The document discusses encryption systems on iOS mobile devices. It describes two main iOS encryption systems: 1) device encryption that encrypts the file system with a key stored on a hardware chip, independent of passcode; and 2) data protection that encrypts individual files and credentials with keys derived from passcode and hardware key. It notes issues like developer control over file protection classes, interactions between backup and encryption systems, and risks of brute force attacks on passcodes.
Deeper understanding of how Kerberos works . This understanding will work as platform to understand various attacks on it. It also show cases how symmetric key algorithm is used for confidentiality. Some references are from shaun harris CISSP books, primarily the components slide
This document discusses IPSec and SSL/TLS as approaches to securing network communications at different layers of the protocol stack. It provides an overview of how IPSec operates at the network/IP layer using techniques like AH and ESP to provide authentication and encryption of IP packets. It also summarizes how SSL/TLS works at the transport layer to establish a secure connection and protect communications between applications using ciphersuites, handshaking, and record layer encryption. The document outlines some strengths and weaknesses of each approach.
This document discusses the Kerberos authentication protocol. It provides a high-level overview of Kerberos, including its history, terminology, working, environment, database, and administrator. Kerberos provides strong authentication for physically insecure networks using trusted third parties and time-stamped tickets. While it ensures passwords are not sent in the clear, Kerberos is vulnerable if users choose poor passwords and relies on all machines being designed for its authentication.
SET was developed by Visa and MasterCard to securely transmit credit and debit card information over the internet. It uses public key encryption and digital certificates to authenticate parties and encrypt transactions for confidentiality. All parties must have digital certificates and information is only shared when necessary to protect privacy. SET supports common transaction types and uses technologies like 3DES, RSA signatures, and SHA-1 hashing to provide security.
This document provides an overview of authentication topics, including:
- Defining authentication and the three main electronic authentication factors: something you know, something you have, something you are.
- Discussing common authentication methods like usernames/passwords and their benefits and drawbacks.
- Covering other authentication methods such as one-time passwords, biometrics, digital certificates, and knowledge-based authentication.
- Identifying issues with initial credentialing and key concepts regarding the state of digital authentication.
This document discusses different methods for key management in cryptography:
1. Fixed key - A single key is physically loaded onto a client device and used for all encryptions. The key must be replaced if compromised.
2. Master/session key - A master key is shared between host and client beforehand. The host generates session keys and encrypts them with the master key before each transaction.
3. DUKPT - The host has a base derivation key (BDK) to generate an initial pin encryption key (IPEK) inserted into the client. The client then generates future keys for encrypting data and replaces used keys. The host decrypts by calculating keys from transmitted identifiers.
Deeper understanding of how Kerberos works . This understanding will work as platform to understand various attacks on it. It also show cases how symmetric key algorithm is used for confidentiality. Some references are from shaun harris CISSP books, primarily the components slide
This document discusses IPSec and SSL/TLS as approaches to securing network communications at different layers of the protocol stack. It provides an overview of how IPSec operates at the network/IP layer using techniques like AH and ESP to provide authentication and encryption of IP packets. It also summarizes how SSL/TLS works at the transport layer to establish a secure connection and protect communications between applications using ciphersuites, handshaking, and record layer encryption. The document outlines some strengths and weaknesses of each approach.
This document discusses the Kerberos authentication protocol. It provides a high-level overview of Kerberos, including its history, terminology, working, environment, database, and administrator. Kerberos provides strong authentication for physically insecure networks using trusted third parties and time-stamped tickets. While it ensures passwords are not sent in the clear, Kerberos is vulnerable if users choose poor passwords and relies on all machines being designed for its authentication.
SET was developed by Visa and MasterCard to securely transmit credit and debit card information over the internet. It uses public key encryption and digital certificates to authenticate parties and encrypt transactions for confidentiality. All parties must have digital certificates and information is only shared when necessary to protect privacy. SET supports common transaction types and uses technologies like 3DES, RSA signatures, and SHA-1 hashing to provide security.
This document provides an overview of authentication topics, including:
- Defining authentication and the three main electronic authentication factors: something you know, something you have, something you are.
- Discussing common authentication methods like usernames/passwords and their benefits and drawbacks.
- Covering other authentication methods such as one-time passwords, biometrics, digital certificates, and knowledge-based authentication.
- Identifying issues with initial credentialing and key concepts regarding the state of digital authentication.
This document discusses different methods for key management in cryptography:
1. Fixed key - A single key is physically loaded onto a client device and used for all encryptions. The key must be replaced if compromised.
2. Master/session key - A master key is shared between host and client beforehand. The host generates session keys and encrypts them with the master key before each transaction.
3. DUKPT - The host has a base derivation key (BDK) to generate an initial pin encryption key (IPEK) inserted into the client. The client then generates future keys for encrypting data and replaces used keys. The host decrypts by calculating keys from transmitted identifiers.
This document discusses different types of client server models. It describes logical layers including the presentation layer, application layer, and data layer. It then defines five common client/server models: distributed presentation, remote presentation, distributed logic, remote data, and distributed data. Each model divides responsibilities between the client and server differently. For example, remote presentation puts the presentation manager on the client and the application and data layers on the server.
WEP (Wired Equivalent Privacy) was the original security protocol for 802.11 wireless networks. It uses RC4 encryption with a weak 40-bit key. WEP has significant flaws like small keys, key reuse, and IV reuse that allow attackers to decrypt packets and compromise networks. While it provides some protection, WEP is insecure and better alternatives like WPA or IPsec should be used to securely encrypt wireless traffic.
The document provides an overview of the Secure Electronic Transaction (SET) protocol. It discusses:
- SET is an open encryption standard designed to securely process credit card transactions over the internet. It uses digital certificates and signatures.
- Key components of SET include confidentiality of information, integrity of data, cardholder authentication, and merchant authentication.
- A SET transaction involves a cardholder, merchant, issuer, acquirer, payment gateway, and certification authority going through an initiate request, initiate response, purchase request, and purchase response process.
- Payment authorization and capture are also part of the SET transaction flow. Digital signatures and certificates are used to authenticate parties and messages.
Kerberos is a network authentication protocol that was developed at MIT in the 1980s to allow nodes communicating over an insecure network to verify each other's identity. It uses tickets and session keys to allow clients and servers to communicate over a non-secure network and establish the identity of the users and servers. The Kerberos authentication process involves three main exchanges between the client, authentication server (KDC), and target server to authenticate users and allow access to services.
