• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
JVM Encryption Boot Camp 0.4.3
 

JVM Encryption Boot Camp 0.4.3

on

  • 3,002 views

Matthew McCullough's presentation to the Boulder Java Users Group on encryption on the Java Virtual Machine (JVM) platform.

Matthew McCullough's presentation to the Boulder Java Users Group on encryption on the Java Virtual Machine (JVM) platform.

Statistics

Views

Total Views
3,002
Views on SlideShare
2,987
Embed Views
15

Actions

Likes
2
Downloads
0
Comments
0

2 Embeds 15

http://www.slideshare.net 13
https://www.linkedin.com 2

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

CC Attribution License

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    JVM Encryption Boot Camp 0.4.3 JVM Encryption Boot Camp 0.4.3 Presentation Transcript

    • TI YP P ON C R AM EN T C B OOurity is th e mi ssion Sec © Matthew McCullough, Ambient Ideas, LLC Sunday, April 25, 2010
    • SECURITY What’s ON THE J your po VM sition? Sunday, April 25, 2010
    • HACK ATT EMPTS PE in R the bi llions D AY Sunday, April 25, 2010
    • G? ot TINbly n YP oba ENCR pr say st atis tics Sunday, April 25, 2010
    • delicious.com/matthew.mccullough/encryption Sunday, April 25, 2010
    • Sunday, April 25, 2010
    • ANCIENT HISTORY Everything old is new again Sunday, April 25, 2010
    • ANCIENT HISTORY Everything old is new again Sunday, April 25, 2010
    • Sunday, April 25, 2010
    • new this oss” over uff b all n st “I’m yptio encr Sunday, April 25, 2010
    • 44 B.C. Sunday, April 25, 2010
    • 44 B.C. That’s 2,054 years ago... Sunday, April 25, 2010
    • Sunday, April 25, 2010
    • Sunday, April 25, 2010
    • Julius Caesar Sunday, April 25, 2010
    • Sunday, April 25, 2010
    • Sunday, April 25, 2010
    • Caesar Cipher a.k.a. ROT(2) Shift Cipher A B C D E F G A B C D E F G Sunday, April 25, 2010
    • Caesar Cipher a.k.a. ROT(2) Shift Cipher A B C D E F G A B C D E F G Sunday, April 25, 2010
    • Caesar Cipher a.k.a. ROT(2) Shift Cipher A B C D E F G A B C D E F G Sunday, April 25, 2010
    • Caesar Cipher a.k.a. ROT(2) Shift Cipher Sunday, April 25, 2010
    • Caesar Cipher Sunday, April 25, 2010
    • Caesar Cipher Z M S R Sunday, April 25, 2010
    • Caesar Cipher Z M S R 30s 25s 20s 15s 10s 5s Stop Sunday, April 25, 2010
    • Caesar Cipher Z M S R Sunday, April 25, 2010
    • Caesar Cipher Z M S R A N T S if encrypted with ROT(-1) Sunday, April 25, 2010
    • Caesar Cipher Z M S R A N T S if encrypted with ROT(-1) B O U T if encrypted with ROT(-2) Sunday, April 25, 2010
    • /** * A naively simple rotation cipher implementation. * USAGE: groovy RotateWord.groovy <yourword> */ public class RotateWord { /** * Rotate one character by the specified amount */ private static char rotateChar(char c, int rotationAmount) { //a == 97, z == 122 int num = (int)c int rotated = num + rotationAmount int adjusted //Handle roll-around wrapping Sunday, April 25, 2010
    • /** * A naively simple rotation cipher implementation. * USAGE: groovy RotateWord.groovy <yourword> */ public class RotateWord { /** * Rotate one character by the specified amount */ private static char rotateChar(char c, int rotationAmount) { //a == 97, z == 122 int num = (int)c int rotated = num + rotationAmount int adjusted //Handle roll-around wrapping if (rotated > 122) adjusted = rotated - 26 else if (rotated < 97) adjusted = rotated + 26 else adjusted = rotated Sunday, April 25, 2010
    • public class RotateWord { /** * Rotate one character by the specified amount */ private static char rotateChar(char c, int rotationAmount) { //a == 97, z == 122 int num = (int)c int rotated = num + rotationAmount int adjusted //Handle roll-around wrapping if (rotated > 122) adjusted = rotated - 26 else if (rotated < 97) adjusted = rotated + 26 else adjusted = rotated char adjustedChar = (char)adjusted return adjustedChar } /** Sunday, April 25, 2010
    • private static char rotateChar(char c, int rotationAmount) { //a == 97, z == 122 int num = (int)c int rotated = num + rotationAmount int adjusted //Handle roll-around wrapping if (rotated > 122) adjusted = rotated - 26 else if (rotated < 97) adjusted = rotated + 26 else adjusted = rotated char adjustedChar = (char)adjusted return adjustedChar } /** * Rotate the entire String by the specified rotation amount. */ public static String rotateAllChars(String plainText, int rotationAmount) { String encodedMessage = "" Sunday, April 25, 2010
