Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Cryptography: way to Arkham - Andriy Savchenko

87 views

Published on

Ruby Meditation #20
February 17, 2018
Kyiv

Published in: Software
  • Be the first to comment

Cryptography: way to Arkham - Andriy Savchenko

  1. 1. Cryptography: way to Arkham Andrii Savchenko
  2. 2. Crypto primitives
  3. 3. One-way hash functions Symmetric encryption Asymmetric encryption PRNGs Boring large prime number math (MOST COMMONLY USED) CRYPTO PRIMITIVES 3
  4. 4. ONE WAY HASH FUNCTIONS 4
  5. 5. ONE WAY HASH FUNCTIONS – DUMMY EXAMPLE 5 D U C K 4 21 3 11 22450325 1 / 421311 = 0.000002373543534 = 34 = 22 2 / 421311 = 0.000004747087069 = 69 = 45 3 / 421311 = 0.000007120630603 = 03 = 03 4 / 421311 = 0.000009494174137 = 37 = 25
  6. 6. ONE WAY HASH FUNCTIONS – DUMMY EXAMPLE 6 F U C K 6 21 3 11 0C192531 1 / 621311 = 0.000001609499912 = 12 = 0C 2 / 621311 = 0.000003218999825 = 25 = 19 3 / 621311 = 0.000004828499737 = 37 = 25 4 / 621311 = 0.000006437999649 = 49 = 31
  7. 7. ONE WAY HASH FUNCTIONS – DUMMY EXAMPLE 7 DUCK = 22450325 FUCK = 0C192531
  8. 8. ONE WAY HASH FUNCTIONS – DUMMY EXAMPLE 8 ANDRII = 083B2712 ANDRIJ = 0E1C2A38
  9. 9. SHA MD5 BLAKE ONE WAY HASH FUNCTIONS – REAL WORLD 9
  10. 10. SYMMETRIC ENCRYPTION 10
  11. 11. Key: Joker Phrase: Why so serious SYMMETRIC ENCRYPTION – CHIFFRE DE VIGENÈRE 11
  12. 12. SYMMETRIC ENCRYPTION – CHIFFRE DE VIGENÈRE 12 whysoserious jokerjokerjo
  13. 13. 13
  14. 14. SYMMETRIC ENCRYPTION – CHIFFRE DE VIGENÈRE 14 whysoserious jokerjokerjo
  15. 15. 15
  16. 16. SYMMETRIC ENCRYPTION – CHIFFRE DE VIGENÈRE 16 whysoserious jokerjokerjo f
  17. 17. SYMMETRIC ENCRYPTION – CHIFFRE DE VIGENÈRE 17 whysoserious jokerjokerjo f
  18. 18. 18
  19. 19. SYMMETRIC ENCRYPTION – CHIFFRE DE VIGENÈRE 19 whysoserious jokerjokerjo fv
  20. 20. SYMMETRIC ENCRYPTION – CHIFFRE DE VIGENÈRE 20 whysoserious jokerjokerjo fviwfbsbmfdg
  21. 21. AES 3DES RC4 Blowfish Salsa20 SYMMETRIC ENCRYPTION – REAL WORLD 21
  22. 22. ASYMMETRIC ENCRYPTION 22
  23. 23. Lets say, we have some magic public key and private key, for example: ASYMMETRIC ENCRYPTION – SIMPLE RSA 23 Public key: 3 Private key: 7
  24. 24. Also, we need another magic number n, for example 33 ASYMMETRIC ENCRYPTION – SIMPLE RSA 24
  25. 25. 25
  26. 26. So, Harley Quinn want to send message "14" to Joker, knowing only Joker's public key ASYMMETRIC ENCRYPTION – SIMPLE RSA 26
  27. 27. Harley Quinn: encrypted = messagepublic mod n = 143 mod 33 = 5 Joker: encryptedprivate mod n = 57 mod 33 = 14 ASYMMETRIC ENCRYPTION – SIMPLE RSA 27
  28. 28. Batman want to know what Harley sent to Joker, but only knows the public key 3, message 5 and magic number 33, but have no possibility to decipher message without private key 7 ASYMMETRIC ENCRYPTION – SIMPLE RSA 28
  29. 29. Not every 3 numbers may give you expected result PROBLEM 1 29
