JVM Encryption Boot Camp 0.4.3

TI YP P ON C R AM EN T C B OOurity is th e mi ssion Sec © Matthew McCullough, Ambient Ideas, LLC Sunday, April 25, 2010

SECURITY What’s ON THE J your po VM sition? Sunday, April 25, 2010

HACK ATT EMPTS PE in R the bi llions D AY Sunday, April 25, 2010

G? ot TINbly n YP oba ENCR pr say st atis tics Sunday, April 25, 2010

delicious.com/matthew.mccullough/encryption Sunday, April 25, 2010

Sunday, April 25, 2010

ANCIENT HISTORY Everything old is new again Sunday, April 25, 2010

new this oss” over uff b all n st “I’m yptio encr Sunday, April 25, 2010

44 B.C. Sunday, April 25, 2010

44 B.C. That’s 2,054 years ago... Sunday, April 25, 2010

Julius Caesar Sunday, April 25, 2010

Caesar Cipher a.k.a. ROT(2) Shift Cipher A B C D E F G A B C D E F G Sunday, April 25, 2010

Caesar Cipher a.k.a. ROT(2) Shift Cipher Sunday, April 25, 2010

Caesar Cipher Sunday, April 25, 2010

Caesar Cipher Z M S R Sunday, April 25, 2010

Caesar Cipher Z M S R 30s 25s 20s 15s 10s 5s Stop Sunday, April 25, 2010

Caesar Cipher Z M S R Sunday, April 25, 2010

Caesar Cipher Z M S R A N T S if encrypted with ROT(-1) Sunday, April 25, 2010

Caesar Cipher Z M S R A N T S if encrypted with ROT(-1) B O U T if encrypted with ROT(-2) Sunday, April 25, 2010

/** * A naively simple rotation cipher implementation. * USAGE: groovy RotateWord.groovy <yourword> */ public class RotateWord { /** * Rotate one character by the specified amount */ private static char rotateChar(char c, int rotationAmount) { //a == 97, z == 122 int num = (int)c int rotated = num + rotationAmount int adjusted //Handle roll-around wrapping Sunday, April 25, 2010

/** * A naively simple rotation cipher implementation. * USAGE: groovy RotateWord.groovy <yourword> */ public class RotateWord { /** * Rotate one character by the specified amount */ private static char rotateChar(char c, int rotationAmount) { //a == 97, z == 122 int num = (int)c int rotated = num + rotationAmount int adjusted //Handle roll-around wrapping if (rotated > 122) adjusted = rotated - 26 else if (rotated < 97) adjusted = rotated + 26 else adjusted = rotated Sunday, April 25, 2010

public class RotateWord { /** * Rotate one character by the specified amount */ private static char rotateChar(char c, int rotationAmount) { //a == 97, z == 122 int num = (int)c int rotated = num + rotationAmount int adjusted //Handle roll-around wrapping if (rotated > 122) adjusted = rotated - 26 else if (rotated < 97) adjusted = rotated + 26 else adjusted = rotated char adjustedChar = (char)adjusted return adjustedChar } /** Sunday, April 25, 2010

private static char rotateChar(char c, int rotationAmount) { //a == 97, z == 122 int num = (int)c int rotated = num + rotationAmount int adjusted //Handle roll-around wrapping if (rotated > 122) adjusted = rotated - 26 else if (rotated < 97) adjusted = rotated + 26 else adjusted = rotated char adjustedChar = (char)adjusted return adjustedChar } /** * Rotate the entire String by the specified rotation amount. */ public static String rotateAllChars(String plainText, int rotationAmount) { String encodedMessage = "" Sunday, April 25, 2010

adjusted = rotated + 26 else adjusted = rotated char adjustedChar = (char)adjusted return adjustedChar } /** * Rotate the entire String by the specified rotation amount. */ public static String rotateAllChars(String plainText, int rotationAmount) { String encodedMessage = "" //Loop through each character in the plaintext for (int i = 0; i < plainText.length(); i++) { //TODO: Improve to handle upper and lower case letters char c = plainText.toLowerCase().charAt(i) encodedMessage += rotateChar(c, rotationAmount) } return encodedMessage } Sunday, April 25, 2010