    • adjusted = rotated + 26 else adjusted = rotated char adjustedChar = (char)adjusted return adjustedChar } /** * Rotate the entire String by the specified rotation amount. */ public static String rotateAllChars(String plainText, int rotationAmount) { String encodedMessage = "" //Loop through each character in the plaintext for (int i = 0; i < plainText.length(); i++) { //TODO: Improve to handle upper and lower case letters char c = plainText.toLowerCase().charAt(i) encodedMessage += rotateChar(c, rotationAmount) } return encodedMessage } Sunday, April 25, 2010
    • return adjustedChar } /** * Rotate the entire String by the specified rotation amount. */ public static String rotateAllChars(String plainText, int rotationAmount) { String encodedMessage = "" //Loop through each character in the plaintext for (int i = 0; i < plainText.length(); i++) { //TODO: Improve to handle upper and lower case letters char c = plainText.toLowerCase().charAt(i) encodedMessage += rotateChar(c, rotationAmount) } return encodedMessage } public static void main (String[] args) { String originalword = args[0] println "Rot(-3) Word: " + rotateAllChars(originalword, -3) Sunday, April 25, 2010
    • public static void main (String[] args) { String originalword = args[0] println "Rot(-3) Word: " + rotateAllChars(originalword, -3) println "Rot(-2) Word: " + rotateAllChars(originalword, -2) println "Rot(-1) Word: " + rotateAllChars(originalword, -1) println "Original Word: ${originalword}" println "Rot(1) Word: " + rotateAllChars(originalword, 1) println "Rot(2) Word: " + rotateAllChars(originalword, 2) } } Sunday, April 25, 2010
    • BROKEN Perfectly safe data is a myth Sunday, April 25, 2010
    • BROKEN Perfectly safe data is a myth Sunday, April 25, 2010
    • Compromised Sunday, April 25, 2010
    • Compromised ! Every algorithm is vulnerable Sunday, April 25, 2010
    • Compromised ! Every algorithm is vulnerable ! Crack by brute force Sunday, April 25, 2010
    • Compromised ! Every algorithm is vulnerable ! Crack by brute force ! Crack by rainbow tables Sunday, April 25, 2010
    • Compromised ! Every algorithm is vulnerable ! Crack by brute force ! Crack by rainbow tables ! Function of time + money + hardware Sunday, April 25, 2010
    • Sunday, April 25, 2010
    • $2000 $ 50 Sunday, April 25, 2010
    • $2000 Whic h wo uld y ou hit $ 50 ? Sunday, April 25, 2010
    • JCE PRIMER The world of Java crypto Sunday, April 25, 2010
    • JCE PRIMER The world of Java crypto Sunday, April 25, 2010
    • Java Cryptography Extension Known as JCE Included in all JREs Since Java 1.2 Pluggable provider architecture JCE extends Java Cryptography Architecture (JCA) Sunday, April 25, 2010
    • JCE Providers Default Sun JRE Providers SUN SunJCE SunJSSE SunRsaSign BouncyCastle Provider Adds AES capabilities Sunday, April 25, 2010
    • Registering a Provider Static <java-home>/lib/security/java.security security.provider.n=masterClassName Sunday, April 25, 2010
    • Registering a Provider Dynamic ! java.security.Security class addProvider() insertProviderAt() ! Not persistent across VM instances Sunday, April 25, 2010
    • Encryption & the Law country borders stop bits Sunday, April 25, 2010
    • JCE Strength ! Jurisdiction Policy Files ! Two variants ! Algorithm strength differences Sunday, April 25, 2010
    • Unlimite d Sunday, April 25, 2010
    • Unlimite d Sunday, April 25, 2010
    • Strong Sunday, April 25, 2010
    • Strong Sunday, April 25, 2010
    • JCE Strength Sunday, April 25, 2010
    • JCE Strength Strong strength included in all JREs Sunday, April 25, 2010
    • JCE Strength Strong strength included in all JREs Unlimited strength is a separate download available based on US export rules Sunday, April 25, 2010
    • Sunday, April 25, 2010
    • Sunday, April 25, 2010
    • Sunday, April 25, 2010
    • Worldwide Policy // File: default_local.policy // Some countries have import limits on crypto strength. // This policy file is worldwide importable. grant { permission javax.crypto.CryptoPermission "DES", 64; permission javax.crypto.CryptoPermission "DESede", *; permission javax.crypto.CryptoPermission "RC2", 128, "javax.crypto.spec.RC2ParameterSpec", 128; permission javax.crypto.CryptoPermission "RC4", 128; permission javax.crypto.CryptoPermission "RC5", 128, "javax.crypto.spec.RC5ParameterSpec", *, 12, *; permission javax.crypto.CryptoPermission "RSA", 2048; permission javax.crypto.CryptoPermission *, 128; }; Sunday, April 25, 2010
