Successfully reported this slideshow.
Upcoming SlideShare
×

# ZendCon 2017 - Cryptography for Beginners

Cryptography is a complex and confusing subject. In this session we'll distill PHP encryption down to its essential drivers. You'll learn what makes cryptography weak and strong. You'll learn the important questions to ask when making decisions regarding modules and libraries. This session won’t make you a cryptography expert but it will give you the knowledge necessary to protect your software from attack. No prior knowledge of cryptography is required for this session.

• Full Name
Comment goes here.

Are you sure you want to Yes No

### ZendCon 2017 - Cryptography for Beginners

2. 2. @adam_englander I am a Virtual Crime Fighter
3. 3. @adam_englander I am a lover of PHP
4. 4. @adam_englander I Am Not… • … a security researcher • … a cryptographer • … a mathematician
5. 5. @adam_englander What To Expect • Gain a working understanding of common terms used in cryptography. • Understand the key drivers for choosing cryptography methodologies, algorithms and strengths. • Know which PHP modules to use.
6. 6. @adam_englander What Not to Expect • Deep dive into algorithms • A lot of comparison between algorithms and implementations • Become a cryptography expert
7. 7. @adam_englander What Is Cryptography? Cryptography…is the practice and study of techniques for secure communication in the presence of third parties called adversaries. Wikipedia
8. 8. @adam_englander My Deﬁnition of Cryptography Cryptography obscures data in such a way that it is difficult and costly to duplicate or reverse.
9. 9. @adam_englander How do you make it difﬁcult?
10. 10. @adam_englander –Oxford Dictionary Entropy: Lack of order or predictability; gradual decline into disorder.”
11. 11. @adam_englander The greater the entropy; the greater the difﬁculty.
13. 13. @adam_englander Achieving Maximum Entropy • Use Cryptographically Secure Pseudo-Random Number Generators (CSPRNG). • Salts add global randomness to hashing. • Feedback loops add local randomness to block ciphers. • Initialization Vectors add global randomness to block ciphers. • Some ciphers introduce randomness with padding.
14. 14. @adam_englander Local vs Global Entropy Local entropy is entropy with a singular pice of data within a larger system. Global entropy is entropy of the same or similar data across the entirety of a larger system.
15. 15. @adam_englander How Random Is Random? • It turns out it can be quite random as long as you use the correct tools. • Since PHP7, CSPRNG extension provides platform independent cryptographically secure pseudo- random data. • Until you move to PHP7, paragonie/random_compat package will give you the same functionality.
16. 16. @adam_englander How do you make it expensive?
17. 17. @adam_englander Algorithms that are difﬁcult to crack with brute force
22. 22. @adam_englander What Contributes to Cost? Secrets Computation Entropy
23. 23. @adam_englander Computational Cost • Complexity of algorithm increases cost. • Key length increases cost. • Some algorithms speciﬁcally target memory and thread utilization to increase cost. • Feedback loops increase cost.
24. 24. @adam_englander Cryptography is based on ciphers
27. 27. @adam_englander Encryption Signatures Key Derivation Hashing
29. 29. @adam_englander Asymmetric Encryption • Based on very large prime numbers • Computationally expensive • Padding for entropy • Cannot encrypt data larger the the key
30. 30. @adam_englander Asymmetric Key Cryptography • RSA and DSA are available in PHP. Use RSA. • Uses very large prime integers • Very computationally expensive • Uses key pairs to protect secret
31. 31. @adam_englander Super Duper Secret • Private key can do encrypt, decrypt, sign, and verify signature • Public key does not have enough data to decrypt or sign. Can only encrypt and verify signature
32. 32. @adam_englander Key Size and Hash Algorithm • Current minimum recommend key size is 2048 • SHA1 is considered safe but SHA-256 is better
33. 33. @adam_englander Data Limitations • RSA can only encrypt or sign data up to the length of the key size • Signatures use hashing • Crypto often mixed with symmetric key cryptography
34. 34. @adam_englander Padding • Padding is how RSA creates additional entropy • Use Optimal Asymmetric Encryption Padding (OAEP) • Do not use PKCS1-V1_5 as it is no longer considered cryptographically secure