return adjustedChar } /** * Rotate the entire String by the specified rotation amount. */ public static String rotateAllChars(String plainText, int rotationAmount) { String encodedMessage = "" //Loop through each character in the plaintext for (int i = 0; i < plainText.length(); i++) { //TODO: Improve to handle upper and lower case letters char c = plainText.toLowerCase().charAt(i) encodedMessage += rotateChar(c, rotationAmount) } return encodedMessage } public static void main (String[] args) { String originalword = args[0] println "Rot(-3) Word: " + rotateAllChars(originalword, -3) Sunday, April 25, 2010

public static void main (String[] args) { String originalword = args[0] println "Rot(-3) Word: " + rotateAllChars(originalword, -3) println "Rot(-2) Word: " + rotateAllChars(originalword, -2) println "Rot(-1) Word: " + rotateAllChars(originalword, -1) println "Original Word: ${originalword}" println "Rot(1) Word: " + rotateAllChars(originalword, 1) println "Rot(2) Word: " + rotateAllChars(originalword, 2) } } Sunday, April 25, 2010

BROKEN Perfectly safe data is a myth Sunday, April 25, 2010

Compromised Sunday, April 25, 2010

Compromised ! Every algorithm is vulnerable Sunday, April 25, 2010

Compromised ! Every algorithm is vulnerable ! Crack by brute force Sunday, April 25, 2010

Compromised ! Every algorithm is vulnerable ! Crack by brute force ! Crack by rainbow tables Sunday, April 25, 2010

Compromised ! Every algorithm is vulnerable ! Crack by brute force ! Crack by rainbow tables ! Function of time + money + hardware Sunday, April 25, 2010

$2000 $ 50 Sunday, April 25, 2010

$2000 Whic h wo uld y ou hit $ 50 ? Sunday, April 25, 2010

JCE PRIMER The world of Java crypto Sunday, April 25, 2010

Java Cryptography Extension Known as JCE Included in all JREs Since Java 1.2 Pluggable provider architecture JCE extends Java Cryptography Architecture (JCA) Sunday, April 25, 2010

JCE Providers Default Sun JRE Providers SUN SunJCE SunJSSE SunRsaSign BouncyCastle Provider Adds AES capabilities Sunday, April 25, 2010

Registering a Provider Static <java-home>/lib/security/java.security security.provider.n=masterClassName Sunday, April 25, 2010

Registering a Provider Dynamic ! java.security.Security class addProvider() insertProviderAt() ! Not persistent across VM instances Sunday, April 25, 2010

Encryption & the Law country borders stop bits Sunday, April 25, 2010

JCE Strength ! Jurisdiction Policy Files ! Two variants ! Algorithm strength differences Sunday, April 25, 2010

Unlimite d Sunday, April 25, 2010

Strong Sunday, April 25, 2010

JCE Strength Sunday, April 25, 2010

JCE Strength Strong strength included in all JREs Sunday, April 25, 2010

JCE Strength Strong strength included in all JREs Unlimited strength is a separate download available based on US export rules Sunday, April 25, 2010

Worldwide Policy // File: default_local.policy // Some countries have import limits on crypto strength. // This policy file is worldwide importable. grant { permission javax.crypto.CryptoPermission "DES", 64; permission javax.crypto.CryptoPermission "DESede", *; permission javax.crypto.CryptoPermission "RC2", 128, "javax.crypto.spec.RC2ParameterSpec", 128; permission javax.crypto.CryptoPermission "RC4", 128; permission javax.crypto.CryptoPermission "RC5", 128, "javax.crypto.spec.RC5ParameterSpec", *, 12, *; permission javax.crypto.CryptoPermission "RSA", 2048; permission javax.crypto.CryptoPermission *, 128; }; Sunday, April 25, 2010

Max Key Sizes Algorithm Max Key Size DES 64 DESede 168 3des RC2 128 RC4 128 RC5 128 RSA 2048 Others 128 Sunday, April 25, 2010

Digests & Hashes One way functions Sunday, April 25, 2010

What is a Digest? Small set of bytes representing a large message Small change in message = large change in digest Integrity check for large data Password storage mechanism Sunday, April 25, 2010

MessageDigest Sunday, April 25, 2010

MessageDigest ! java.security.MessageDigest Sunday, April 25, 2010

MessageDigest ! java.security.MessageDigest ! Multiple algorithms available Sunday, April 25, 2010

MessageDigest ! java.security.MessageDigest ! Multiple algorithms available ! MD5 (128 bit) Sunday, April 25, 2010

MessageDigest ! java.security.MessageDigest ! Multiple algorithms available ! MD5 (128 bit) ! SHA-1 (160 bit) Sunday, April 25, 2010