    • Max Key Sizes Algorithm Max Key Size DES 64 DESede 168 3des RC2 128 RC4 128 RC5 128 RSA 2048 Others 128 Sunday, April 25, 2010
    • Digests & Hashes One way functions Sunday, April 25, 2010
    • What is a Digest? Small set of bytes representing a large message Small change in message = large change in digest Integrity check for large data Password storage mechanism Sunday, April 25, 2010
    • MessageDigest Sunday, April 25, 2010
    • MessageDigest ! java.security.MessageDigest Sunday, April 25, 2010
    • MessageDigest ! java.security.MessageDigest ! Multiple algorithms available Sunday, April 25, 2010
    • MessageDigest ! java.security.MessageDigest ! Multiple algorithms available ! MD5 (128 bit) Sunday, April 25, 2010
    • MessageDigest ! java.security.MessageDigest ! Multiple algorithms available ! MD5 (128 bit) ! SHA-1 (160 bit) Sunday, April 25, 2010
    • MessageDigest Sunday, April 25, 2010
    • MessageDigest Sunday, April 25, 2010
    • MessageDigest ! MD5 ! U. S. Department of Homeland Security said MD5 "considered cryptographically broken and unsuitable for further use" Sunday, April 25, 2010
    • System.out.println("Message1 SHA1 digest: " + shaAndBase64Encode(message1)); System.out.println("Message2 SHA1 digest: " + shaAndBase64Encode(message2)); } /** * Helper function to both SHA-1 hash and * base64 encode the resulting bytes to a String */ public static String shaAndBase64Encode(String message) throws NoSuchAlgorithmException { MessageDigest sha = MessageDigest.getInstance("SHA-1"); //Salt could be applied here //Integer salt = <some random number generator> //sha.update(salt.getBytes()); byte[] digest = sha.digest(message.getBytes()); return new sun.misc.BASE64Encoder().encode(digest); } } Sunday, April 25, 2010
    • * * Demonstrate that very similar messages * have radically different hashes. */ public class MessageDigestSHA { public static void main( String[] args ) throws NoSuchAlgorithmException { //Set up the message to be encoded String message1 = "Four score and seven years ago"; String message2 = "Four score and seven tears ago"; System.out.println("Message1 SHA1 digest: " + shaAndBase64Encode(message1)); System.out.println("Message2 SHA1 digest: " + shaAndBase64Encode(message2)); } /** * Helper function to both SHA-1 hash and * base64 encode the resulting bytes to a String */ public static String shaAndBase64Encode(String message) throws NoSuchAlgorithmException { MessageDigest sha = MessageDigest.getInstance("SHA-1"); Sunday, April 25, 2010
    • Input String message1 = "Four score and seven years ago"; String message2 = "Four score and seven tears ago"; Result Message1 SHA1 digest: DmCJIg4Bq/xpGIxVXxo3IB0vo38= Message2 SHA1 digest: oaLHt8tr31ttngCDjyYuWowF5Mc= Sunday, April 25, 2010
    • SYMMETRIC My key is your key Sunday, April 25, 2010
    • SYMMETRIC My key is your key Sunday, April 25, 2010
    • Sunday, April 25, 2010
    • Sensitive Data Sunday, April 25, 2010
    • ht Sig ain Pl Sensitive Data Sunday, April 25, 2010
    • Recipient or Storage ht Sig ain Pl Sensitive Data Sunday, April 25, 2010
    • Recipient or Storage ht Sig r ed cu ain ts O b s Pl C on te n Sensitive Data Sunday, April 25, 2010
    • Why Symmetric? Sunday, April 25, 2010
    • Why Symmetric? ! Fast Sunday, April 25, 2010
    • Why Symmetric? ! Fast ! Well suited for bulk data Sunday, April 25, 2010
    • Using Symmetric Sunday, April 25, 2010
    • Using Symmetric Secure network for passing keys or Sunday, April 25, 2010
    • Using Symmetric Secure network for passing keys or Never decrypted at remote end Sunday, April 25, 2010
    • Symmetric Problems Sunday, April 25, 2010
    • Symmetric Problems Keys vulnerable to capture Sunday, April 25, 2010
    • Symmetric Problems Keys vulnerable to capture Eavesdropping on future communications after key compromise Sunday, April 25, 2010
    • Symmetric Problems Keys vulnerable to capture Eavesdropping on future communications after key compromise Key distribution challenges Sunday, April 25, 2010
    • Symmetric Problems Keys vulnerable to capture Eavesdropping on future communications after key compromise Key distribution challenges Triangular number key growth Sunday, April 25, 2010
    • Symmetric Problems ! Triangular number key growth Sunday, April 25, 2010
