Web Crypto
Upcoming SlideShare
Loading in...5

Web Crypto



Karl von Randow's talk on Web Crypto for Auckland Web Dev Nights on the 9th of May 2013.

Karl von Randow's talk on Web Crypto for Auckland Web Dev Nights on the 9th of May 2013.




Total Views
Views on SlideShare
Embed Views



0 Embeds 0

No embeds



Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

    Web Crypto Web Crypto Presentation Transcript

    • Web cryptokarl von randow
    • I felt sorry for this theme
    • What’s wrong with plain text?
    • What’s wrong with MD5?
    • It’s beenCRACKEDIt has lots of vulnerabilitiessince 1996.Really bad since 2008.
    • What’s wrong with SHA1?
    • It’s beenCROAKEDActually it’s just a bitvulnerable maybe.
    • What aboutsalt?Effective againstrainbow tables
    • So salt isokayBut not against the othercollision attacks
    • PBKDF2• Password-Based Key DerivationFunction 2• Easy to remember acronym• It’s a standard
    • • Salted - hurts rainbow tables• Repeats a hash lots of times - keystretching• Adjustable difficulty
    • Can be implemented with asmall circuit and very littleRAMUh oh
    • bcrypt• Everything PBKDF2 has (except it’s nota standard)• Aims to be slow• Been around for ages and unbroken
    • • A bit of a pain when converting plaintext passwords in the database as ittakes a while
    • What about FPGAs?
    • Oh
    • What about scrypt?
    • scrypt• Like bcrypt but uses more RAM• Really new (2009)
    • Migrating from existing• Plain text - batch convert• PostgreSQL contrib package• Hashed - convert on successful login
    • Hashes in APIsSignature algorithms
    • 2009• MD5 length extension hackdemonstrated on Flickr API(and others)
    • • Hashes are not good for signing
    • Use the right tool for the job
    • HMAC• Hash-based message authentication code• HMAC-SHA1• Uses a secret key
    • • Substantially less affected by collisions• No known extension attacks
    • What about SSL?
    • SSL• Privacy in between• Only secure when both parties have avested interest in security
    • • If you control the client• Tell system to trust a new CA• Man-in-the-middle
    • • Doesn’t protect your API from beingtinkered with or disclosed
    • Only $50
    • i have seen that yours isthe shittest software ever#@%! your mothers
    • “CWP was pivotal in helping me crack anhttps encrypted API for an iPhoneapplication. Thankfully, that was their onlymethod of securing the data, because itlead to me bringing online stats for a cult-classic video game called SSX... So, I justwanted to say thanks!”
    • “... after seeing the URLs were GETrequests with username and passwords, Ifigured this was going to be VERY EASY.  Iactually did it all during the 30 minute trialof the program. (that reminds me, I shouldbuy a license because it was so awesome).”Justin J.N.
    • ThanksSir JBallfor the sweet vectorillustrations. They reallycleared things up.
    • What about validating thecertificate?
    • bcrypt &HMAC-SHA1SSL for privacy