MessageDigest Sunday, April 25, 2010

MessageDigest ! MD5 ! U. S. Department of Homeland Security said MD5 "considered cryptographically broken and unsuitable for further use" Sunday, April 25, 2010

System.out.println("Message1 SHA1 digest: " + shaAndBase64Encode(message1)); System.out.println("Message2 SHA1 digest: " + shaAndBase64Encode(message2)); } /** * Helper function to both SHA-1 hash and * base64 encode the resulting bytes to a String */ public static String shaAndBase64Encode(String message) throws NoSuchAlgorithmException { MessageDigest sha = MessageDigest.getInstance("SHA-1"); //Salt could be applied here //Integer salt = <some random number generator> //sha.update(salt.getBytes()); byte[] digest = sha.digest(message.getBytes()); return new sun.misc.BASE64Encoder().encode(digest); } } Sunday, April 25, 2010

* * Demonstrate that very similar messages * have radically different hashes. */ public class MessageDigestSHA { public static void main( String[] args ) throws NoSuchAlgorithmException { //Set up the message to be encoded String message1 = "Four score and seven years ago"; String message2 = "Four score and seven tears ago"; System.out.println("Message1 SHA1 digest: " + shaAndBase64Encode(message1)); System.out.println("Message2 SHA1 digest: " + shaAndBase64Encode(message2)); } /** * Helper function to both SHA-1 hash and * base64 encode the resulting bytes to a String */ public static String shaAndBase64Encode(String message) throws NoSuchAlgorithmException { MessageDigest sha = MessageDigest.getInstance("SHA-1"); Sunday, April 25, 2010

Input String message1 = "Four score and seven years ago"; String message2 = "Four score and seven tears ago"; Result Message1 SHA1 digest: DmCJIg4Bq/xpGIxVXxo3IB0vo38= Message2 SHA1 digest: oaLHt8tr31ttngCDjyYuWowF5Mc= Sunday, April 25, 2010

SYMMETRIC My key is your key Sunday, April 25, 2010

Sensitive Data Sunday, April 25, 2010

ht Sig ain Pl Sensitive Data Sunday, April 25, 2010

Recipient or Storage ht Sig ain Pl Sensitive Data Sunday, April 25, 2010

Recipient or Storage ht Sig r ed cu ain ts O b s Pl C on te n Sensitive Data Sunday, April 25, 2010

Why Symmetric? Sunday, April 25, 2010

Why Symmetric? ! Fast Sunday, April 25, 2010

Why Symmetric? ! Fast ! Well suited for bulk data Sunday, April 25, 2010

Using Symmetric Sunday, April 25, 2010

Using Symmetric Secure network for passing keys or Sunday, April 25, 2010

Using Symmetric Secure network for passing keys or Never decrypted at remote end Sunday, April 25, 2010

Symmetric Problems Sunday, April 25, 2010

Symmetric Problems Keys vulnerable to capture Sunday, April 25, 2010

Symmetric Problems Keys vulnerable to capture Eavesdropping on future communications after key compromise Sunday, April 25, 2010

Symmetric Problems Keys vulnerable to capture Eavesdropping on future communications after key compromise Key distribution challenges Sunday, April 25, 2010

Symmetric Problems Keys vulnerable to capture Eavesdropping on future communications after key compromise Key distribution challenges Triangular number key growth Sunday, April 25, 2010

Symmetric Problems ! Triangular number key growth Sunday, April 25, 2010

Symmetric A B Sunday, April 25, 2010

Symmetric A Message/File B Sunday, April 25, 2010

Symmetric A’s 256 bit symmetric key A Message/File B Sunday, April 25, 2010

Symmetric Encrypted with 256 bit symmetric key A’s 256 bit symmetric key A Message/File B Sunday, April 25, 2010

Symmetric A’s 256 bit symmetric key A Message/File B Sunday, April 25, 2010

SYMMETRIC Block versus Stream Algorithms Sunday, April 25, 2010

Stream vs. Block Sunday, April 25, 2010

Stream vs. Block Specific algorithms for each Sunday, April 25, 2010

SYMMETRIC (BLOCK) Sunday, April 25, 2010

Block Sunday, April 25, 2010

Block Predefined content length Sunday, April 25, 2010

Block Predefined content length Well-known end to the content Sunday, April 25, 2010

Block Predefined content length Well-known end to the content Files on disk Sunday, April 25, 2010

Block Predefined content length Well-known end to the content Files on disk Inefficient when padding Sunday, April 25, 2010

