Applying cryptography is like driving a car. Just as you first have to learn what all the controls are for before you can go zipping down the interstate, first you must become familiar with basic cryptographic methods. And just like yesterday’s trendy car is no longer in vogue today, obsolescence in security is accelerating. CodeMeter® offers a wide range of cryptographic methods and harnesses Wibu-Systems’ vast experience and knowledge. Nevertheless, even great technologies like CodeMeter may fail if they have been implemented poorly or without the necessary safety precautions. An essential key point is the secure storage of private and secret keys; the first question you should ask yourself is where you should be storing your licenses. CmDongle, the hardware-based protection vessel, offers an impenetrable fortress. CmActLicense, the software-based container, is available with a unique and proprietary technology, SmartBind®. The private and secret keys are stored in an encrypted license file whose key is the fingerprint of the specific PC to which the license file is bound. How to operate encryption is your second important decision; that should depend on the kind of application you have developed and the threat scenario you are going to face in your business model. Finally, there are many cool facts: did you know that in Counter Mode (CTR), encryption with AES is really just about XOR? For example, consider a database field with a Boolean value. A simple encryption with AES returns exactly two possible encrypted values. This means that an attacker would actually be able to derive the unencrypted value for all records by knowing just one record. In this presentation, we discuss: - HASH functions * SHA 256 * Symmetric encryption - AES 128 * Direct encryption in CmContainer * Indirect encryption * Encryption without CmContainer * Selection of the most appropriate operating mode - Asymmetric encryption * ECC 224 * RSA 2048 Watch the webinar: https://youtu.be/1YC-g_KYXfw

1. Your driving license to expert
cryptography
Rüdiger Kügler | Professional Services
ruediger.kuegler@wibu.com
Alvaro Forero | Security Expert
Alvaro.Forero@wibu.com
CodeMeter

2. Epic Fails
Female / Male flag encrypted
Medical Records with AES-CTR
Encrypted Picture with AES-ECB
2014-09-04 Your driving license to expert cryptography 2

3. Encrypted Female / Male Flag
2014-09-04 Your driving license to expert cryptography 3
 Implementation:
 Field gets filled with „0“
 Field gets encrypted with AES
 Mistake
 Entropie of data is too low
 IV and Padding with „0“
 Hack
 Guess the meaning of the encrypted field

4. Database Dump (Excerpt)
2014-09-04 Your driving license to expert cryptography 4
ID LastName Gender
442225 782B9CAB890DB937C3A48DBD39F426A4 E37CD363DD7C87A09AFF0E3E60E09C82
33273 4A453644D133566ADC04B7A478A5A5AD E37CD363DD7C87A09AFF0E3E60E09C82
483916 77CF3A86923DEB80434F16646DE7DB7F C6A13B37878F5B826F4F8162A1C8D879
137333 F7A846F8F336B511D2B01444BEFBA18B E37CD363DD7C87A09AFF0E3E60E09C82
147607 851DD615E24D586E0F232DD2FFC573A9 C6A13B37878F5B826F4F8162A1C8D879
303044 19B0930C53F45AC14360E2F3A3B04EF7 C6A13B37878F5B826F4F8162A1C8D879
916345 5BEBF00AF658C1256C0821553C35FAC3 E37CD363DD7C87A09AFF0E3E60E09C82
777169 19B0930C53F45AC14360E2F3A3B04EF7 C6A13B37878F5B826F4F8162A1C8D879
154800 19B0930C53F45AC14360E2F3A3B04EF7 C6A13B37878F5B826F4F8162A1C8D879

5. Encrypted Female / Male Flag
2014-09-04 Your driving license to expert cryptography 5
 Implementation:
 Field gets filled with „0“
 Field gets encrypted with AES
 Mistake
 Entropie of data is too low
 IV and Padding with „0“
 Hack
 Guess the meaning of the encrypted field
Secure solution
Data becomes more, either:
 Initialization Vector,
 Nonce or
 Fill up to 16 bytes with
random data.

