New Farming Methods in the Epistemological Wasteland of Application Security
Your SlideShare is downloading.
×
Check these out next
Recommended
More Related Content
Slideshows for you (20)
Similar to Anastasia Vixentael - Don't Waste Time on Learning Cryptography: Better Use It Properly (20)
More from OWASP Kyiv (20)
Recently uploaded (20)
Anastasia Vixentael - Don't Waste Time on Learning Cryptography: Better Use It Properly
- 1. DON’T WASTE TIME ON LEARNING CRYPTOGRAPHY: BETTER USE IT PROPERLY #owaspkyiv @vixentael
- 2. @vixentael Product Engineer Feel free to reach me with any mobile security questions. I do check my inbox :)
- 3. We want to protect our users’ data
- 4. We want developers to protect data
- 5. We want to protect our users’ data HOW? We want developers to protect data
- 6. WE HAVE USER DATA. WHAT SHALL WE DO?
- 7. #owaspkyiv @vixentael 1. DEFINING THE DATA SCOPE sensitive user data GDPR / HIPAA / PCI DSS tech data (keys, logs)
- 8. #owaspkyiv @vixentael 1. DEFINING THE DATA SCOPE sensitive user data GDPR / HIPAA / PCI DSS tech data (keys, logs) mistake 1. wrong scope definition
- 9. #owaspkyiv @vixentael 2. SELECTING ALGORITHM twofish sha1 des md5
- 10. twofish sha1 des md5 #owaspkyiv @vixentael 2. SELECTING ALGORITHM mistake 2. bad algo selection
- 11. #owaspkyiv @vixentael THINGS TO DECIDE ON KEY LENGTHDATA SCOPE ALGORITHM
- 12. #owaspkyiv @vixentaelhttps://wiki.openssl.org/index.php/EVP_Symmetric_Encryption_and_Decryption 3. USING ALGORITHM
- 13. #owaspkyiv @vixentaelhttps://wiki.openssl.org/index.php/EVP_Symmetric_Encryption_and_Decryption 3. USING ALGORITHM
- 14. #owaspkyiv @vixentaelhttps://wiki.openssl.org/index.php/EVP_Symmetric_Encryption_and_Decryption 3. USING ALGORITHM mistake 3. wrong params
- 15. #owaspkyiv @vixentael THINGS TO DECIDE ON PADDING KEY LENGTH MODE DATA SCOPE ALGORITHM IV
- 16. #owaspkyiv @vixentael 4. KEY MANAGEMENT user password keys KDF
- 17. #owaspkyiv @vixentael 4. KEY MANAGEMENT user password keys KDF mistake 4. bad key management
- 18. #owaspkyiv @vixentael THINGS TO DECIDE ON PADDING KEY LENGTH KEY ROTATION MODE KEY DERIVATION KEY STORAGE KEY EXCHANGE DATA SCOPE ALGORITHM IV KEY REVOCATION
- 19. #owaspkyiv @vixentael 5. INFRASTRUCTURE
- 20. #owaspkyiv @vixentael PADDING KEY LENGTH KEY ROTATION MODE KEY DERIVATION KEY STORAGE THINGS TO DECIDE ON KEY EXCHANGE BACKUPSPLATFORMS DATA SCOPE ALGORITHM IV KEY REVOCATION
- 21. #owaspkyiv @vixentaelhttps://pdos.csail.mit.edu/papers/cryptobugs:apsys14.pdf 269 CVEs from 2011-2014 17% 83% bugs inside crypto libs misuses of crypto libs by individual apps
- 22. AS USERS WE WANT… more ciphers? #owaspkyiv @vixentael
- 23. AES DES 3DES CBC CFB SEAL Salsa20 RSA DSA #owaspkyiv @vixentael
- 24. AES DES 3DES CBC CFB SEAL Salsa20 RSA DSA OFB SHARK RC4 DSS ECB CTR SEED #owaspkyiv @vixentael Blowfish
- 25. AES DES 3DES CBC CFB SEAL Salsa20 RSA DSA OFB Blowfish SHARK RC4 DSS ECB CTR Twofish Camelia SEED Rabbit ECDSA #owaspkyiv @vixentael
- 26. AS USERS WE WANT… more ciphers! more vulnerabilities! more side channel attacks! more attacks! more constant time checks :) more protocols! more patches! #owaspkyiv @vixentael
- 27. EXCITING, BUT FOR CRYPTO RESEARCHERS ONLY
- 28. AS USERS WE WANT… more ciphers! BORING CRYPTO #owaspkyiv @vixentael
- 29. BORING CRYPTO #owaspkyiv @vixentael — crypto that simply works, solidly resists attacks, never needs any upgrades https://cr.yp.to/talks/2015.10.05/slides-djb-20151005-a4.pdf Daniel J. Bernstein
- 30. BORING CRYPTO #owaspkyiv @vixentael PLUG & PLAY
- 31. WHAT DO WE WANT? instead of adjusting our resources — SOLVE USE-CASES!