The document discusses block ciphers and the Data Encryption Standard (DES). It begins by explaining the differences between block ciphers and stream ciphers. It then covers the principles of Feistel ciphers and their structure, using DES as a specific example. DES encryption, decryption, and key scheduling are described. The document also discusses attacks on DES like differential and linear cryptanalysis. It concludes by covering modern block cipher design principles.
This document discusses decentralized storage systems. It begins by outlining the goals of storage systems, including availability, reliability, and scalability. It then notes that most existing systems use a centralized storage server, which presents a single point of failure. Decentralized storage systems aim to address this by distributing data across multiple nodes for redundancy. The rest of the document outlines key design issues for decentralized storage systems, such as fault tolerance and load balancing. It provides examples of decentralized systems like Cassandra and Glacier, and concludes by arguing that decentralized storage will be increasingly important as data volumes continue rising.
The Internet Key Exchange (IKE) protocol, described in RFC 2409, is a key management protocol standard which is used in conjunction with the IPsec standard. IPsec can be configured without IKE, but IKE enhances IPsec by providing additional features, flexibility, and ease of configuration for the IPsec standard.
OpenID Connect 4 SSI is an initiative conducted at OpenID Foundation in liaison with the Decentralized Identity Foundation. It aims at specifying a set of protocols based on OpenID Connect to enable SSI applications.
The document discusses the Advanced Encryption Standard (AES). It describes AES as a symmetric block cipher selected by the U.S. National Institute of Standards and Technology (NIST) in 2001 to replace the Data Encryption Standard (DES). AES uses a variable block size of 128 bits and a key size of 128, 192, or 256 bits. The cipher operates on a 4x4 column-byte state and has 10, 12, or 14 rounds depending on the key size. Each round consists of byte substitution, shift rows, mix columns, and add round key transformations.
PGP and S/MIME are two standards for securing email. PGP provides encryption and authentication independently of operating systems using symmetric and asymmetric cryptography. S/MIME uses X.509 certificates and defines how to cryptographically sign, encrypt, and combine MIME entities for authentication and confidentiality using algorithms like RSA, DSS, and 3DES. DKIM allows a sending domain to cryptographically sign emails to assert the message's origin and prevent spoofing, while the email architecture standards like RFC 5322 and MIME define message formatting and how attachments are represented.
Zero-Knowledge Proofs: Privacy-Preserving Digital Identity with Clare NelsonSSIMeetup
This talk will introduce Zero-Knowledge Proofs (ZKPs) and explain why they are a key element in a growing number of privacy-preserving, digital-identity platforms. Clare will provide basic illustrations of ZKPs and leave the necessary mathematics foundations to the readers.
After this talk you will understand that there is a variety of ZKPs, it’s still early days, and why ZKP is such a perfect tool for digital identity platforms. This talk includes significant updates from the newly-organized ZKProof Standardization organization plus a signal of maturity: one of the first known ZKP vulnerabilities.
Clare will explain why ZKPs are so powerful, and why they are building blocks for a range of applications including privacy-preserving cryptocurrency such as Zcash, Ethereum, Artificial Intelligence, and older versions of Trusted Platform Modules (TPMs). The presentation includes many backup slides for future learning and researching, including four slides of references.
This document provides an overview of IPSec, including:
- IPSec aims to secure IP communications by providing authentication, integrity, and confidentiality. It operates in transport and tunnel modes.
- The Internet Key Exchange (IKE) negotiates and establishes security associations to secure communications between two endpoints.
- IPSec policy defines which encryption, hashing, and authentication methods apply to different network traffic using protection suites and proposals.
This document provides an overview of Kerberos, including:
- Kerberos is an authentication protocol that uses symmetric encryption and timestamps to allow nodes communicating over an insecure network to verify each other's identity securely.
- It works by having a client first authenticate with an authentication server to obtain a ticket-granting ticket, then uses that ticket to obtain additional tickets for access to other services.
- Kerberos addresses the need for secure authentication in distributed network environments where the workstations themselves cannot be fully trusted.
Digital signatures provide authentication and integrity for electronic documents and transactions. They use public key cryptography where a document is encrypted with the sender's private key and decrypted by the recipient's public key. A digital certificate issued by a certificate authority binds the signer's identity to their public key and is verified using the CA's digital signature. Common uses of digital signatures include software updates, financial transactions, and legally binding documents.
Hyperledger Aries: Open Source Interoperable Identity Solution – Nathan GeorgeSSIMeetup
https://ssimeetup.org/hyperledger-aries-open-source-interoperable-identity-solutions-nathan-george-webinar-30/
Nathan George, Sovrin Foundation CTO, and Hyperledger Contributor will explain what Hyperledger Aries is and how it will facilitate an open source infrastructure for interoperable identity solutions.
Aries was born out of the work on identity agents and identity wallets that began in the Hyperledger Indy project. Aries is, in fact, the second Hyperledger project to spin out of Hyperledger Indy. The first was Hyperledger Ursa, announced in December 2018.
Self-sovereign identity based on DIDs requires strong interoperability and pluggability at the infrastructure level. It also requires great applications that offer end-to-end functionality so that users can accomplish jobs with greater security, flexibility, and privacy. Aries is expected to be a major step forward in this direction.
Aries will be the industry’s first implementation of interoperable open source wallets for digital credentials that use the DKMS (Decentralized Key Management System) architecture that Evernym pioneered under a contract with the U.S. Department of Homeland Security.
Site to Site IPSEC VPNs provide a secure means of transmitting data over shared, unsecured networks like the internet. They encrypt data at the Layer 3 IP packet level, providing data authentication, anti-replay protection, confidentiality, and integrity. IPSEC VPNs can operate in either tunnel or transport mode. Site to Site IPSEC VPNs are generally established between gateways in tunnel mode, with the gateway acting as a proxy. They can be configured using either policy-based or route-based approaches.
Security+ Guide to Network Security Fundamentals, 3rd Edition, by Mark Ciampa
Knowledge and skills required for Network Administrators and Information Technology professionals to be aware of security vulnerabilities, to implement security measures, to analyze an existing network environment in consideration of known security threats or risks, to defend against attacks or viruses, and to ensure data privacy and integrity. Terminology and procedures for implementation and configuration of security, including access control, authorization, encryption, packet filters, firewalls, and Virtual Private Networks (VPNs).
CNIT 120: Network Security
http://samsclass.info/120/120_S09.shtml#lecture
Policy: http://samsclass.info/policy_use.htm
Many thanks to Sam Bowne for allowing to publish these presentations.
