basically about encoding the data into a format your enemy cannot understand.
  • Symmettric and Asymmetric encryption is different.
  • Using a 26 letter alphabet there are 26! Combinations = 2^88 or 88bits
  • The PT Boat incident.Kennedy’s message gave away the position of the boat and their pick up times.Wheatston & palmerston
  • Very fast encoding and decoding – but the length of the key makes it impractical. It’s as difficult to transmit the key as the plaintext message.WEP 802.11b is bad crypto – it’s keyspace is exhausted so it’s effectively 2 time pad.IV is 24bit so it recycles after 16million data packetsWorse still it resets to zero each time the router reboots.
  • Key is very longSharing the Key s difficultSharing the key is as insecure as sharing the messageMessages should never repeatMessages with known portions are prone to being tampered with“nothing to report”
  • A German in the desert consistently sent the message Nothing to reportKnown plain text + intercepted cipher text meant they could figure out the machine settings for the day
  • XOR makes hardware encoding really fast and simplegenerally convert plain text messages to HEX pairs and XOR those pairs (perhaps via binary)The XOR rule above is WHY we cannot have a two time PADXOR +XOR = original text
  • Hopefully one of the only formula’s you’ll encounter tonightBasically Decrypt(encrypted message) = message
  • The One Time pad is a stream cipherStream ciphers use a small key but PAD it out to the required length with Pseudo randomnessStream ciphers are fast and commonly used by hardware systems – e.g. DVD encryption, GSM phones, Bluetooth all use stream ciphersRC4 (1987) is a common stream cipher encrypts 1 byte per roundDVD Encryption uses CSS (Code scrambling system)Salsa 20 is a modern stream cipher – process 5 x faster than RC4Block ciphers are the workhorse of modern encryptionExamples includes 3DES (64bit blocks) and key is 168 bitAES (128 bit blocks) key is 128,192 or 256 bitKey is expanded into one key per blockEncryption of block one is fed into block two and so on….Block ciphers are much slower than stream ciphers SLOWER is BETTERI’ll do a few definitions only.
  • Pseudo random keys are generated by PRGsA PRG uses a PRF A PRP is an invertible PRFAll PRPs are PRFsNOT all PRFs are PRPs some are non invertiblePRG – Stream CipherPRP = Block CipherA PRP is used by Block ciphers – not stream ciphers - think AES, 3DES etc
  • Small keys are EXPANDED by the PRG to form a ONE TIME PAD key of the required length.
  • DES used for cheque clearing and many other legacy banking systems.AES is Advanced Encryption Standard.Developed by Horst Fiestel in 1970s3DES tripled the workload time2DES is useless as it is prone to a meet in the middle attack
  • Used by DES, 3DES and Blowfish among othersTakes a *secure* PRF (non invertible) and makes it Efficiently invertble after 3 rounds.DES uses 16 rounds.TODO Small PHP script to demonstrate – add to gist - ? TODO
  • Substituion permutation layersKey XOR inputByte substitutionShift rowMix columnXOR with next key loop
  • Timing AttacksPower AttacksSound AttacksReplay attacks – resend a scrambled signal – could result in a duplicate web order
  • Electronic Code book sometimes falls foul of two time padSematic security says that cipher text tells you NOTHING about plain textBut in ECB if block n == block m then those two cipher texts are identicalEach block is encoded separately and independently of the others.
  • CBC gets over the short comings of ECB by feeding the results of one block into the intiialisation of the next block
  • Turns a Block Cipher into Stream CipherThe initalisation vector in this instance is eth Nonce + The CounterEach block differs from previous one due to eth counter – but not dependant on the previous blockYou can decrypt block independently of each other, or simultaneously is you know the number of blocksHence stream cipher
  • Most of the time when talking about encryption – we really mean hashingBecause most of the time we don’t need to decrypt only to confirm.Checking and rejecting an encrypted message based on MAC can leave you open to timing attacksIf decrypt fails or (login guessing) always add a random time interval before returning an error code.MAC also used to authenticate a message but do not provide confidentiality (Authenticated Encryption)
  • CCA – Chosen Cipher text attackCPA – Chosen Plaintext AttackAlways use hmac() in your own code.hash_hmac() provides keyed hashing not JUST hashing.Authenticated Encryption is relatively new – circa 2000
  • Physical world representation of secure communicationMathematical handshakes basically carry out the above scenario.The mathematical equivalent Public Key crypto was thought up by GCHQ employeeCliff Cocks 1973 – only declassified in 1997He worked it out in his head in 3 hours and had to remember it!!!!Source The Infinite Monkey Cage – 3rd Dec 2012 - Secret ScienceSimon Singh, Dr. Sue Back
  • Diffie / Hellmann is the modern approved Public Key system (RSA)It’s all about prime numbers & factorsPick a large primePick a number less than the primeRaise a fixed number to the power of that number less than the prime128bit encryption has modulus size of 3072 bits256bit AES has modulus size of 15,360bits – that’s why it’s a good protocol.