35. 35. @adam_englander Symmetric Encryption • Uses small shared key • Has modes for encrypting data larger than the key • Fast encryption • Uses initialization vector and key for entropy
36. 36. Block Cipher Modes DO NOT USE Electronic Cookbook (ECB)!!!
38. 38. @adam_englander Block cipher modes determine how the blocks of clear text are translated into cipher text. What are Block Cipher Modes?
39. 39. @adam_englander Cipher Block Chaining (CBC) • Entire message is required for decryption • Full cipher text block is used as the seed for the next block
40. 40. @adam_englander Cipher Block Chaining (CBC)
41. 41. @adam_englander Galois Counter Mode (GCM) • Counter based cipher stream • Entire message is required for decryption • Encrypts plain text and generates an authentication code similar to an HMAC simultaneously that is returned with the IV in the cipher text
42. 42. @adam_englander Galois Counter Mode (GCM)
44. 44. @adam_englander Hashes by themselves aren’t very useful!
46. 46. @adam_englander Digital Signature • Used to verify integrity of data • Used mostly for data transfer • Can be used for verifying data at rest • Can not be reversed but can be reproduced for veriﬁcation
47. 47. @adam_englander Digital Signatures (HMAC) • Hash-based Message Authentication Code (HMAC) • Hashing combined with key • SHA-256 or better is preferred to ensure uniqueness
49. 49. @adam_englander Key Derivation • Uses salt for entropy • Iterates to increase cost • Can create cost via threads and memory • Bigger is better!
50. 50. @adam_englander Which KDF Should I Use? • argon2i is the new hotness • scrypt is preferred • bcrypt is acceptable • PBKDF2 can be used in a pinch
51. 51. @adam_englander How Can I Use KDFs? • PHP has the best package for managing that PERIOD! Use the password extension. Just use it! • For *cough* pre-5.5.0, you can use ircmaxell/ password-compat • Provides tools for hash upgrades. AWESOME!
52. 52. @adam_englander And now…an example
56. 56. @adam_englander Hi Bob, I’m Alice. Can you hear me? Bob Alice Client starts TCP session by sending a synchronized packet to the server
57. 57. @adam_englander Bob Alice Yes Alice, I can hear you. Can you hear me? Server responds by sending SYNchronize- ACKnowledgement packet to the client
58. 58. @adam_englander Yes Bob, I can hear you. Bob Alice Client completes TCP session the initialization by sending ACKnowledge packet to the server
59. 59. @adam_englander This is conversation 12345. I know German and Spanish. Bob Alice Client informs the server the session requires TLS and sends the TLS version number, cipher settings, public key, and session-speciﬁc data.
60. 60. @adam_englander Bob Alice Let’s use German. Here’s my ID. Server chooses the cipher settings and sends Certiﬁcate.
61. 61. @adam_englander Bob Alice The signature on his ID matches. He’s Bob. Client veriﬁes the server’s certiﬁcate by verifying the signature against the known certiﬁcate authority.
62. 62. @adam_englander Ich denke an eine Farbe, die Sie mit gelb zu machen. Bob Alice Client and server begin a conversation that is now encrypted using asymmetric encryption.
63. 63. @adam_englander The rest of the conversation would be in German. But, we’ll show it in English.
64. 64. @adam_englander  I have a color that makes orange with yellow with yellow. Bob Alice Session symmetric key negotiation begins with client generating a secret random value and sending a shared value and a value derived from the two. Alice’s secret is red, the shared value is yellow, and the derived value is orange.
65. 65. @adam_englander Bob Alice I have a color than makes green with yellow. The server generates its own secret random value and sends a value derived from it and the shared value. Bobs secret is blue, the shared value is yellow, and the derived value is green.
66. 66. @adam_englander Bob Alice Our shared color is purple. Both determine a new shared value based on combining the two secret values. Alice’s secret is red. Bob’s secret is blue. Their combined secrets are purple.
67. 67. @adam_englander ログイン ページを 教えてください Bob Alice Client sends HTTP request the server for the login page using symmetric encryption with the newly negotiated key.
68. 68. @adam_englander Bob Alice ここで、ログイン ページです Server sends an HTTP response with the login page HTML using symmetric encryption with the newly negotiated key to the client.