The document discusses IP subnetting, including:
1. IP classes and why subnetting is used to preserve public IPv4 addresses.
2. An example of subnetting a Class C IP address to create 5 networks, including reserving bits in the subnet mask and determining the resulting network ranges.
3. Another example of subnetting a Class C IP address to create network ranges for 50 hosts, again reserving bits in the subnet mask and determining the network ranges.
This document provides an overview of cryptography concepts including symmetric and asymmetric key algorithms, cryptographic hashes, and tools for cryptanalysis. It defines common terminology like plaintext, ciphertext, encryption, and decryption. Symmetric algorithms discussed include the Vernam cipher, A5/1, DES, AES, and RC4. Asymmetric algorithms covered are RSA and Diffie-Hellman key exchange. Cryptographic hashes like MD5 and SHA-1 are also summarized along with resources for cryptanalysis.
This presentation is based on the security and encryption measures adopted by Apple for its iPhones.
It was submitted to RTU, Kota during final year seminars.
This document discusses different types of client server models. It describes logical layers including the presentation layer, application layer, and data layer. It then defines five common client/server models: distributed presentation, remote presentation, distributed logic, remote data, and distributed data. Each model divides responsibilities between the client and server differently. For example, remote presentation puts the presentation manager on the client and the application and data layers on the server.
WEP (Wired Equivalent Privacy) was the original security protocol for 802.11 wireless networks. It uses RC4 encryption with a weak 40-bit key. WEP has significant flaws like small keys, key reuse, and IV reuse that allow attackers to decrypt packets and compromise networks. While it provides some protection, WEP is insecure and better alternatives like WPA or IPsec should be used to securely encrypt wireless traffic.
The document provides an overview of the Secure Electronic Transaction (SET) protocol. It discusses:
- SET is an open encryption standard designed to securely process credit card transactions over the internet. It uses digital certificates and signatures.
- Key components of SET include confidentiality of information, integrity of data, cardholder authentication, and merchant authentication.
- A SET transaction involves a cardholder, merchant, issuer, acquirer, payment gateway, and certification authority going through an initiate request, initiate response, purchase request, and purchase response process.
- Payment authorization and capture are also part of the SET transaction flow. Digital signatures and certificates are used to authenticate parties and messages.
Kerberos is a network authentication protocol that was developed at MIT in the 1980s to allow nodes communicating over an insecure network to verify each other's identity. It uses tickets and session keys to allow clients and servers to communicate over a non-secure network and establish the identity of the users and servers. The Kerberos authentication process involves three main exchanges between the client, authentication server (KDC), and target server to authenticate users and allow access to services.
The document discusses block ciphers and the Data Encryption Standard (DES). It begins by explaining the differences between block ciphers and stream ciphers. It then covers the principles of Feistel ciphers and their structure, using DES as a specific example. DES encryption, decryption, and key scheduling are described. The document also discusses attacks on DES like differential and linear cryptanalysis. It concludes by covering modern block cipher design principles.
This document discusses decentralized storage systems. It begins by outlining the goals of storage systems, including availability, reliability, and scalability. It then notes that most existing systems use a centralized storage server, which presents a single point of failure. Decentralized storage systems aim to address this by distributing data across multiple nodes for redundancy. The rest of the document outlines key design issues for decentralized storage systems, such as fault tolerance and load balancing. It provides examples of decentralized systems like Cassandra and Glacier, and concludes by arguing that decentralized storage will be increasingly important as data volumes continue rising.
The Internet Key Exchange (IKE) protocol, described in RFC 2409, is a key management protocol standard which is used in conjunction with the IPsec standard. IPsec can be configured without IKE, but IKE enhances IPsec by providing additional features, flexibility, and ease of configuration for the IPsec standard.
OpenID Connect 4 SSI is an initiative conducted at OpenID Foundation in liaison with the Decentralized Identity Foundation. It aims at specifying a set of protocols based on OpenID Connect to enable SSI applications.
The document discusses the Advanced Encryption Standard (AES). It describes AES as a symmetric block cipher selected by the U.S. National Institute of Standards and Technology (NIST) in 2001 to replace the Data Encryption Standard (DES). AES uses a variable block size of 128 bits and a key size of 128, 192, or 256 bits. The cipher operates on a 4x4 column-byte state and has 10, 12, or 14 rounds depending on the key size. Each round consists of byte substitution, shift rows, mix columns, and add round key transformations.
PGP and S/MIME are two standards for securing email. PGP provides encryption and authentication independently of operating systems using symmetric and asymmetric cryptography. S/MIME uses X.509 certificates and defines how to cryptographically sign, encrypt, and combine MIME entities for authentication and confidentiality using algorithms like RSA, DSS, and 3DES. DKIM allows a sending domain to cryptographically sign emails to assert the message's origin and prevent spoofing, while the email architecture standards like RFC 5322 and MIME define message formatting and how attachments are represented.
Zero-Knowledge Proofs: Privacy-Preserving Digital Identity with Clare NelsonSSIMeetup
This talk will introduce Zero-Knowledge Proofs (ZKPs) and explain why they are a key element in a growing number of privacy-preserving, digital-identity platforms. Clare will provide basic illustrations of ZKPs and leave the necessary mathematics foundations to the readers.
After this talk you will understand that there is a variety of ZKPs, it’s still early days, and why ZKP is such a perfect tool for digital identity platforms. This talk includes significant updates from the newly-organized ZKProof Standardization organization plus a signal of maturity: one of the first known ZKP vulnerabilities.
Clare will explain why ZKPs are so powerful, and why they are building blocks for a range of applications including privacy-preserving cryptocurrency such as Zcash, Ethereum, Artificial Intelligence, and older versions of Trusted Platform Modules (TPMs). The presentation includes many backup slides for future learning and researching, including four slides of references.
This document provides an overview of IPSec, including:
- IPSec aims to secure IP communications by providing authentication, integrity, and confidentiality. It operates in transport and tunnel modes.
- The Internet Key Exchange (IKE) negotiates and establishes security associations to secure communications between two endpoints.
- IPSec policy defines which encryption, hashing, and authentication methods apply to different network traffic using protection suites and proposals.
This document provides an overview of Kerberos, including:
- Kerberos is an authentication protocol that uses symmetric encryption and timestamps to allow nodes communicating over an insecure network to verify each other's identity securely.
- It works by having a client first authenticate with an authentication server to obtain a ticket-granting ticket, then uses that ticket to obtain additional tickets for access to other services.