  • This is basically Diffie Hellman.
  • Many older systems still have plain text passowrds stored
  • Use a really long random key – Generate a random key with e.g. openssl_random_pseudo_bytes(64)Don’t reuse the same key over and over againUse a random 64bit minimum saltStore the salt along side the hashYou can store an encrypted version of the Salt with a re-usable key from your site configvars
  • Use OPEN SSL if decryption is required.Use openssl for Public private key encryption/decryptionOpenssl_public_[en|de]cryptOpenssl_private_[en|de]crypt
  • For versions of PHP less than 5.5 this is a good solid easy to use option
  • Php 5.5 password_hash is a wrapper for crypt()Hashes created by crypt can be used with password_hash()By default uses bcrypt CRYPT_BLOWFISHThe $hash returned by password_hash contains the algorith, workload and salt.Retrievable with password_get_info()
  • Transcript of "Introduction to encryption"

    1. 1. Introduction to Encryption 6th Feb 2014
    2. 2. Who am I? PHP Developer @faffyman @phpbelfast
    3. 3. What’s this talk about? Mostly the Why and the What And just a little bit of the How
    4. 4. What this talk is not about Probability Theory behind encryption encryption model definitions
    5. 5. Why Encrypt? Secure communications - TLS Email - SSL web Payment Gateways -Credit Cards -Bitcoins Filesystems -DVD -Memory Cards Cable TV Signals Online Voting DRM WEP Skype Calls
    6. 6. What is Encryption? Είναι όλα ελληνικά για μένα It’s all Greek to me
    7. 7. *Encryption is… “An algorithm that can encode a message such that it is only readable by authorized persons” *Generally speaking.
    8. 8. *Encryption is… a Cipher.. “A pair of algorithms such that the output ciphertext of the encoding algorithm can be efficiently transformed back to the original text by the decoding algorithm” *not always true
    9. 9. Examples of Encryption through history
    10. 10. The Caesar Cipher Also known as the shift cipher Or substitution cipher
    11. 11. Shift 3 chars left Plain : ABCDEFGHIJKLMNOPQRSTUVWXYZ Cipher: XYZABCDEFGHIJKLMNOPQRSTUVW Ciphertext: QEB NRFZH YOLTK CLU GRJMP LSBO QEB IXWV ALD Plaintext: the quick brown fox jumps over the lazy dog
    12. 12. The Vigener Cipher 16th Century Rome Is a Modulo shift cipher
    13. 13. Create a repeating key the same length as the message Plain : PHP BELFAST ENCRYTION TALK Key : BLI NKSTUDI OSBLINKST UDIO Cipher: RTY PPEZVWC TEEDHHTHH OEUZ P = 16 + B=2 = 18 = R H = 8 + L=12 = 20 = T L = 12 + S=19 = 31 % 26 = 5 = E
    14. 14. Playfair Mr Kennedy Famous WWII message involving JFK PHBEL FASTC DGIKM NOQRU VWXYZ http://j.mp/pFAIR IN TR OD UC TI ON TO EN CR YP TI ON DQ KY NG ZM SK QO AR PR TU VE SK QO
    15. 15. The One Time Pad 1917, Vernam Symantically secure, practically useless Very fast encode / decode Stream Cipher
    16. 16. The One Time Pad Uses A Random Key of equal length to the message AJDPWNCGS82NCPS03NCBS72HGTWX1EZMBLHPY04YDVS2D
    17. 17. Rotor Machines Lorenz Cipher (a.k.a. Tunny) Enigma “Nothing to report”
    18. 18. Encryption is just XOR? There is a lot if it - yes M: 0 1 1 0 1 1 1 Ke: 1 0 1 1 0 0 1 C: 1 1 0 1 1 1 0 Kd: 1 0 1 1 0 0 1 M: 0 1 1 0 1 1 1
    19. 19. Symmetric Ciphers D ( K, E(k, m) ) = M Decryption of Encrypted Message = Original Message
    20. 20. Symmetric Ciphers 2 Identical Inputs = 2 different outputs