DES Data Encryption Standard Block cipher Banking industry DES is known to be broken Sunday, April 25, 2010

3DES Data Encryption Standard Block cipher a.k.a DESede Basically three passes of DES Reasonably strong Sunday, April 25, 2010

Blowfish Block cipher Unpatented (intentionally) Secure replacement for DES Faster than DES 32 to 448 bit keys Overshadowed by AES Sunday, April 25, 2010

AES Advanced Encryption Standard Block cipher Government standard Rijndael algorithm (Joan Daemen, Vincent Rijmen) 4 years of evaluation Final in December 2000 Very Secure Sunday, April 25, 2010

SYMMETRIC (STREAM) Sunday, April 25, 2010

Stream Sunday, April 25, 2010

Stream Unknown content length Sunday, April 25, 2010

Stream Unknown content length Streaming video Sunday, April 25, 2010

Stream Unknown content length Streaming video Streaming voice Sunday, April 25, 2010

Stream Unknown content length Streaming video Streaming voice Similar to One-Time Pads Sunday, April 25, 2010

RC4 Sunday, April 25, 2010

RC4 Rivest’s Code 4 Sunday, April 25, 2010

RC4 Rivest’s Code 4 Stream cipher Sunday, April 25, 2010

RC4 Rivest’s Code 4 Stream cipher Trademarked (name, but not algorithm) Sunday, April 25, 2010

RC4 Rivest’s Code 4 Stream cipher Trademarked (name, but not algorithm) Used by Sunday, April 25, 2010

RC4 Rivest’s Code 4 Stream cipher Trademarked (name, but not algorithm) Used by Browsers in SSL, TLS Sunday, April 25, 2010

RC4 Rivest’s Code 4 Stream cipher Trademarked (name, but not algorithm) Used by Browsers in SSL, TLS WiFi in WEP WPA , Sunday, April 25, 2010

RC4 Rivest’s Code 4 Stream cipher Trademarked (name, but not algorithm) Used by Browsers in SSL, TLS WiFi in WEP WPA , BitTorrent Sunday, April 25, 2010

RC4 Rivest’s Code 4 Stream cipher Trademarked (name, but not algorithm) Used by Browsers in SSL, TLS WiFi in WEP WPA , BitTorrent ssh Sunday, April 25, 2010

RC4 Rivest’s Code 4 Stream cipher Trademarked (name, but not algorithm) Used by Browsers in SSL, TLS WiFi in WEP WPA , BitTorrent ssh Microsoft RDP Sunday, April 25, 2010

RC4 Rivest’s Code 4 Stream cipher Trademarked (name, but not algorithm) Used by Browsers in SSL, TLS WiFi in WEP WPA , BitTorrent ssh Microsoft RDP PDF Sunday, April 25, 2010

A5/1 Sunday, April 25, 2010

A5/1 A5/1 Sunday, April 25, 2010

A5/1 A5/1 Secret, unpublished Sunday, April 25, 2010

A5/1 A5/1 Secret, unpublished Reverse engineered Sunday, April 25, 2010

A5/1 A5/1 Secret, unpublished Reverse engineered Used by GSM phones Sunday, April 25, 2010

import java.security.InvalidKeyException; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; import javax.crypto.BadPaddingException; import javax.crypto.Cipher; import javax.crypto.IllegalBlockSizeException; import javax.crypto.KeyGenerator; import javax.crypto.NoSuchPaddingException; import javax.crypto.SecretKey; import sun.misc.BASE64Encoder; /** * Use the SecureRandom java security class to generate * a more expensive, but cryptographically secure random number. */ public class SymmetricEncrypt { public static void main( String[] args ) throws NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException { final String message1 = "Four score and seven years ago"; Sunday, April 25, 2010

import sun.misc.BASE64Encoder; /** * Use the SecureRandom java security class to generate * a more expensive, but cryptographically secure random number. */ public class SymmetricEncrypt { public static void main( String[] args ) throws NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException { final String message1 = "Four score and seven years ago"; //Build a new encryption key final KeyGenerator keyGen = KeyGenerator.getInstance("DESede"); keyGen.init(168); final SecretKey desKey = keyGen.generateKey(); //Set up the cipher final Cipher desCipher = Cipher.getInstance("DESede/ECB/PKCS5Padding"); ////////////////////////////////////// //Put the cipher in encryption mode desCipher.init(Cipher.ENCRYPT_MODE, desKey); //Encrypt and output the base64 data byte[] clearText = message1.getBytes(); byte[] encryptedBytes = desCipher.doFinal(clearText); BASE64Encoder b64e = new sun.misc.BASE64Encoder(); Sunday, April 25, 2010