- Kerberos addresses the need for secure authentication in distributed network environments where the workstations themselves cannot be fully trusted.
Digital signatures provide authentication and integrity for electronic documents and transactions. They use public key cryptography where a document is encrypted with the sender's private key and decrypted by the recipient's public key. A digital certificate issued by a certificate authority binds the signer's identity to their public key and is verified using the CA's digital signature. Common uses of digital signatures include software updates, financial transactions, and legally binding documents.
Hyperledger Aries: Open Source Interoperable Identity Solution – Nathan GeorgeSSIMeetup
https://ssimeetup.org/hyperledger-aries-open-source-interoperable-identity-solutions-nathan-george-webinar-30/
Nathan George, Sovrin Foundation CTO, and Hyperledger Contributor will explain what Hyperledger Aries is and how it will facilitate an open source infrastructure for interoperable identity solutions.
Aries was born out of the work on identity agents and identity wallets that began in the Hyperledger Indy project. Aries is, in fact, the second Hyperledger project to spin out of Hyperledger Indy. The first was Hyperledger Ursa, announced in December 2018.
Self-sovereign identity based on DIDs requires strong interoperability and pluggability at the infrastructure level. It also requires great applications that offer end-to-end functionality so that users can accomplish jobs with greater security, flexibility, and privacy. Aries is expected to be a major step forward in this direction.
Aries will be the industry’s first implementation of interoperable open source wallets for digital credentials that use the DKMS (Decentralized Key Management System) architecture that Evernym pioneered under a contract with the U.S. Department of Homeland Security.
Site to Site IPSEC VPNs provide a secure means of transmitting data over shared, unsecured networks like the internet. They encrypt data at the Layer 3 IP packet level, providing data authentication, anti-replay protection, confidentiality, and integrity. IPSEC VPNs can operate in either tunnel or transport mode. Site to Site IPSEC VPNs are generally established between gateways in tunnel mode, with the gateway acting as a proxy. They can be configured using either policy-based or route-based approaches.
Security+ Guide to Network Security Fundamentals, 3rd Edition, by Mark Ciampa
Knowledge and skills required for Network Administrators and Information Technology professionals to be aware of security vulnerabilities, to implement security measures, to analyze an existing network environment in consideration of known security threats or risks, to defend against attacks or viruses, and to ensure data privacy and integrity. Terminology and procedures for implementation and configuration of security, including access control, authorization, encryption, packet filters, firewalls, and Virtual Private Networks (VPNs).
CNIT 120: Network Security
http://samsclass.info/120/120_S09.shtml#lecture
Policy: http://samsclass.info/policy_use.htm
Many thanks to Sam Bowne for allowing to publish these presentations.
The document discusses IP subnetting, including:
1. IP classes and why subnetting is used to preserve public IPv4 addresses.
2. An example of subnetting a Class C IP address to create 5 networks, including reserving bits in the subnet mask and determining the resulting network ranges.
3. Another example of subnetting a Class C IP address to create network ranges for 50 hosts, again reserving bits in the subnet mask and determining the network ranges.
This document provides an overview of cryptography concepts including symmetric and asymmetric key algorithms, cryptographic hashes, and tools for cryptanalysis. It defines common terminology like plaintext, ciphertext, encryption, and decryption. Symmetric algorithms discussed include the Vernam cipher, A5/1, DES, AES, and RC4. Asymmetric algorithms covered are RSA and Diffie-Hellman key exchange. Cryptographic hashes like MD5 and SHA-1 are also summarized along with resources for cryptanalysis.
This presentation is based on the security and encryption measures adopted by Apple for its iPhones.
It was submitted to RTU, Kota during final year seminars.
Device Mapper Multipathing (DM-Multipath) allows aggregating multiple I/O paths between servers and storage arrays into a single device to provide redundancy and improved performance. It can configure paths in active/passive mode for failover or active/active mode to spread I/O load. The multipath.conf file is used to configure DM-Multipath by overriding defaults, blacklisting devices, and specifying attributes for multipaths and storage devices.
The document discusses the results of a study on the effects of exercise on memory and thinking abilities in older adults. The study found that regular exercise can help reduce the decline in thinking abilities that often occurs with age. Older adults who exercised regularly performed better on cognitive tests and brain scans showed they had greater activity in important areas for memory and learning compared to less active peers.
AES encryption on modern consumer architecturesGrigore Lupescu
Specialized cryptographic processors target professional applications and offer both low latency and high throughput at the expense of cost. At the consumer level, a modern SoC embodies several accelerators and vector extensions (e.g. SSE, AES-NI), having a high degree of programmability through multiple APIs (OpenMP, OpenCL, etc). This work explains how a modern x86 system that encompasses several compute architectures (MIMD/SIMD) might perform well compared to a specialized cryptographic unit at the fraction of the cost. The analyzed algorithm is AES (AES-128, AES-256) and the mode of operation is ECB. The initial test system is built around SoC AMD A6 5400K (CPU + integrated GPU), coupled with a discrete GPU – AMD R7 250. Benchmark results compare CPU OpenSSL execution (no AES-NI), CPU AES-NI acceleration, integrated GPU, discrete GPU and heterogeneous combinations of the above processing units. Multiple test results are presented and inconsistencies are explained. Finally based on initial results a system composed only of low-end and low power consumer components is designed, built and tested.
This document discusses tools that facilitate password recovery and data decryption to assist investigations. It describes the company's history and products, including Thunder Tables for recovering encryption keys without knowing passwords, and GPU and cluster acceleration for faster password cracking. New products like Elcomsoft Phone Password Breaker are shown to recover passwords from mobile device backups by decrypting encryption schemes like those used on iOS and Blackberry backups.
Свежая презентация по комплекту шифрования Intel Security (McAfee). Рассмотрены сценарии интеграции выборочного шифрования файлов с модулем DLP Endpoint. Даны практические рекомендации по внедрению шифрования. Рассмотрены особенности каждого из модулей шифрования.
Краткий обзор нововведений ENSv10.1
Усиленная защита, улучшенный скан, упрощенные политики и редизайн интерфейса. На закуску - интеграция с TIE (DXL) и ATD. Ну и мое любимое - конструктор правил Access Protection.
Техническая презентация решений McAfee (Intel Security) по шифрованию данных.
Рассматривается процесс развертывания и управления.
Подробно расписаны особенности и возможности актуальных версий продуктов.