- 32. WHAT DO WE WANT? — HIGH-LEVEL FUNCTIONS I want to store data securely I want to send data securely I want to verify data integrity #owaspkyiv @vixentael
- 33. WHAT DO WE WANT? store data securely send data securely verify data integrity key derivation key exchange key rotation sign/verify ephemeral keys encr / decr #owaspkyiv @vixentael — HIGH-LEVEL FUNCTIONS
- 34. NOBODY READS DOCS #owaspkyiv @vixentael
- 35. NOBODY READS DOCS #owaspkyiv @vixentael “docs are for experts” “I just want to try” “gimme code!”
- 36. 1. HOW TO START? #owaspkyiv @vixentael pod try BoringSSL cmake -DANDROID_ABI=armeabi-v7a -DCMAKE_TOOLCHAIN_FILE=../third_party/ android-cmake/android.toolchain.cmake -DANDROID_NATIVE_API_LEVEL=16 -GNinja .. https://boringssl.googlesource.com/boringssl/+/HEAD/BUILDING.md
- 37. #owaspkyiv @vixentael easy, architecture-independent installation 1. HOW TO START?
- 38. 2. SUPPORTED PLATFORMS? #owaspkyiv @vixentael *nix OSX web browsers embedded iOS Android Windows minimum expected:
- 39. #owaspkyiv @vixentael cross-platform is not an option anymore cross-platform is a must have 2. SUPPORTED PLATFORMS?
- 40. OPTIONS WE HAVE
- 41. #owaspkyiv @vixentael HSM
- 42. #owaspkyiv @vixentael HARDWARE SECURITY MODULE key generation provides cryptoprocessing key storage portable
- 43. #owaspkyiv @vixentael TRUSTED PLATFORM MODULE key management disk protection trust anchor built-in remote attestation provides cryptoprimitives
- 44. #owaspkyiv @vixentael HSM & TPM: PROS fast hardware crypto! trusted environment known security guarantees keys calculations
- 45. #owaspkyiv @vixentael HSM & TPM: CONS vendor lock / vendor trust bad for interactive encryption complicated to maintain (install, upgrade, support, not cross-platform)
- 46. #owaspkyiv @vixentael HSM & TPM: PRO & CONS HSM app plaintext data plaintext data is far away from the place it is used
- 47. #owaspkyiv @vixentael SOFTWARE CRYPTO SYSTEMS https://github.com/sobolevn/awesome-cryptography any kind of encryption plaintext data is closer to its usage cross-platform
- 48. #owaspkyiv @vixentael SOFTWARE CRYPTO SYSTEMS https://github.com/sobolevn/awesome-cryptography any kind of encryption plaintext data is closer to its usage cross-platform NO DEVICE TRUST
- 49. #owaspkyiv @vixentael WEBBROWSER CRYPTO: CONS DOM, XSS, NO CODE TRUST
- 50. #owaspkyiv @vixentael HSM/TPM + SOFTWARE CS keys calculations TPM / HSM own software cross-platform take best from both
- 51. #owaspkyiv @vixentael cross-platform easy to install easy to use USING CRYPTO SHOULD BE LIKE.. audited open source time proven well-documented
- 52. #owaspkyiv @vixentael crypto-libs crypto-systems boxed solutions
- 53. #owaspkyiv @vixentael 1. CRYPTO-LIBS libsodium themis https://github.com/sobolevn/awesome-cryptography implements single or multiple security functions keyczar noise