final String message1 = "Four score and seven years ago"; //Build a new encryption key final KeyGenerator keyGen = KeyGenerator.getInstance("DESede"); keyGen.init(168); final SecretKey desKey = keyGen.generateKey(); //Set up the cipher final Cipher desCipher = Cipher.getInstance("DESede/ECB/PKCS5Padding"); ////////////////////////////////////// //Put the cipher in encryption mode desCipher.init(Cipher.ENCRYPT_MODE, desKey); //Encrypt and output the base64 data byte[] clearText = message1.getBytes(); byte[] encryptedBytes = desCipher.doFinal(clearText); BASE64Encoder b64e = new sun.misc.BASE64Encoder(); String base64Encrypted = b64e.encode(encryptedBytes); System.out.println("Encrypted text: " + base64Encrypted); ////////////////////////////////////// //Put the cipher in decryption mode desCipher.init(Cipher.DECRYPT_MODE, desKey); //Decrypt and output the original string byte[] decryptedBytes = desCipher.doFinal(encryptedBytes); String decryptedText = new String(decryptedBytes); System.out.println("Decrypted text: " + decryptedText); } } Sunday, April 25, 2010

//Set up the cipher final Cipher desCipher = Cipher.getInstance("DESede/ECB/PKCS5Padding"); ////////////////////////////////////// //Put the cipher in encryption mode desCipher.init(Cipher.ENCRYPT_MODE, desKey); //Encrypt and output the base64 data byte[] clearText = message1.getBytes(); byte[] encryptedBytes = desCipher.doFinal(clearText); BASE64Encoder b64e = new sun.misc.BASE64Encoder(); String base64Encrypted = b64e.encode(encryptedBytes); System.out.println("Encrypted text: " + base64Encrypted); ////////////////////////////////////// //Put the cipher in decryption mode desCipher.init(Cipher.DECRYPT_MODE, desKey); //Decrypt and output the original string byte[] decryptedBytes = desCipher.doFinal(encryptedBytes); String decryptedText = new String(decryptedBytes); System.out.println("Decrypted text: " + decryptedText); } } Sunday, April 25, 2010

Input String message1 = "Four score and seven years ago"; Result Encrypted text: P0FT6N3XXrohtsz7OLh3FGYY0wErkPIur1DP6Csbj4g= Decrypted text: Four score and seven years ago Sunday, April 25, 2010

ENCRYPTED = SAFE, RIGHT? information leakage from encrypted data Sunday, April 25, 2010

Encrypted isn’t enough? http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation Sunday, April 25, 2010

SECURE KEY EXCHANGE securely swapping symmetric keys Sunday, April 25, 2010

Diffie-Hellman Sunday, April 25, 2010

Diffie-Hellman Key Agreement Protocol Sunday, April 25, 2010

Diffie-Hellman Key Agreement Protocol Alice & Bob independently generate the shared (session) key Sunday, April 25, 2010

Diffie-Hellman Key Agreement Protocol Alice & Bob independently generate the shared (session) key Published 1976, but invented earlier Sunday, April 25, 2010

Diffie-Hellman Key Agreement Protocol Alice & Bob independently generate the shared (session) key Published 1976, but invented earlier Vulnerable to MITM attack Sunday, April 25, 2010

Diffie-Hellman Key Agreement Protocol Alice & Bob independently generate the shared (session) key Published 1976, but invented earlier Vulnerable to MITM attack Fixed by PKI Sunday, April 25, 2010

Diffie-Hellman Key Agreement Protocol Alice & Bob independently generate the shared (session) key Published 1976, but invented earlier Vulnerable to MITM attack Fixed by PKI and signing the agreed key Sunday, April 25, 2010

DH Diagrammed A B Sunday, April 25, 2010

DH Diagrammed predetermined and openly shared A B Sunday, April 25, 2010

DH Diagrammed predetermined and openly shared g = random g = 11 A B Sunday, April 25, 2010

DH Diagrammed predetermined and openly shared g = random p = prime g = 11 p = 23 A B Sunday, April 25, 2010

DH Diagrammed predetermined and openly shared g = random p = prime g = 11 p = 23 picks a = 6 picks b = 4 A B Sunday, April 25, 2010