Содержимое:
- номенклатура решений шифрования
- основы работы с еРО
- Drive Encryption (Win) детально
- Management of Native Encryption (Win, Mac) детально
- File & Removable Media Protection (Win)
- Источники знаний
- Советы из практики
Целевая аудитория:
Руководители ИТ/ИБ подразделений, специалисты по защите информации.
Атаки на критичну інфраструктуру України. Висновки. Рекомендації.Vladyslav Radetsky
Короткий огляд атак, у розслідуванні який приймав участь.
Аналітика. Маркери компрометації. Рекомендації.
Контент доповіді стосується не лише енергетиків і є актуальним не лише для державного сектору.
Розраховано на широкий загал. В першу чергу - працівників ІТ/ІБ підрозділів.
Talk at IKNOW 2013, describing the Semantic Pattern Transformation.
This process transforms feature vectors, which are commonly used in machine learning into a semantic representation. The advantage is that we can use this model across all domains, which is not possible for the raw feature vectors without cumbersome preprocessing operations.
Few tips for iOS application development from security perspective.
Google docs presentation: https://docs.google.com/presentation/d/1eLQ40YCReg_pXp2as9FrbTgkNfOjOoPxDYUbFNyrT-M/pub?start=false&loop=false&delayms=3000
This document discusses various techniques for optimizing Android for low-RAM devices, including:
1. Tuning apps to release memory more aggressively, the Dalvik VM to use less memory, and the ActivityManager to better manage processes.
2. Configuring Dalvik VM properties like heap sizes and disabling JIT compilation to reduce memory usage.
3. Enabling kernel features like KSM for memory sharing and adjusting lowmemkiller parameters to more aggressively free memory.
4. Using tools like dumpsys, procrank, and meminfo to monitor memory usage and identify optimization opportunities.
This document provides an agenda for a training on iOS application penetration testing. It covers topics such as setting up an iOS pen testing environment, understanding the iOS filesystem and Objective-C runtime, runtime analysis and manipulation, insecure data storage, analyzing network traffic, jailbreak detection, secure coding guidelines, and automated testing. Tools discussed include class-dump-z, cycript, clutch, and gdb for analyzing iOS applications.
This slide briefs about various tools & techniques used to extract unprotected data from iOS apps. You can extract resource files, database files, get data in runtime using various methods. In my next slides I will brief about the ways to secure your iOS apps.
Prem Kumar is a senior security consultant who specializes in web, mobile, and network penetration testing. He has previously presented at security conferences and found vulnerabilities in applications from companies like Facebook, Apple, and Yahoo. The agenda for his talk covers topics like iOS architecture, application structures, types of iOS applications and distribution methods, iOS penetration testing techniques, jailbreaking, and setting up an iOS testing platform. He will demonstrate runtime analysis and penetration testing on real iOS applications.
Hacking and Securing iOS Applications by Satish BomissttyClubHack
iOS applications share common set of classes and highly depends on the operating system solutions for data communication, storage and encryption. Solely depending on the Apple implementation made them less complex but it affects security of the applications. Though iOS comes with a great set of security features like code signing, ASLR, DEP, sand boxing and Data Protection, all of them are subject to attack. Relying only on the iOS security could lead to demise the sensitive data stored within the application when the iOS is compromised. Application security can be improved by understanding the weaknesses in the current implementation and incorporating own code that work better.
The presentation illustrates several types of iOS application attacks like run time manipulation, custom code injection, SSL session hijacking and forensic data leakage. It gives an insight into the iOS Keychain & data protection API and explains the techniques to circumvent it. The presentation will provide guidelines and suggests best practices for secure iOS application development.
This document provides an overview of iOS security concepts and loopholes, and how they can be exploited to hack iOS applications or steal user data. It discusses various local storage mechanisms like plist files, SQLite databases, and the keychain that applications use, and how unencrypted or poorly secured data stored in these locations could potentially be compromised. It also covers other issues like screenshot caching, error logs, and the keyboard cache that could potentially leak sensitive data. Strategies for developing more secure applications to avoid such issues are also presented.
This document discusses hacking and securing iOS applications. It begins by covering iOS security concepts and loopholes, then discusses how those loopholes can affect apps and allow easy theft of app data. The remainder of the document provides guidance on how to protect apps by securing local storage locations, runtime analysis, and transport security. Key recommendations include encrypting sensitive data, using data protection APIs, restricting access to private data, and properly validating SSL certificates.
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationLumension
This document discusses how to secure corporate information on iOS and Android devices. It outlines 9 key areas to focus on: 1) unattended device control 2) password complexity 3) encryption 4) remote lock 5) remote wipe 6) detection of jailbroken/rooted devices 7) hardware/software inventory 8) restricting device features 9) using policies to enable desired features. For each area, it describes considerations and options for securing iOS and Android devices. It emphasizes the importance of device health monitoring, password/encryption enforcement, remote wipe capabilities, and using mobile device management software to consistently manage mobile endpoints.
Presentation on conducting mobile device forensics without the use of expensive commercial tools, instead utilising FOSS alternatives. Conducting manual analysis makes you a better forensic analyst as well as helps to discover more potential evidence. From acquisition, to analysis, to malware disassembly, this presentation will provide a primer on all facets of mobile forensics.
This document discusses security issues and vulnerabilities in the iOS operating system. It begins with an overview of the iOS hardware and software architecture, including the security features like sandboxing and code signing. It then explains what a jailbreak is and how it attacks the chain of trust to bypass these protections. The document outlines several ways sensitive data can be accessed, such as through property lists, SQLite databases, keychains, logs, and cached files. It also discusses client-side vulnerabilities like SQL injection, XSS, and logging of sensitive information. Finally, it promotes learning about mobile security through tools like OWASP iGoat and the speaker's company AppKnox.
iOS is designed with security as a priority, combining software, hardware, and services to maximize security while maintaining ease of use. The system security architecture includes a secure boot process, code signing to only allow trusted software, and the Secure Enclave chip for sensitive data like biometric authentication. Device controls allow configuration of security policies and location services. Encryption protects data both at rest and in transit using hardware and software features. App security validates apps are from approved developers and isolates them. Network protocols like TLS, VPN, and WiFi security standards ensure private communication. Apple Pay and services like iMessage and FaceTime also have security measures to protect users and their data.