    • Symmetric A B Sunday, April 25, 2010
    • Symmetric A Message/File B Sunday, April 25, 2010
    • Symmetric A’s 256 bit symmetric key A Message/File B Sunday, April 25, 2010
    • Symmetric Encrypted with 256 bit symmetric key A’s 256 bit symmetric key A Message/File B Sunday, April 25, 2010
    • Symmetric Encrypted with 256 bit symmetric key A’s 256 bit symmetric key A Message/File B Sunday, April 25, 2010
    • Symmetric A’s 256 bit symmetric key A Message/File B Sunday, April 25, 2010
    • Symmetric A’s 256 bit symmetric key A Message/File B Sunday, April 25, 2010
    • SYMMETRIC Block versus Stream Algorithms Sunday, April 25, 2010
    • Stream vs. Block Sunday, April 25, 2010
    • Stream vs. Block Specific algorithms for each Sunday, April 25, 2010
    • SYMMETRIC (BLOCK) Sunday, April 25, 2010
    • Block Sunday, April 25, 2010
    • Block Predefined content length Sunday, April 25, 2010
    • Block Predefined content length Well-known end to the content Sunday, April 25, 2010
    • Block Predefined content length Well-known end to the content Files on disk Sunday, April 25, 2010
    • Block Predefined content length Well-known end to the content Files on disk Inefficient when padding Sunday, April 25, 2010
    • DES Data Encryption Standard Block cipher Banking industry DES is known to be broken Sunday, April 25, 2010
    • 3DES Data Encryption Standard Block cipher a.k.a DESede Basically three passes of DES Reasonably strong Sunday, April 25, 2010
    • Blowfish Block cipher Unpatented (intentionally) Secure replacement for DES Faster than DES 32 to 448 bit keys Overshadowed by AES Sunday, April 25, 2010
    • AES Advanced Encryption Standard Block cipher Government standard Rijndael algorithm (Joan Daemen, Vincent Rijmen) 4 years of evaluation Final in December 2000 Very Secure Sunday, April 25, 2010
    • SYMMETRIC (STREAM) Sunday, April 25, 2010
    • Stream Sunday, April 25, 2010
    • Stream Unknown content length Sunday, April 25, 2010
    • Stream Unknown content length Streaming video Sunday, April 25, 2010
    • Stream Unknown content length Streaming video Streaming voice Sunday, April 25, 2010
    • Stream Unknown content length Streaming video Streaming voice Similar to One-Time Pads Sunday, April 25, 2010
    • RC4 Sunday, April 25, 2010
    • RC4 Rivest’s Code 4 Sunday, April 25, 2010
    • RC4 Rivest’s Code 4 Stream cipher Sunday, April 25, 2010
    • RC4 Rivest’s Code 4 Stream cipher Trademarked (name, but not algorithm) Sunday, April 25, 2010
    • RC4 Rivest’s Code 4 Stream cipher Trademarked (name, but not algorithm) Used by Sunday, April 25, 2010
    • RC4 Rivest’s Code 4 Stream cipher Trademarked (name, but not algorithm) Used by Browsers in SSL, TLS Sunday, April 25, 2010
    • RC4 Rivest’s Code 4 Stream cipher Trademarked (name, but not algorithm) Used by Browsers in SSL, TLS WiFi in WEP WPA , Sunday, April 25, 2010
    • RC4 Rivest’s Code 4 Stream cipher Trademarked (name, but not algorithm) Used by Browsers in SSL, TLS WiFi in WEP WPA , BitTorrent Sunday, April 25, 2010
    • RC4 Rivest’s Code 4 Stream cipher Trademarked (name, but not algorithm) Used by Browsers in SSL, TLS WiFi in WEP WPA , BitTorrent ssh Sunday, April 25, 2010
    • RC4 Rivest’s Code 4 Stream cipher Trademarked (name, but not algorithm) Used by Browsers in SSL, TLS WiFi in WEP WPA , BitTorrent ssh Microsoft RDP Sunday, April 25, 2010
    • RC4 Rivest’s Code 4 Stream cipher Trademarked (name, but not algorithm) Used by Browsers in SSL, TLS WiFi in WEP WPA , BitTorrent ssh Microsoft RDP PDF Sunday, April 25, 2010
    • A5/1 Sunday, April 25, 2010
    • A5/1 A5/1 Sunday, April 25, 2010
    • A5/1 A5/1 Secret, unpublished Sunday, April 25, 2010
    • A5/1 A5/1 Secret, unpublished Reverse engineered Sunday, April 25, 2010
    • A5/1 A5/1 Secret, unpublished Reverse engineered Used by GSM phones Sunday, April 25, 2010
    • import java.security.InvalidKeyException; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; import javax.crypto.BadPaddingException; import javax.crypto.Cipher; import javax.crypto.IllegalBlockSizeException; import javax.crypto.KeyGenerator; import javax.crypto.NoSuchPaddingException; import javax.crypto.SecretKey; import sun.misc.BASE64Encoder; /** * Use the SecureRandom java security class to generate * a more expensive, but cryptographically secure random number. */ public class SymmetricEncrypt { public static void main( String[] args ) throws NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException { final String message1 = "Four score and seven years ago"; Sunday, April 25, 2010