- 54. #owaspkyiv @vixentael EXAMPLE https://github.com/cossacklabs/themis/wiki/Python-Howto secure messaging with forward secrecy
- 55. #owaspkyiv @vixentael 2. CRYPTO-SYSTEMS axolotl hermes combines security functions for solving exact use-case SSL/TLS ZeroKit
- 56. #owaspkyiv @vixentael EXAMPLE https://github.com/cossacklabs/hermes-core/wiki/Python-tutorial data access control based on crypto-keys python docs/examples/python/hermes_client.py --id user1 --config=docs/examples/python/config.json --private_key user1.priv --doc testfile --read
- 57. #owaspkyiv @vixentael 3. BOXED SOLUTIONS truecrypt ssh acra vault unites crypto-systems and user functions for solving problems
- 58. #owaspkyiv @vixentael EXAMPLE https://github.com/cossacklabs/acra/wiki/Trying-Acra-with-Docker database proxy for encrypting / decrypting go run cmd/acra_genkeys/acra_genkeys.go docker-compose -f docker/docker-compose.yml up -d
- 59. #owaspkyiv @vixentael CAN I SOLVE MY USE-CASE USING… boxed solutions
- 60. #owaspkyiv @vixentael CAN I SOLVE MY USE-CASE USING… crypto-systems boxed solutions no :(
- 61. #owaspkyiv @vixentael CAN I SOLVE MY USE-CASE USING… crypto-libs crypto-systems boxed solutions no :( no :(
- 62. https://www.cossacklabs.com/choose-your-ios-crypto.html
- 63. THE WORLD DOESN’T HAVE A PROBLEM WITH NEW CRYPTO-ALGORITHMS.
- 64. THE WORLD DOESN’T HAVE A PROBLEM WITH NEW CRYPTO-ALGORITHMS. PROBLEM IS THAT THEY ARE NOT BORING ENOUGH
- 65. #owaspkyiv @vixentael
- 66. #owaspkyiv @vixentael VS
- 67. #owaspkyiv @vixentael make the light controllable
- 68. #owaspkyiv @vixentael
- 69. #owaspkyiv @vixentael make the crypto security controllable
- 70. #owaspkyiv @vixentael make the crypto security controllable and booooring
- 71. #owaspkyiv @vixentael
- 72. LINKS 1 Boring crypto, Daniel J. Bernstein https://cr.yp.to/talks/2015.10.05/slides-djb-20151005-a4.pdf Why does cryptographic software fail? https://pdos.csail.mit.edu/papers/cryptobugs:apsys14.pdf API design for cryptography https://2017.hack.lu/archive/2017/hacklu-crypto-api.pdf
- 73. LINKS 2 Encrypting strings in Android: Let’s make better mistakes https://tozny.com/blog/encrypting-strings-in-android-lets-make-better-mistakes/ Awesome crypto papers https://github.com/pFarb/awesome-crypto-papers 12 And 1 Ideas How To Enhance Backend Data Security https://www.cossacklabs.com/backend-data-security-modern-ideas.html Attestation and Trusted Computing https://courses.cs.washington.edu/courses/csep590/06wi/finalprojects/bare.pdf
- 74. MY OTHER SECURITY SLIDES https://github.com/ vixentael/my-talks …and more
- 75. @vixentael Product Engineer Feel free to reach me with any mobile security questions. I do check my inbox :)