Mobile apps are increasingly handling sensitive user data, but threats to mobile security are also rising. The document discusses several common mobile app vulnerabilities related to improper platform usage, insecure data storage, and insecure authentication. It provides guidelines for developing secure iOS and Android apps, such as using data protection and restrictions for files, keychain items, and cached network responses. Following security best practices for mobile platforms can help protect user privacy and sensitive data.
This document discusses security requirements and features in iOS. It describes the architecture of iOS which includes core OS, core services, media services and Cocoa Touch layers. It then covers key security aspects like application sandboxing, memory randomization, encryption, data storage format and built-in antivirus capabilities in iOS. Application sandboxing isolates each app and assigns a unique ID. Memory is randomly allocated through address space layout randomization. Encryption and additional data protection layers secure data storage. As apps are only downloaded from the App Store, iOS does not require additional antivirus software.
This document discusses iOS application penetration testing from the perspective of a penetration tester. It begins with an overview of iOS applications and the iOS monoculture, covering code signing, sandboxing, and encryption. It then discusses various techniques a penetration tester may use, including checking compile options, exploiting URL schemes, analyzing insecure data storage in databases, property lists, keyboard caches, image caches, and error logs. It also covers runtime analysis using tools like Clutch, Class-Dump-Z, and Cycript to decrypt binaries, dump classes, and interact with running apps. Examples are provided of potential attacks against apps that involve bypassing locks, extracting hardcoded keys, or injecting malicious code. Defense techniques are also briefly explained.
Synapse india iphone apps presentation oncracking and analyzing apple icloudSynapseIndiaiPhoneApps
This document discusses analyzing Apple iCloud backups, Find My iPhone, and document storage. It provides an overview of iOS forensics needs given the widespread adoption of Apple devices. It describes iOS data protection methods, including encryption. It then covers analyzing iCloud backups, the Find My iPhone protocol, and accessing files stored in iCloud documents. The conclusion discusses balancing security, privacy, and convenience when analyzing Apple cloud services and the need for further work to access additional data types and decrypt encrypted information.
This document summarizes different types of mobile encryption and common issues. It discusses five types of mobile encryption including SSL, disk encryption, keychain, app encryption, and containers. It then describes examples of problems with SSL implementation and proxying, issues cracking Android and iOS encryption, weaknesses in keychain storage, and common app encryption failures like hard-coded keys. The document provides recommendations to properly implement strong encryption, avoid storing sensitive data on devices, and follow best practices.
This document discusses security issues related to the Internet of Things (IoT). It notes that as the number of connected devices grows, so too will cyber attacks targeting IoT devices, as they often contain personal information and have existing vulnerabilities. Common IoT security threats mentioned include denial of service attacks, malware, data breaches, and weakening of security perimeters. The document advocates addressing IoT security across all levels from devices to cloud infrastructure. It presents Intel's IoT security portfolio as providing comprehensive protection from physical attacks and cyber threats, including features like secure boot, whitelisting, encryption, and centralized management of devices and data.
Ярослав Воронцов — Пара слов о mobile security.DataArt
This document provides an overview of security in mobile apps, covering topics such as theoretical cryptography concepts, iOS security features, attacking iOS apps, and protection mechanisms. It begins with introductions to theoretical cryptography topics. It then discusses iOS hardware and software security features like the secure enclave, file encryption, and keychain protection. Next, it outlines common ways to attack iOS apps and penetration testing tools. Finally, it reviews iOS cryptography APIs and transport security features like App Transport Security.
Troopers14 Advanced Smartphone forensics - Vladimir KatalovJose Moruno Cadima
1) The document discusses various methods for extracting data from smartphones including iOS, Windows Phone 8, and BlackBerry 10 devices. It focuses on logical and physical acquisition techniques as well as extracting data from iCloud and local backups.
2) The document provides details on how to extract data from iOS backups stored in iCloud without needing the Apple ID and password by decrypting authentication tokens.
3) Encryption methods for iCloud backups are summarized, noting that Apple holds the encryption keys and therefore has access to the backed up data, including potentially decrypting Keychain items.
The document summarizes iOS device protection techniques used by Apple, including Secure Enclave, Touch ID, keychain, code signing, and baseband hardware integration. It analyzes the security of these techniques and discusses potential attack vectors such as hardware attacks, firmware updating attacks, firmware defects, driver reverse engineering, and jailbreaking. Current and potential future attacks are described in detail.
This document summarizes a presentation on iPhone and iPad security. It discusses how to configure passcode policy and other restrictions on devices through configuration profiles. It also covers securing data through encryption, securing network communications through VPNs and SSL, and developing secure applications that properly handle authentication, authorization, data storage and cryptography. The presentation warns of risks from jailbreaking devices and accessing unsecured configuration profiles and provides recommendations for addressing these risks.
“An Outlook of the Ongoing and Future Relationship between Blockchain Technologies and Process-aware Information Systems.” Invited talk at the joint workshop on Blockchain for Information Systems (BC4IS) and Blockchain for Trusted Data Sharing (B4TDS), co-located with with the 36th International Conference on Advanced Information Systems Engineering (CAiSE), 3 June 2024, Limassol, Cyprus.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!SOFTTECHHUB
As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
Full-RAG: A modern architecture for hyper-personalizationZilliz
Mike Del Balso, CEO & Co-Founder at Tecton, presents "Full RAG," a novel approach to AI recommendation systems, aiming to push beyond the limitations of traditional models through a deep integration of contextual insights and real-time data, leveraging the Retrieval-Augmented Generation architecture. This talk will outline Full RAG's potential to significantly enhance personalization, address engineering challenges such as data management and model training, and introduce data enrichment with reranking as a key solution. Attendees will gain crucial insights into the importance of hyperpersonalization in AI, the capabilities of Full RAG for advanced personalization, and strategies for managing complex data integrations for deploying cutting-edge AI solutions.
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc
How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024?
In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores.
See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe.
This webinar will review:
- The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey
- The top challenges for privacy leaders, practitioners, and organizations in 2024
- Key themes to consider in developing and maintaining your privacy program
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
3. IAIK
Encryption on Smartphones
Why do we need it?
Data protection (application files and credentials)
Remote Wiping: without encryption not feasible (takes too much time)
Where to place the encryption system?
Operating system: iOS, Windows Phone, QNX, Android
Smartphone applications: container applications, BYOD!
4. IAIK
Encryption support: iOS, Blackberry OS, Android (>= 3.x), Windows Phone
Well fine, every platform supports it... Done?
5. IAIK
There is More Than Marketing
Purpose: What’s the purpose of the encryption system?
Encryption scope: Which data is encrypted, and how many keys are used?