DH Diagrammed predetermined and openly shared g = random p = prime g = 11 p = 23 picks a = 6 picks b = 4 A A= ga mod p B B= gb mod p Sunday, April 25, 2010

DH Diagrammed predetermined and openly shared g = random p = prime g = 11 p = 23 picks a = 6 picks b = 4 A A= ga mod p B B= gb mod p 9=116 mod 23 13=114 mod 23 Sunday, April 25, 2010

DH Diagrammed predetermined and openly shared g = random p = prime g = 11 p = 23 picks a = 6 picks b = 4 A A= ga mod p B B= gb mod p 9=116 mod 23 13=114 mod 23 B=13 A=9 Sunday, April 25, 2010

DH Diagrammed predetermined and openly shared g = random p = prime g = 11 p = 23 picks a = 6 picks b = 4 A A= ga mod p B B= gb mod p 9=116 mod 23 13=114 mod 23 B=13 A=9 K= Ba mod p K= Ab mod p Sunday, April 25, 2010

DH Diagrammed predetermined and openly shared g = random p = prime g = 11 p = 23 picks a = 6 picks b = 4 A A= ga mod p B B= gb mod p 9=116 mod 23 13=114 mod 23 B=13 A=9 K= Ba mod p K= Ab mod p 6= 136 mod 23 6= 94 mod 23 Sunday, April 25, 2010

DH Diagrammed predetermined and openly shared g = random p = prime g = 11 p = 23 picks a = 6 picks b = 4 A A= ga mod p B B= gb mod p 9=116 mod 23 13=114 mod 23 B=13 A=9 K= Ba mod p K= Ab mod p 6= 136 mod 23 6= 94 mod 23 Encryption can begin Sunday, April 25, 2010

RANDOM NUMBERS Seed the machine Sunday, April 25, 2010

SecureRandom java.security.SecureRandom Cryptographically strong random number generator (RNG) “Unable to distinguish from a true random source” Used in combination with many ciphers Sunday, April 25, 2010

package com.ambientideas; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; /** * Use the SecureRandom java security class to generate * a more expensive, but cryptographically secure random number. */ public class SecureRandomNumber { public static void main( String[] args ) throws NoSuchAlgorithmException { //Do the expensive one time setup of the Sunday, April 25, 2010 // random number generator instance

import java.security.SecureRandom; /** * Use the SecureRandom java security class to generate * a more expensive, but cryptographically secure random number. */ public class SecureRandomNumber { public static void main( String[] args ) throws NoSuchAlgorithmException { //Do the expensive one time setup of the // random number generator instance SecureRandom prng = SecureRandom.getInstance("SHA1PRNG"); //Get the next random number String randomNum = new Integer( prng.nextInt() ).toString(); System.out.println("Random number: " + randomNum); } } Sunday, April 25, 2010

* a more expensive, but cryptographically secure random number. */ public class SecureRandomNumber { public static void main( String[] args ) throws NoSuchAlgorithmException { //Do the expensive one time setup of the // random number generator instance SecureRandom prng = SecureRandom.getInstance("SHA1PRNG"); //Get the next random number String randomNum = new Integer( prng.nextInt() ).toString(); System.out.println("Random number: " + randomNum); } } Sunday, April 25, 2010

Result Random number: 1633471380 Sunday, April 25, 2010

ASYMMETRIC Throwing away keys faster than an intern locksmith Sunday, April 25, 2010

RSA Ron Rivest, Adi Shamir, Leonard Adleman Published in 1978 M.I.T. Patented in 1983 Patent Expired in 2000 Sunday, April 25, 2010

http://xkcd.com/538/ Sunday, April 25, 2010

RSA A B Sunday, April 25, 2010

RSA A Message/File B Sunday, April 25, 2010

RSA B’s 2048 bit public key A Message/File B Sunday, April 25, 2010

RSA Encrypted with 2048 bit RSA key A Message/File B Sunday, April 25, 2010

RSA Encrypted with 2048 bit RSA key B’s 2048 bit private key A Message/File B Sunday, April 25, 2010