    • import sun.misc.BASE64Encoder; /** * Use the SecureRandom java security class to generate * a more expensive, but cryptographically secure random number. */ public class SymmetricEncrypt { public static void main( String[] args ) throws NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException { final String message1 = "Four score and seven years ago"; //Build a new encryption key final KeyGenerator keyGen = KeyGenerator.getInstance("DESede"); keyGen.init(168); final SecretKey desKey = keyGen.generateKey(); //Set up the cipher final Cipher desCipher = Cipher.getInstance("DESede/ECB/PKCS5Padding"); ////////////////////////////////////// //Put the cipher in encryption mode desCipher.init(Cipher.ENCRYPT_MODE, desKey); //Encrypt and output the base64 data byte[] clearText = message1.getBytes(); byte[] encryptedBytes = desCipher.doFinal(clearText); BASE64Encoder b64e = new sun.misc.BASE64Encoder(); Sunday, April 25, 2010
    • final String message1 = "Four score and seven years ago"; //Build a new encryption key final KeyGenerator keyGen = KeyGenerator.getInstance("DESede"); keyGen.init(168); final SecretKey desKey = keyGen.generateKey(); //Set up the cipher final Cipher desCipher = Cipher.getInstance("DESede/ECB/PKCS5Padding"); ////////////////////////////////////// //Put the cipher in encryption mode desCipher.init(Cipher.ENCRYPT_MODE, desKey); //Encrypt and output the base64 data byte[] clearText = message1.getBytes(); byte[] encryptedBytes = desCipher.doFinal(clearText); BASE64Encoder b64e = new sun.misc.BASE64Encoder(); String base64Encrypted = b64e.encode(encryptedBytes); System.out.println("Encrypted text: " + base64Encrypted); ////////////////////////////////////// //Put the cipher in decryption mode desCipher.init(Cipher.DECRYPT_MODE, desKey); //Decrypt and output the original string byte[] decryptedBytes = desCipher.doFinal(encryptedBytes); String decryptedText = new String(decryptedBytes); System.out.println("Decrypted text: " + decryptedText); } } Sunday, April 25, 2010
    • //Set up the cipher final Cipher desCipher = Cipher.getInstance("DESede/ECB/PKCS5Padding"); ////////////////////////////////////// //Put the cipher in encryption mode desCipher.init(Cipher.ENCRYPT_MODE, desKey); //Encrypt and output the base64 data byte[] clearText = message1.getBytes(); byte[] encryptedBytes = desCipher.doFinal(clearText); BASE64Encoder b64e = new sun.misc.BASE64Encoder(); String base64Encrypted = b64e.encode(encryptedBytes); System.out.println("Encrypted text: " + base64Encrypted); ////////////////////////////////////// //Put the cipher in decryption mode desCipher.init(Cipher.DECRYPT_MODE, desKey); //Decrypt and output the original string byte[] decryptedBytes = desCipher.doFinal(encryptedBytes); String decryptedText = new String(decryptedBytes); System.out.println("Decrypted text: " + decryptedText); } } Sunday, April 25, 2010
    • Input String message1 = "Four score and seven years ago"; Result Encrypted text: P0FT6N3XXrohtsz7OLh3FGYY0wErkPIur1DP6Csbj4g= Decrypted text: Four score and seven years ago Sunday, April 25, 2010
    • ENCRYPTED = SAFE, RIGHT? information leakage from encrypted data Sunday, April 25, 2010
    • ENCRYPTED = SAFE, RIGHT? information leakage from encrypted data Sunday, April 25, 2010
    • Encrypted isn’t enough? http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation Sunday, April 25, 2010
    • SECURE KEY EXCHANGE securely swapping symmetric keys Sunday, April 25, 2010
    • SECURE KEY EXCHANGE securely swapping symmetric keys Sunday, April 25, 2010
    • Sunday, April 25, 2010
    • Sunday, April 25, 2010
    • Diffie-Hellman Sunday, April 25, 2010
    • Diffie-Hellman Key Agreement Protocol Sunday, April 25, 2010
    • Diffie-Hellman Key Agreement Protocol Alice & Bob independently generate the shared (session) key Sunday, April 25, 2010
    • Diffie-Hellman Key Agreement Protocol Alice & Bob independently generate the shared (session) key Published 1976, but invented earlier Sunday, April 25, 2010
    • Diffie-Hellman Key Agreement Protocol Alice & Bob independently generate the shared (session) key Published 1976, but invented earlier Vulnerable to MITM attack Sunday, April 25, 2010