    21. 21. Making It Practical Stream Ciphers And Block Ciphers In danger of getting complex now…
    22. 22. Pseudo Randomness Pseudo Random Key PRF – Pseudo Rand Function PRG – Pseudo Rand Generator PRP – Pseudo Rand Permutation
    23. 23. Pseudo Random Keys Short Input => Long Output
    24. 24. Data Encryption Standard DES 1970 – 1976 - IBMs Lucifer cipher approved as Fed. Standard 1997 - DES is broken by exhaustive search Internet search – took 3 months 1998 – Deep Crack does it in 3 days (cost $250K) 1999 – combined search 22 hours 2000 – New Fed Standard adopted. Rijndael or AES
    25. 25. Feistel Network Common Block Cipher Construction DES is a 16 round Fiestel construction http://j.mp/feistDES
    26. 26. Advanced Encryption Standard AES Uses block cipher – But NOT a Fiestel Construction 1997: DES Broken NIST requests proposal for new std 1999: 5 shortlisted options 2000: Rijndael chosen to be new AES
    27. 27. AES
    28. 28. Side Channel Attacks • • • • j.mp/1c9v9Vi Timing Attacks Power Attacks Sound Attacks Replay Attacks
    29. 29. ECB Electronic Code Book Encrypted with ECB j.mp/1kONKMk Encrypted in other modes show pseudo randomness
    30. 30. CBC Chain Block Cipher j.mp/1kONKMk
    31. 31. CTR Counter Mode
    32. 32. MICs and MACs Message Integrity or Authentication Code Basically - Hash Functions MD5 - weak SHA-1 - weak SHA-256 - better Anti-Tamper codes
    33. 33. Authenticated Encryption Encrypt then MAC - always provides A.E. MAC then Encrypt is open to CCA attacks - it’s ok IF you use rand-CBC or rand-CTR mode - still open to padding attacks
    34. 34. Key Exchange
    35. 35. Public/Private Keys Public key used to encrypt Private key used to decrypt Uses large primes (600+ digits) and modulus of the powers of factors of that prime
    36. 36. Public/Private Keys ALICE Generate array of public & private keys Alice decrypts with Secret key To obtain Bobs random number BOB Bob chooses one public key Chooses a random secret {0,1}128 encrypts it using Public Key They now have a shared secret or key (Bobs number) with which to encrypt future messages
    37. 37. PHP – password storage • • • • • • • Raw / Plaintext – do people really do this? Roll your own encryption mechanism MySQL Encrypt() MD5() – no collision too common SHA and store salt bcrypt – No salt storage required phpass – no salt storage required j.mp/1nPFttR
    38. 38. Golden Rule: Libraries, libraries, libraries Always use a tried & tested library *NEVER* Roll your own
    39. 39. PHP – MAC hash_hmac() hash_hmac ($algo, $data, $key [$raw_output = false]) hash_hmac(’sha256’,’phpbelfast rocks', ’MySecret'); php.net/hash_hmac
    40. 40. PHP crypt() j.mp/1nPFttR
    41. 41. PHP – openssl library openssl_get_cipher_methods() openssl_cipher_iv_length() openssl_encrypt() openssl_decrypt() j.mp/1dp8OTq
    42. 42. PHPass – for php v 5.4- j.mp/phpass
    43. 43. PHP password_hash() v5.5+ password_hash( $password, $algo [, $options] ) password_verify( $password, $hash ) php.net/password_hash j.mp/1err98n
    44. 44. Credits Cover image -Enigma Machine by Skittledog http://flic.kr/p/9VjJz5 Creative Commons http://creativecommons.org/licenses/by-nc-sa/2.0/ Fiestel Network Diagram Dan Boneh, Stanford Unversity (Coursera – Cryptography I course) Link Bundle j.mp/1iq3xA5
    45. 45. Final Thought “Only amateurs attack machines, professionals attack humans” - Bruce Schneier
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×