  30. 30. Choose two prime numbers: p and q (in this example: p = 11, q = 3) Get magic number n = p * q = 33 Get Euler's phi = (p - 1) * (q - 1) = 10 * 2 = 20 Choose public key which should be coprime with phi, p-1 and q-1 and satisfy 1 < public < phi Find private key where phi divides public * private - 1 (3 * 7 - 1 = 20, 20 / 20 = 1, private = 7) You are all done! Easy-peasy! Enjoy your public key encryption GETTING KEY PAIR 30
  31. 31. message could not be bigger or equal than n PROBLEM 2 31
  32. 32. Well, latin alphabet is only 25, let's write small Ruby script PROBLEM 2 32
  33. 33. 33 PUB = 3 PRIV = 7 N = 33 DICT = { 'a' => 1, 'b' => 2, 'c' => 3, ... } RDICT = DICT.invert def encrypt(message) message.each_char.map { |letter| DICT[letter] ** PUB % N } end def decrypt(array) array.inject('') { |message, letter| message += RDICT[letter ** PRIV % N] } end encrypted = encrypt('batman') # => [8, 1, 14, 19, 1, 5] decrypt('encrypted') # => 'batman'
  34. 34. Protocols
  35. 35. Protocol, basically, is a set of crypto primitives PROTOCOLS 35
  36. 36. TLS IPSec oAuth SSH 100500 more… PROTOCOLS 36
  37. 37. Implementing crypto protocols
  38. 38. Good mathematicians often makes very bad code Partial implementations Incorrect implementations Outdated protocol versions or crypto primitives Abandoned projects Absence of implementation Fun WHY? 38
  39. 39. PROBLEMS 39
  40. 40. HTTPS://VIMEO.COM/52882780 40
  41. 41. 41 Secure Remote Password protocol
  42. 42. 42 RFC2945
  43. 43. 43
  44. 44. 44 RFC2945
  45. 45. RFC2945 45
  46. 46. RFC2945 46
  47. 47. 47
  48. 48. 48
  49. 49. 49
  50. 50. 50
  51. 51. 51 S = (B - kg^x) ^ (a + ux)
  52. 52. 52 S = ((B - kg^x) ^ (a + ux)) mod N
  53. 53. 53 S = ((B - kg^x) mod N ^ (a + ux) mod N) mod N
  54. 54. 54 S = ((B - kg^x mod N) mod N ^ (a + ux mod N) mod N) mod N
  55. 55. 55
  56. 56. 56 B = k * v + ((g ** b) % N)
  57. 57. 57 B = k * v + ((g ** b) mod N)
  58. 58. 58 B / k = v + I
  59. 59. 59 B = k * v + ((g ** b) mod N) mod N
  60. 60. 60
  61. 61. 61
  62. 62. 62 One possible way
  63. 63. 63 One possible way
  64. 64. 64 One possible way
  65. 65. 65 One possible way
  66. 66. 66 One possible way
  67. 67. 67 M = H(A | B | S) M = H(A | B || K) M = H(H(N) xor H(g) | H(I) | s | A | B | K)
  68. 68. 68 H(A | M | S) H(A | M | K)
  69. 69. 69
  70. 70. 70
  71. 71. 71 One possible way
  72. 72. 72
  73. 73. 73 x = H(s | p) x = H(s | H(I) | H(p)) x = H(s | H(I | ":" | p)) x = KDF(s, p)
  74. 74. UTF-8 Binary values representation Implementation incompatibilities Ruby limitations BONUS 74
  75. 75. 75 > 3 ** 7 % 33 => 9 > 3 ** 1234567890 % 33 (pry):62: warning: in a**b, b may be too big => NaN
  76. 76. 76 > require 'openssl' => true > 3.to_bn.mod_exp(1234567890, 33).to_i => 12
  77. 77. 77
  78. 78. Thank you for attention! https://github.com/esrp/ruby
  79. 79. Andrii Savchenko @ptico andrii@aejis.eu @ptico My contacts

×