    • Diffie-Hellman Key Agreement Protocol Alice & Bob independently generate the shared (session) key Published 1976, but invented earlier Vulnerable to MITM attack Fixed by PKI Sunday, April 25, 2010
    • Diffie-Hellman Key Agreement Protocol Alice & Bob independently generate the shared (session) key Published 1976, but invented earlier Vulnerable to MITM attack Fixed by PKI and signing the agreed key Sunday, April 25, 2010
    • DH Diagrammed A B Sunday, April 25, 2010
    • DH Diagrammed predetermined and openly shared A B Sunday, April 25, 2010
    • DH Diagrammed predetermined and openly shared g = random g = 11 A B Sunday, April 25, 2010
    • DH Diagrammed predetermined and openly shared g = random p = prime g = 11 p = 23 A B Sunday, April 25, 2010
    • DH Diagrammed predetermined and openly shared g = random p = prime g = 11 p = 23 picks a = 6 picks b = 4 A B Sunday, April 25, 2010
    • DH Diagrammed predetermined and openly shared g = random p = prime g = 11 p = 23 picks a = 6 picks b = 4 A A= ga mod p B B= gb mod p Sunday, April 25, 2010
    • DH Diagrammed predetermined and openly shared g = random p = prime g = 11 p = 23 picks a = 6 picks b = 4 A A= ga mod p B B= gb mod p 9=116 mod 23 13=114 mod 23 Sunday, April 25, 2010
    • DH Diagrammed predetermined and openly shared g = random p = prime g = 11 p = 23 picks a = 6 picks b = 4 A A= ga mod p B B= gb mod p 9=116 mod 23 13=114 mod 23 B=13 A=9 Sunday, April 25, 2010
    • DH Diagrammed predetermined and openly shared g = random p = prime g = 11 p = 23 picks a = 6 picks b = 4 A A= ga mod p B B= gb mod p 9=116 mod 23 13=114 mod 23 B=13 A=9 K= Ba mod p K= Ab mod p Sunday, April 25, 2010
    • DH Diagrammed predetermined and openly shared g = random p = prime g = 11 p = 23 picks a = 6 picks b = 4 A A= ga mod p B B= gb mod p 9=116 mod 23 13=114 mod 23 B=13 A=9 K= Ba mod p K= Ab mod p 6= 136 mod 23 6= 94 mod 23 Sunday, April 25, 2010
    • DH Diagrammed predetermined and openly shared g = random p = prime g = 11 p = 23 picks a = 6 picks b = 4 A A= ga mod p B B= gb mod p 9=116 mod 23 13=114 mod 23 B=13 A=9 K= Ba mod p K= Ab mod p 6= 136 mod 23 6= 94 mod 23 Encryption can begin Sunday, April 25, 2010
    • RANDOM NUMBERS Seed the machine Sunday, April 25, 2010
    • RANDOM NUMBERS Seed the machine Sunday, April 25, 2010
    • SecureRandom java.security.SecureRandom Cryptographically strong random number generator (RNG) “Unable to distinguish from a true random source” Used in combination with many ciphers Sunday, April 25, 2010
    • package com.ambientideas; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; /** * Use the SecureRandom java security class to generate * a more expensive, but cryptographically secure random number. */ public class SecureRandomNumber { public static void main( String[] args ) throws NoSuchAlgorithmException { //Do the expensive one time setup of the Sunday, April 25, 2010 // random number generator instance
    • import java.security.SecureRandom; /** * Use the SecureRandom java security class to generate * a more expensive, but cryptographically secure random number. */ public class SecureRandomNumber { public static void main( String[] args ) throws NoSuchAlgorithmException { //Do the expensive one time setup of the // random number generator instance SecureRandom prng = SecureRandom.getInstance("SHA1PRNG"); //Get the next random number String randomNum = new Integer( prng.nextInt() ).toString(); System.out.println("Random number: " + randomNum); } } Sunday, April 25, 2010
    • * a more expensive, but cryptographically secure random number. */ public class SecureRandomNumber { public static void main( String[] args ) throws NoSuchAlgorithmException { //Do the expensive one time setup of the // random number generator instance SecureRandom prng = SecureRandom.getInstance("SHA1PRNG"); //Get the next random number String randomNum = new Integer( prng.nextInt() ).toString(); System.out.println("Random number: " + randomNum); } } Sunday, April 25, 2010
    • Result Random number: 1633471380 Sunday, April 25, 2010
    • ASYMMETRIC Throwing away keys faster than an intern locksmith Sunday, April 25, 2010
    • ASYMMETRIC Throwing away keys faster than an intern locksmith Sunday, April 25, 2010
    • Sunday, April 25, 2010
    • Sunday, April 25, 2010
    • RSA Ron Rivest, Adi Shamir, Leonard Adleman Published in 1978 M.I.T. Patented in 1983 Patent Expired in 2000 Sunday, April 25, 2010
