application security fundamentals - part 2 - security mechanisms - encryption

1. ENCRYPTION
Security Mechanism:
Authentication
Authorization
Session Management
Data Validation
Error Handling
Logging
Encryption

2. Encryption Core Concepts
Do NOT attempt to create your
own encryption algorithms.
Encryption Choices
Hash Encryption One Way or Reversible?
(e.g., SHA-256 vs. AES)
Stream Cipher Block Cipher Bits vs. Blocks
(e.g., RC4 vs. AES)
Symmetric Asymmetric Shared vs. Public & Private Keys
(e.g., AES vs. RSA)
Stream Cipher
ECB CBC CTR … Which Mode to Use?ECB CTR

3. Encryption Words to Live By
 If storing passwords – hash with a salt value
 If you’re using authentication – encrypt data in transit
 Properly seed random number generators

4. Encryption Words to Live By: #1
 The problem
– The software uses a one-way cryptographic hash against an input
that should not be reversible, such as a password, but the software
does not also use a salt as part of the input.
If storing passwords – hash with a salt value

5. Real World Example – Hash Compromise
Remember the Anonymous attack discussed earlier?

6. Secure Coding …
 Multiple rounds of hashing (>1000)
 Use the latest available hashing algorithms (SHA-2)
 How to create salt?
– Create small random value
– The salt should be different for each user
– Can use a hash of the userid in some use cases
 Where to store salt?
– In the database with the userid/password
– Often pre-pended to the password in storage
 Preferred method
– Pbkdf: https://en.wikipedia.org/wiki/PBKDF2

7. Encryption Words to Live By: #2
 The problem
– Login pages not using adequate measures to protect the user name
and password while they are in transit from the client to the server.
– SSL (Secure Socket Layer) provides data confidentiality and
integrity to HTTP. By encrypting HTTP messages, SSL protects
from attackers eavesdropping or altering message contents.
If you’re using authentication – encrypt in transmission

8. Real World Example – Packet Capture

9. Real World Example - POODLE
 CBC encryption in SSL 3.0
– SSL has been around
for 18 years
 Block cipher padding is
not deterministic
– not covered by the MAC
 Man in the Middle
– control request
– padding fills an entire block
– reveals one byte at a time
Encryption is HARD!
POODLE = Padding Oracle On Downgraded Legacy Encryption

10. Encryption Words to Live By: #3
 The problem
– The software may use insufficiently random numbers or values in a
security context that depends on unpredictable numbers.
– When software generates predictable values in a context requiring
unpredictability, it may be possible for an attacker to guess the next
value that will be generated, and use this guess to impersonate
another user or access sensitive information.
Properly seed random number generators

11. Use of Random Numbers
 Symmetric keys and initialization vectors for block ciphers
 Session IDs
 Gambling games
– lotteries
– slot machines
 Statistical sampling
 Seed for a Pseudo Random Number Generator

12. Real World Example - Chip and Pin
 Many ATMs and point-of-sale
terminals use a predictable
random number
 Attack:
– attacker predicts “unpredictable
number” (UN)
– customer uses a controlled terminal
– "extra" transaction is performed
using the UN and a future date
– chip on credit card produces an
Authorization Request Cryptogram
(ARQC) based on UN
– when time is right, attacker uses
fake card with pre-recorded ARQC
at ATM to withdraw cash

13. Secure Coding …
 Pitfalls
– Use of predictable random number generators
 C: rand()
 Java: java.util.Random()
– Forgetting to seed the random number generator -or- Using the
same seed every time
 will generate identical sequences of numbers
 Java.Security.SecureRandom
– (typically) uses the SHA1PRNG generator
– seeds itself using /dev/urandom
 collects random data from disk reads, mouse movement, keystrokes, etc.
– be careful overriding the PRNG or seed, make sure you know what
you are doing