Key details: Where is the key, and how is it derived?
Locked state: How does the encryption system behave when the phone is locked?
How does the system handle incoming data?
Implementation: Hardware? Software?
Attacks: How can the system be attacked? Where are the weak points?
MDM: Mobile Device Management: enforce encryption, manage its PINs
Security: Complex systems, many mistakes can be made, key escrow???
6. IAIK
iOS - Encryption
Two encryption systems:
Device encryption (file-system):
Introduced with IOS 3 and the iPhone 3GS, based on a chip
Data protection (individual files and credentials):
Introduced with IOS 4, is an addition to the first one, improved in IOS 5
(new classes, better keychain protection)
Backup:
iTunes, iCloud: Encrypting backups and its consequences
7. IAIK
iOS - Encryption
Secure
Element
AES Key
Filesystem
Key
File system
Operating
system
Application
1
File 1
JailBreak
Remote Wipe
PIN/Passcode
File 2
Application
2
Application
3
File 3
File 4 File 5
Data
protection
class keys
File system encryption
Not dependent on
PIN/Passcode
Data Protection
Per-file, dependent on PIN/Passcode and
Secure Element key
Key Derivation
Developer's Choice!!!
file-system encryption
Data Protection system
8. IAIK
iOS - Device Encryption
First system: file-system encryption
File-system encryption keys protected via key that is stored on hardware
chip
PIN/Passcode is NOT used for key derivation
When the phone is stolen: apply jailbreak to circumvent PIN protection,
the system decrypts the data for you
Thus: Only makes sense for fast remote wiping
9. IAIK
iOS - Data Protection - Files
Second system: Data Protection
In addition to device encryption
Protecting specific application files
(e.g. emails, the PDF files within a PDF reader application etc.)
Unique file keys, stored encrypted in the extended attributes of the file
Different protection classes defined by the developer (!)
10. IAIK
iOS - Data Protection - Files
Protection classes:
NSProtectionNone: File encryption keys protected with “Device Encryption
keys”, thus no real protection
For all the others: File encryption keys are encrypted with a key that is
derived from the UID key and from the PIN/passcode: Thus, without the PIN,
jailbreaking etc. does not reveal the encrypted data
NSProtection: Complete, UntilFirstUserAuthentication, UnlessOpen
11. IAIK
iOS - Data Protection - Files
Problem:
Protection Class choice is handled by the developer.
The user/admin does not know which apps encrypt their data
Consider:
Getting an email with a PDF (email app uses data protection), and
opening the email in an PDF reader that does not encrypt the data...
12. IAIK
iOS - Data Protection - Keychain
Keychain: used to store credentials (passwords, private keys, certificates etc.)
Protection Classes:
Always (!) (similar to NONE for files)
AfterFirstUnlock (UntilFirstUserAuthentication)
WhenUnlocked (Complete)
also in a “ThisDeviceOnly” version (not included in backups)
IOS 4: only the secret was protected, not the usernames etc.
since IOS 5: every aspect is encrypted
13. IAIK
iOS - Data Protection - Brute Force
PIN plays a vital role for Data Protection
Keys are derived from hardware chip and PIN code
Properties:
PIN length
Brute force attacks: Rely on the availability of a jailbreak
Estimated time for brute-force attacks?
14. IAIK
iOS - Data Protection - Brute ForceTime to derive the key from the
password (ms) 80 1
Lock-Screen Type Time to try out 100% of the possible passcodesTime to try out 100% of the possible passcodesTime to try out 100% of the possible passcodesTime to try out 100% of the possible passcodes
Standard numerical
Passcode
length
Number of
symbols
Number of
passcodes Minutes Hours Days Years
4 10 10000 13.3 0.2 0.0 0.0
Extended numerical 4 10 10000 13.3 0.2 0.0 0.0
5 10 100000 133.3 2.2 0.1 0.0
6 10 1000000 1,333.3 22.2 0.9 0.0
7 10 10000000 13,333.3 222.2 9.3 0.0
8 10 100000000 133,333.3 2,222.2 92.6 0.3
9 10 1000000000 1,333,333.3 22,222.2 925.9 2.5
10 10 1E+10 13,333,333.3 222,222.2 9,259.3 25.4
Alphanumerical 4 36 1679616 2,239.5 37.3 1.6 0.0
lowercase letters and numbers 5 36 60466176 80,621.6 1,343.7 56.0 0.2
10 numbers and 26 letters 6 36 2176782336 2,902,376.4 48,372.9 2,015.5 5.5
7 36 7.8364E+10 104,485,552.1 1,741,425.9 72,559.4 198.8
8 36 2.82111E+12 3,761,479,876.6 62,691,331.3 2,612,138.8 7,156.5
9 36 1.0156E+14 135,413,275,557.9 2,256,887,926.0 94,036,996.9 257,635.6
10 36 3.6562E+15 4,874,877,920,084.0 81,247,965,334.7 3,385,331,888.9 9,274,881.9
Alphanumerical 4 62 14776336 19,701.8 328.4 13.7 0.0
lower/uppercase letters and numbers 5 62 916132832 1,221,510.4 20,358.5 848.3 2.3
10 numbers and 52 letters 6 62 5.6800E+10 75,733,647.4 1,262,227.5 52,592.8 144.1
7 62 3.5216E+12 4,695,486,141.6 78,258,102.4 3,260,754.3 8,933.6
8 62 2.1834E+14 291,120,140,779.9 4,852,002,346.3 202,166,764.4 553,881.5
9 62 1.3537E+16 18,049,448,728,351.4 300,824,145,472.5 12,534,339,394.7 34,340,655.9
10 62 8.3930E+17 1,119,065,821,157,790.0 18,651,097,019,296.4 777,129,042,470.7 2,129,120,664.3
Complex 4 107 131079601 174,772.8 2,912.9 121.4 0.3
lower/uppercase letters and numbers 5 107 1.4026E+10 18,700,689.7 311,678.2 12,986.6 35.6
symbols 6 107 1.5007E+12 2,000,973,802.5 33,349,563.4 1,389,565.1 3,807.0
10 numbers, 52 letters and 45 symbols 7 107 1.6058E+14 214,104,196,863.8 3,568,403,281.1 148,683,470.0 407,352.0
8 107 1.7182E+16 22,909,149,064,425.6 381,819,151,073.8 15,909,131,294.7 43,586,661.1
9 107 1.8385E+18 2,451,278,949,893,540.0 40,854,649,164,892.3 1,702,277,048,537.2 4,663,772,735.7
10 107 1.9672E+20 262,286,847,638,609,000.0 4,371,447,460,643,480.0182,143,644,193,478.0499,023,682,721.9
15. IAIK
iOS - Backups
ITunes
encrypted backups, plain backups
iCloud
somehow encrypted...