    • http://xkcd.com/538/ Sunday, April 25, 2010
    • http://xkcd.com/538/ Sunday, April 25, 2010
    • RSA A B Sunday, April 25, 2010
    • RSA A Message/File B Sunday, April 25, 2010
    • RSA B’s 2048 bit public key A Message/File B Sunday, April 25, 2010
    • RSA Encrypted with 2048 bit RSA key A Message/File B Sunday, April 25, 2010
    • RSA Encrypted with 2048 bit RSA key B’s 2048 bit private key A Message/File B Sunday, April 25, 2010
    • RSA A Message/File B Sunday, April 25, 2010
    • RSA A Message/File B Sunday, April 25, 2010
    • import java.io.IOException; import java.security.InvalidKeyException; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; import java.security.PrivateKey; import java.security.PublicKey; import java.security.SecureRandom; import javax.crypto.BadPaddingException; import javax.crypto.Cipher; import javax.crypto.IllegalBlockSizeException; import javax.crypto.NoSuchPaddingException; import sun.misc.BASE64Encoder; /** * Use the SecureRandom java security class to generate * a more expensive, but cryptographically secure random number. Sunday, April 25, 2010
    • public static void main( String[] args ) throws NoSuchAlgorithmException, NoSuchProviderException, IOException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException { final String message1 = "Four score and seven years ago"; // Generate the Key Pair final KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA"); final SecureRandom random = SecureRandom.getInstance("SHA1PRNG", "SUN"); keyGen.initialize(1024, random); KeyPair pair = keyGen.generateKeyPair(); final PrivateKey privKey = pair.getPrivate(); final PublicKey pubKey = pair.getPublic(); //Encrypt using the private key Cipher rsa = Cipher.getInstance("RSA/ECB/PKCS1Padding"); rsa.init(Cipher.ENCRYPT_MODE, privKey); byte[] encryptedBytes = rsa.doFinal(message1.getBytes()); BASE64Encoder b64e = new sun.misc.BASE64Encoder(); Sunday, April 25, 2010
    • KeyPair pair = keyGen.generateKeyPair(); final PrivateKey privKey = pair.getPrivate(); final PublicKey pubKey = pair.getPublic(); //Encrypt using the private key Cipher rsa = Cipher.getInstance("RSA/ECB/PKCS1Padding"); rsa.init(Cipher.ENCRYPT_MODE, privKey); byte[] encryptedBytes = rsa.doFinal(message1.getBytes()); BASE64Encoder b64e = new sun.misc.BASE64Encoder(); String base64Encrypted = b64e.encode(encryptedBytes); System.out.println("Encrypted text: " + base64Encrypted); //Decrypt using the private key rsa.init(Cipher.DECRYPT_MODE, pubKey); byte[] decryptedBytes = rsa.doFinal(encryptedBytes); String decryptedText = new String(decryptedBytes); System.out.println("Decrypted text: " + decryptedText); } } Sunday, April 25, 2010
    • final PublicKey pubKey = pair.getPublic(); //Encrypt using the private key Cipher rsa = Cipher.getInstance("RSA/ECB/PKCS1Padding"); rsa.init(Cipher.ENCRYPT_MODE, privKey); byte[] encryptedBytes = rsa.doFinal(message1.getBytes()); BASE64Encoder b64e = new sun.misc.BASE64Encoder(); String base64Encrypted = b64e.encode(encryptedBytes); System.out.println("Encrypted text: " + base64Encrypted); //Decrypt using the private key rsa.init(Cipher.DECRYPT_MODE, pubKey); byte[] decryptedBytes = rsa.doFinal(encryptedBytes); String decryptedText = new String(decryptedBytes); System.out.println("Decrypted text: " + decryptedText); } } Sunday, April 25, 2010
    • Input String message1 = "Four score and seven years ago"; Result Encrypted text: A8Is+4r7sDn28fD6IQvZiR5JxPs/vh7UnXrF38acJt6R/ ARisj/zLtC7Xn6iJgNQPhc16wkVZhCF em7oNoim+ooTUDDZQ+E3qP6y/ DZJGkLBoZuZVLeLAW1LUtHSzduRUOg1uMynJz14wxzwfV8wfRwf atpySkOhGqWS63bPNRs= Decrypted text: Four score and seven years ago Sunday, April 25, 2010
    • BLENDED symmetric with a twist of asymmetric Sunday, April 25, 2010
    • BLENDED symmetric with a twist of asymmetric Sunday, April 25, 2010
    • Key Size & Security Sunday, April 25, 2010
    • Key Size & Security 160 bit DES Symmetric Key Size Sunday, April 25, 2010
    • Key Size & Security 1024 bit RSA Asymmetric Key Size 160 bit DES Symmetric Key Size Sunday, April 25, 2010
    • Key Size & Security 1024 bit RSA Asymmetric Key Size 160 bit DES Symmetric Key Size 112 bits Security Sunday, April 25, 2010
    • Key Size & Security 1024 bit RSA Asymmetric Key Size 160 bit DES Symmetric Key Size 112 bits 128 bits Security Security Sunday, April 25, 2010
    • Encryption Speed asymmetric can be 1000x slower than symmetric Sunday, April 25, 2010