RSA A Message/File B Sunday, April 25, 2010

import java.io.IOException; import java.security.InvalidKeyException; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; import java.security.PrivateKey; import java.security.PublicKey; import java.security.SecureRandom; import javax.crypto.BadPaddingException; import javax.crypto.Cipher; import javax.crypto.IllegalBlockSizeException; import javax.crypto.NoSuchPaddingException; import sun.misc.BASE64Encoder; /** * Use the SecureRandom java security class to generate * a more expensive, but cryptographically secure random number. Sunday, April 25, 2010

public static void main( String[] args ) throws NoSuchAlgorithmException, NoSuchProviderException, IOException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException { final String message1 = "Four score and seven years ago"; // Generate the Key Pair final KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA"); final SecureRandom random = SecureRandom.getInstance("SHA1PRNG", "SUN"); keyGen.initialize(1024, random); KeyPair pair = keyGen.generateKeyPair(); final PrivateKey privKey = pair.getPrivate(); final PublicKey pubKey = pair.getPublic(); //Encrypt using the private key Cipher rsa = Cipher.getInstance("RSA/ECB/PKCS1Padding"); rsa.init(Cipher.ENCRYPT_MODE, privKey); byte[] encryptedBytes = rsa.doFinal(message1.getBytes()); BASE64Encoder b64e = new sun.misc.BASE64Encoder(); Sunday, April 25, 2010

KeyPair pair = keyGen.generateKeyPair(); final PrivateKey privKey = pair.getPrivate(); final PublicKey pubKey = pair.getPublic(); //Encrypt using the private key Cipher rsa = Cipher.getInstance("RSA/ECB/PKCS1Padding"); rsa.init(Cipher.ENCRYPT_MODE, privKey); byte[] encryptedBytes = rsa.doFinal(message1.getBytes()); BASE64Encoder b64e = new sun.misc.BASE64Encoder(); String base64Encrypted = b64e.encode(encryptedBytes); System.out.println("Encrypted text: " + base64Encrypted); //Decrypt using the private key rsa.init(Cipher.DECRYPT_MODE, pubKey); byte[] decryptedBytes = rsa.doFinal(encryptedBytes); String decryptedText = new String(decryptedBytes); System.out.println("Decrypted text: " + decryptedText); } } Sunday, April 25, 2010

final PublicKey pubKey = pair.getPublic(); //Encrypt using the private key Cipher rsa = Cipher.getInstance("RSA/ECB/PKCS1Padding"); rsa.init(Cipher.ENCRYPT_MODE, privKey); byte[] encryptedBytes = rsa.doFinal(message1.getBytes()); BASE64Encoder b64e = new sun.misc.BASE64Encoder(); String base64Encrypted = b64e.encode(encryptedBytes); System.out.println("Encrypted text: " + base64Encrypted); //Decrypt using the private key rsa.init(Cipher.DECRYPT_MODE, pubKey); byte[] decryptedBytes = rsa.doFinal(encryptedBytes); String decryptedText = new String(decryptedBytes); System.out.println("Decrypted text: " + decryptedText); } } Sunday, April 25, 2010

Input String message1 = "Four score and seven years ago"; Result Encrypted text: A8Is+4r7sDn28fD6IQvZiR5JxPs/vh7UnXrF38acJt6R/ ARisj/zLtC7Xn6iJgNQPhc16wkVZhCF em7oNoim+ooTUDDZQ+E3qP6y/ DZJGkLBoZuZVLeLAW1LUtHSzduRUOg1uMynJz14wxzwfV8wfRwf atpySkOhGqWS63bPNRs= Decrypted text: Four score and seven years ago Sunday, April 25, 2010

BLENDED symmetric with a twist of asymmetric Sunday, April 25, 2010

Key Size & Security Sunday, April 25, 2010

Key Size & Security 160 bit DES Symmetric Key Size Sunday, April 25, 2010

Key Size & Security 1024 bit RSA Asymmetric Key Size 160 bit DES Symmetric Key Size Sunday, April 25, 2010

Key Size & Security 1024 bit RSA Asymmetric Key Size 160 bit DES Symmetric Key Size 112 bits Security Sunday, April 25, 2010

Key Size & Security 1024 bit RSA Asymmetric Key Size 160 bit DES Symmetric Key Size 112 bits 128 bits Security Security Sunday, April 25, 2010

Encryption Speed asymmetric can be 1000x slower than symmetric Sunday, April 25, 2010

PGP A B Sunday, April 25, 2010

PGP A B Message/File Sunday, April 25, 2010

PGP Random generated 256 bit symmetric key A B Message/File Sunday, April 25, 2010

PGP Random generated 256 bit symmetric key Encrypted with 256 bit symmetric key A B Message/File Sunday, April 25, 2010