6. Encrypted Medical Record
2014-09-04 Your driving license to expert cryptography 6
 Implementation
 Encryption of xml/docx with AES-CTR
 Mistake
 Implementation fault, Nonce was set to „0“
 Hack
 Steal encrypted database
 Get own record as plain text
 Record = MyPlainRecord XOR MyEncRecord XOR EncRecord
EncRecord
MyPlainRecord
MyEncRecord
Record

7. Encrypted Picture
2014-09-04 Your driving license to expert cryptography 7
Electronic Codebook Cipher-Block Chaining
ECB does not hide structure of data.

8. Cryptography - Basics
Symmetric Encryption
Hash Functions
Asymmetric Encryption
2014-09-04 Your driving license to expert cryptography 8

9. Symmetric Encryption
Data
Encrypted
Data
Encrypted
Data
Data
Shared
Key
Shared
Key
2014-09-04 Your driving license to expert cryptography 9

10. Hash
Data
Hash (Digest)
Data
Hash (Digest)
2014-09-04 Your driving license to expert cryptography 10

11. Hash with Salt
Data
Hash (Digest)
Data
Hash (Digest)
Salt Salt
2014-09-04 Your driving license to expert cryptography 11

12. Signatures
Data
Private
Key
Hash (Digest)
Signature
Yes / No
Public
Key
Data
Hash (Digest)Signature
Signature
2014-09-04 Your driving license to expert cryptography 12

13. Asymmetric Encryption
Data
Encrypted
Data
Encrypted
Data
Data
Public
Key
Private
Key
2014-09-04 Your driving license to expert cryptography 13

14. Block Cipher Modes
Electronic Codebook (ECB)
Cipher-Block Chaining (CBC)
Counter (CTR)
2014-09-04 Your driving license to expert cryptography 14

15. Electronic Codebook (ECB) – Encryption
2014-09-04 Your driving license to expert cryptography 15
Plaintext
Ciphertext
AES
Encryption
Plaintext
Ciphertext
AES
Encryption
Plaintext
Ciphertext
AES
Encryption

16. Electronic Codebook (ECB) – Decryption
2014-09-04 Your driving license to expert cryptography 16
Ciphertext
Plaintext
AES
Decryption
Ciphertext
Plaintext
AES
Decryption
Ciphertext
Plaintext
AES
Decryption

17. Cipher-Block Chaining (CBC) – Encryption
2014-09-04 Your driving license to expert cryptography 17
Plaintext
Ciphertext
AES
Encryption
IV
Plaintext
Ciphertext
AES
Encryption
Plaintext
Ciphertext
AES
Encryption

18. Cipher-Block Chaining (CBC) – Decryption
2014-09-04 Your driving license to expert cryptography 18
Ciphertext
Plaintext
AES
Decryption
IV
Ciphertext
Plaintext
AES
Decryption
Ciphertext
Plaintext
AES
Decryption

19. Counter (CTR) – Encryption
2014-09-04 Your driving license to expert cryptography 19
Plaintext
Ciphertext
AES
Encryption
Counter (0)
Nonce
Add
Plaintext
Ciphertext
AES
Encryption
Counter (1)
Nonce
Add
Plaintext
Ciphertext
AES
Encryption
Counter (2)
Nonce
Add

20. Counter (CTR) – Decryption
2014-09-04 Your driving license to expert cryptography 20
Ciphertext
Plaintext
AES
Encryption
Counter (0)
Nonce
Add
Ciphertext
Plaintext
AES
Encryption
Counter (1)
Nonce
Add
Ciphertext
Plaintext
AES
Encryption
Counter (2)
Nonce
Add

21. CodeMeter API
Encrypting Data
Signature API
Key Storage
2014-09-04 Your driving license to expert cryptography 21

22. CodeMeter API – Supported Algorithms
 Symmetric Encryption: AES 128 bit
 Asymmetric Encryption: ECC 224 bit
 Signatures: ECC 224 bit (ECDSA)
 Hash: SHA 256
 Legacy: RSA 2048 bit
2014-09-04 Your driving license to expert cryptography 22