    • PGP A B Sunday, April 25, 2010
    • PGP A B Message/File Sunday, April 25, 2010
    • PGP Random generated 256 bit symmetric key A B Message/File Sunday, April 25, 2010
    • PGP Random generated 256 bit symmetric key Encrypted with 256 bit symmetric key A B Message/File Sunday, April 25, 2010
    • PGP B’s 2048 bit public key Random generated 256 bit symmetric key Encrypted with 256 bit symmetric key A B Message/File Sunday, April 25, 2010
    • PGP Encrypted with 2048 bit RSA key Random generated 256 bit symmetric key Encrypted with 256 bit symmetric key A B Message/File Sunday, April 25, 2010
    • PGP Encrypted with 2048 bit RSA key Random generated 256 bit symmetric key Encrypted with 256 bit symmetric key A B Message/File Sunday, April 25, 2010
    • PGP Encrypted with 2048 bit RSA key B’s 2048 bit Random generated private key 256 bit symmetric key Encrypted with 256 bit symmetric key A B Message/File Sunday, April 25, 2010
    • PGP Random generated 256 bit symmetric key Encrypted with 256 bit symmetric key A B Message/File Sunday, April 25, 2010
    • PGP A B Message/File Sunday, April 25, 2010
    • PGP A B Message/File Sunday, April 25, 2010
    • OTHER FRAMEWORKS and alternative JCE providers Sunday, April 25, 2010
    • OTHER FRAMEWORKS and alternative JCE providers Sunday, April 25, 2010
    • Bouncy Castle JCE Provider Many more encryption and digest algorithms than the Sun provider (AES) Sunday, April 25, 2010
    • Jasypt Frictionless Java encryption Sunday, April 25, 2010
    • Gnu Open source library Sunday, April 25, 2010
    • In Summary Encrypted does not guarantee security ECB can be leaky Hash vs. Encrypt Know when to apply each Know your algorithm Key strength Symmetric versus asymmetric High Level Libraries More productive than pure JCE Sunday, April 25, 2010
    • Th anks in advanc e for yo ur com pleted evals! Sunday, April 25, 2010
    • OT CA MP TI ON BOission RYPrity is the M ENC cu Se Matthew McCullough Email matthewm@ambientideas.com Twitter @matthewmccull Blog http://ambientideas.com/blog Sunday, April 25, 2010
    • REFERENCES Sunday, April 25, 2010
    • References Sun docs http://java.sun.com/javase/6/docs/technotes/ guides/security/crypto/CryptoSpec.html http://java.sun.com/javase/technologies/security/ http://java.sun.com/javase/6/docs/technotes/ guides/security/jsse/JSSERefGuide.html http://java.sun.com/javase/6/docs/api/java/ security/Security.html BouncyCastle JCE Provider http://www.bouncycastle.org/documentation.html Sunday, April 25, 2010
    • References Sample Code http://github.com/matthewmccullough/ encryption-jvm-bootcamp Miscellaneous http://www.ietf.org/rfc/rfc3852.txt http://en.wikipedia.org/wiki/ Abstract_Syntax_Notation_One Sunday, April 25, 2010
    • Acronyms CMS Cryptographic Message Syntax (CMS) objects RFC 3852 PKCS#7 (formerly RFC 2630, 3369) http://www.ietf.org/rfc/rfc3852.txt ASN.1 Abstract Syntax Notation One 1984 X.409, 1988 X.208, 1995 X.680, 2002 http://www.asn1.org/ Sunday, April 25, 2010
    • CREDITS Sunday, April 25, 2010
    • http://www.ambientideasphotography.com http://stockfootageforfree.com/ http://xkcd.com/538/ http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation http://matdonline.free.fr/RSA-Diffie-Hellman-explained-in-5-minutes.htm http://www.isg.rhul.ac.uk/node/329 http://www.isg.rhul.ac.uk/files/IMG_9819.JPG http://www.usc.edu/dept/molecular-science/pictures/RSA-2003.jpg All others, iStockPhoto.com Sunday, April 25, 2010
    • STUDY NOTES Sunday, April 25, 2010
    • Major Encryption Types Pre-agreed Phrases (Concept) Simplest form of symmetric encryption. Have to meet in person to pass keys around DHM Key Exchange (Concept, Algorithm) Requires both parties to be online This is a drawback RSA (Algorithm) Added asynchronous behavior with pub priv keys Keys are permanent (not generated each time) PGP (Concept, Algorithm) Added speed to RSA by encrypting the payload Sunday, April 25, 2010
    • Data Integrity Checksums needed Harder to maintain with encryption? Block versus stream cipher Block: XOR all previous nodes Stream: XOR some “forward” packets Recovery once one packet is lost? Sunday, April 25, 2010
    • Replay Attacks Consider vulnerability to replay Problem: ECB (block) mode Same packet encrypted next time looks the same Hardening: XOR to protect Still vulnerable to entire stream replay Entire stream hard to capture Sunday, April 25, 2010