PGP B’s 2048 bit public key Random generated 256 bit symmetric key Encrypted with 256 bit symmetric key A B Message/File Sunday, April 25, 2010

PGP Encrypted with 2048 bit RSA key Random generated 256 bit symmetric key Encrypted with 256 bit symmetric key A B Message/File Sunday, April 25, 2010

PGP Encrypted with 2048 bit RSA key B’s 2048 bit Random generated private key 256 bit symmetric key Encrypted with 256 bit symmetric key A B Message/File Sunday, April 25, 2010

PGP Random generated 256 bit symmetric key Encrypted with 256 bit symmetric key A B Message/File Sunday, April 25, 2010

PGP A B Message/File Sunday, April 25, 2010

OTHER FRAMEWORKS and alternative JCE providers Sunday, April 25, 2010

Bouncy Castle JCE Provider Many more encryption and digest algorithms than the Sun provider (AES) Sunday, April 25, 2010

Jasypt Frictionless Java encryption Sunday, April 25, 2010

Gnu Open source library Sunday, April 25, 2010

In Summary Encrypted does not guarantee security ECB can be leaky Hash vs. Encrypt Know when to apply each Know your algorithm Key strength Symmetric versus asymmetric High Level Libraries More productive than pure JCE Sunday, April 25, 2010

Th anks in advanc e for yo ur com pleted evals! Sunday, April 25, 2010

OT CA MP TI ON BOission RYPrity is the M ENC cu Se Matthew McCullough Email matthewm@ambientideas.com Twitter @matthewmccull Blog http://ambientideas.com/blog Sunday, April 25, 2010

REFERENCES Sunday, April 25, 2010

References Sun docs http://java.sun.com/javase/6/docs/technotes/ guides/security/crypto/CryptoSpec.html http://java.sun.com/javase/technologies/security/ http://java.sun.com/javase/6/docs/technotes/ guides/security/jsse/JSSERefGuide.html http://java.sun.com/javase/6/docs/api/java/ security/Security.html BouncyCastle JCE Provider http://www.bouncycastle.org/documentation.html Sunday, April 25, 2010

References Sample Code http://github.com/matthewmccullough/ encryption-jvm-bootcamp Miscellaneous http://www.ietf.org/rfc/rfc3852.txt http://en.wikipedia.org/wiki/ Abstract_Syntax_Notation_One Sunday, April 25, 2010

Acronyms CMS Cryptographic Message Syntax (CMS) objects RFC 3852 PKCS#7 (formerly RFC 2630, 3369) http://www.ietf.org/rfc/rfc3852.txt ASN.1 Abstract Syntax Notation One 1984 X.409, 1988 X.208, 1995 X.680, 2002 http://www.asn1.org/ Sunday, April 25, 2010

CREDITS Sunday, April 25, 2010

http://www.ambientideasphotography.com http://stockfootageforfree.com/ http://xkcd.com/538/ http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation http://matdonline.free.fr/RSA-Difﬁe-Hellman-explained-in-5-minutes.htm http://www.isg.rhul.ac.uk/node/329 http://www.isg.rhul.ac.uk/ﬁles/IMG_9819.JPG http://www.usc.edu/dept/molecular-science/pictures/RSA-2003.jpg All others, iStockPhoto.com Sunday, April 25, 2010

STUDY NOTES Sunday, April 25, 2010

Major Encryption Types Pre-agreed Phrases (Concept) Simplest form of symmetric encryption. Have to meet in person to pass keys around DHM Key Exchange (Concept, Algorithm) Requires both parties to be online This is a drawback RSA (Algorithm) Added asynchronous behavior with pub priv keys Keys are permanent (not generated each time) PGP (Concept, Algorithm) Added speed to RSA by encrypting the payload Sunday, April 25, 2010

Data Integrity Checksums needed Harder to maintain with encryption? Block versus stream cipher Block: XOR all previous nodes Stream: XOR some “forward” packets Recovery once one packet is lost? Sunday, April 25, 2010

Replay Attacks Consider vulnerability to replay Problem: ECB (block) mode Same packet encrypted next time looks the same Hardening: XOR to protect Still vulnerable to entire stream replay Entire stream hard to capture Sunday, April 25, 2010

JVM Encryption Boot Camp 0.4.3

by Matthew McCullough on May 04, 2010

Accessibility

Categories

Tags

Upload Details

Usage Rights

1 Embed 13

Statistics

JVM Encryption Boot Camp 0.4.3 — Presentation Transcript