23. CodeMeter API – Key Sources
 FirmKey with key derivation
 Direct (ECB)
 Indirect (ECB, CBC) using P1363 KDF2
 Secret Data / Hidden Data with key derivation
 Direct (ECB)
 Indirect (ECB, CBC) using P1363 KDF2
 Secret Data / Hidden Data without key derivation
 Direct (ECB)
2014-09-04 Your driving license to expert cryptography 23

24. Key Derivation – Firm Key – Direct
2014-09-04 Your driving license to expert cryptography 24
Plaintext
CmDongle
AES ECBSHA 256
Firm Code
Product Code
Feature Code
Release Data
Encryption Code
Enc. Code Options
Feature Map
Maint. Period
Black Key
Firm Key
Ciphertext
Product Code
Firm Code

25. Key Derivation – Secret Data / Hidden Data – Direct
2014-09-04 Your driving license to expert cryptography 25
Plaintext
CmDongle
AES ECBSHA 256
Firm Code
Product Code
Feature Code
Release Data
Encryption Code
Enc. Code Options
Feature Map
Maint. Period
Black Key
Secret Data
Ciphertext
Product Code
Firm Code

26. Key Derivation – Firm Key – Indirect (Default Scheme)
2014-09-04 Your driving license to expert cryptography 26
InitKey
Plaintext
CmDongle
AES ECBSHA 256
Firm Code
Product Code
Feature Code
Release Data
Encryption Code
Enc. Code Options
Feature Map
Maint. Period
Black Key
Firm Key
Ciphertext
Product Code
Firm Code
KDF2
P1363
AES

27. Key Derivation – Secret Data / Hidden Data – Indirect
2014-09-04 Your driving license to expert cryptography 27
InitKey
Plaintext
CmDongle
AES ECBSHA 256
Firm Code
Product Code
Feature Code
Release Data
Encryption Code
Enc. Code Options
Feature Map
Maint. Period
Black Key
Secret Data
Ciphertext
Product Code
Firm Code
KDF2
P1363
AES

28. Without Key Derivation – Secret Data / Hidden Data – Direct
2014-09-04 Your driving license to expert cryptography 28
Plaintext
CmDongle
AES ECB
Firm Code
Product Code
Feature Map
Maint. Period
Black Key
Secret Data
Ciphertext

29. CodeMeter Use Cases
Challenge Response Check
Known Shared Secret
Encrypted Communication
2014-09-04 Your driving license to expert cryptography 29

30. Challenge Response Check
 Make sure valid CmDongle is present
 Private Key in CmDongle (with license, same for all customers)
 Public Key in software
 Software generates challenge
 CmDongle signs challenge
 Software checks response
 Avoids record playback attacks on CmDongle
 Avoids simulation of CmDongle
2014-09-04 Your driving license to expert cryptography 30

31. Known Shared Secret
2014-09-04 Your driving license to expert cryptography 31
 Secure storage of AES key, which can be used on PC
 Store AES key as Secret Data
 Use Secret Data as key source for direct encryption
 Sample scenario:
 Communication between embedded device / cloud and PC
 Keys on embedded device / cloud are already stored securely
 Usage of dongle on PC
 Avoids duplication of AES key on PC

32. Encrypted Communication
2014-09-04 Your driving license to expert cryptography 32
 Transmitting fishing journal from fishing vessel
to central server (satellite)
 Requirements: Authentic & Confidential
 Implementation:
 Key pair on server / key pair on each vessel
 Journal gets encrypted with public key of server
 Journal gets signed with private key of vessel
 Result: Authentic and Confidential journal 603 4711

33. Summary
2014-09-04 Your driving license to expert cryptography 33
 Start with threat analysis
 Select the right algorithm, right key length, right mode
 Select the right key storage (dongle, software, cloud, …)
 Avoid implementation faults
 Monitor the security of your implementation
Wibu Professional Services supports you during the whole
process from analysis to implementation and monitoring.

34. Thank you very much
WIBU-SYSTEMS AG
www.wibu.com
2014-09-04 Your driving license to expert cryptography 34