How to mark a file for Backup?
Developer’s choice
Default is “yes”
Marked files are transferred to iTunes, iCloud backups when activated
16. IAIK
iTunes - Plain Backups
Files stored in plain
Credentials are also
stored encrypted!
Encryption key is stored on the iOS device
Thus: Credentials in plain backups cannot be restored on other devices
As a result: credentials are better protected in unencrypted iTunes backups
than in encrypted ones!
Files
Credentials
Encryption Key
Plain iTunes BackupiOS Device
Files
Credentials
marked for backup
17. IAIK
iTunes - Encrypted Backups
Key is derived from a password
selected by the user (no MDM
influence)
Files and credentials
in Backup are protected
via the derived key
Credentials can be restored on other iOS device (with the right protection class)
Problem:
Brute-force attack on weak passwords, when backup is stolen
Protection for keys is acutally weaker than in plain iTunes Backups (!!!)
Files
Credentials
Plain iTunes BackupiOS Device
Files
Credentials
marked for backup
Backup
Encryption Key
User
Password
Derived
Encryption Key
KDF
18. IAIK
iCloud - Backups
iCloud backups and iCloud sync
Protection via passcode selected by the user (no MDM influence, except for
deactivating iCloud backups and sync)
If attacker gains access to this account, the backup can be restored
Details about the iCloud encryption process are not known
Data on iCloud: similar to security considerations required as for other cloud
providers (DropBox etc.)
20. IAIK
iOS - Summary
Good protection by iOS encryption systems
However:
interactions of the systems is manifold
implications for deployments in security-criticial deployment scenarios: In-
depth knowledge of the involved systems is required!
Developer influence!
Outlook: Paper at SECRYPT 2013 (Workflow for Deploying iOS devices)
21. IAIK
iOS - Workflow
Application
File protection
class analysis
KeyChain
protection
class analysis
Files with class
NsFileProtectionNone
Files with other
classes
Passcode
circumvention via
Jailbreaking/
Rooting
KeyChain entries with
Always/
AlwaysDeviceOnly
Passcode
circumvention via
Jailbreaking/
Rooting
On-device
brute-force attack
No-off device
attacks possible
KeyChain entries
with safe classes
On-device
brute-force attack
File backup
state analysis
Files in backupNo files in backup
No-off device
attacks possible
KeyChain
backup state
analysis
All credentials with
thisDeviceOnly
classes
Credentials with
transferable classes
iCloud
account
security
Standard
iTunes
backup?
iCloud
backup?
Encrypted
iTunes
backup?
Critical data
at cloud
provider
iCloud
account
security
Standard
iTunes
backup?
iCloud
Backup?
Encrypted
iTunes
backup?
Off-device
brute-force
attack
Critical data
at cloud
provider
ApplicationApplication
System
Security
Analysis
Passcode selection
based on brute-
force times
Passcode selection
based on brute-
force times
Off-device
brute-force
attack
Minor risk
Medium risk
High risk
Analysis/Tool
No access to
credentials
Direct file
access on
backup
device
23. IAIK
Android
Two systems:
DM-Crypt based file-system encryption system
On SD card: depends on version, platform
Android KeyChain - for storing credentials:
Same PIN/Passcode and key derivation function as for the file-
system
Stores as file in the file-system
24. IAIK
Android - Device Encryption
Android versions:
Tablets: Since Android 3.x
Smartphones: Since Android ICS (4.x)
Even if 4.x, not supported on every platform
Not activated by default
Uses dm-crypt (Linux) as an encryption layer
when data is written/read to the storage device
No hardware module used (brute-force attacks!)
25. IAIK
Android - Device Encryption
PIN entry before system boot-up, key derivation based on PIN and
salt stored in the dm-crypt meta-data
When device is booted, system can access every file (no protection
classes...)
Pattern/Face lock systems deactivated...
Passcode for file-encryption is same as used for locking the phone
(shoulder surfing)
26. IAIK
Android - Device Encryption
Filesystem
Key
File system
Operating
system
Application
1
File 1
Remote Wipe
PIN/Passcode
File 2
Application
2
Application
3
File 3
File 4 File 5
File system
encryption
Key
Derivation
Differences to iOS file-system encryption:
PIN/passcode during boot process
But no hardware chip is involved
27. IAIK
Android - Brute Force Attacks
For KeyChain and Device-Encryption System
Basic steps:
Extract file-system meta-information from encrypted device
Run Brute-force tool
No hardware chip involved: speed-up by using multiple instances (e.g., in
the cloud)
https://santoku-linux.com/howto/mobile-forensics/how-to-brute-force-
android-encryption
28. IAIK
Android - Brute Force Times (1 ECU)
Time to derive the key from the
password (ms) 15.38 1
Lock-Screen Type Time to try out 100% of the possible passcodesTime to try out 100% of the possible passcodesTime to try out 100% of the possible passcodesTime to try out 100% of the possible passcodes
Standard numerical
Passcode
length
Number of
symbols
Number of
passcodes Minutes Hours Days Years
4 10 10000 2.6 0.0 0.0 0.0
Extended numerical 4 10 10000 2.6 0.0 0.0 0.0
5 10 100000 25.6 0.4 0.0 0.0
6 10 1000000 256.3 4.3 0.2 0.0
7 10 10000000 2,563.3 42.7 1.8 0.0
8 10 100000000 25,633.3 427.2 17.8 0.0
9 10 1000000000 256,333.3 4,272.2 178.0 0.5
10 10 1E+10 2,563,333.3 42,722.2 1,780.1 4.9
Alphanumerical 4 36 1679616 430.5 7.2 0.3 0.0
lowercase letters and numbers 5 36 60466176 15,499.5 258.3 10.8 0.0
10 numbers and 26 letters 6 36 2176782336 557,981.9 9,299.7 387.5 1.1
7 36 7.8364E+10 20,087,347.4 334,789.1 13,949.5 38.2
8 36 2.82111E+12 723,144,506.3 12,052,408.4 502,183.7 1,375.8
9 36 1.0156E+14 26,033,202,226.0 433,886,703.8 18,078,612.7 49,530.4
10 36 3.6562E+15 937,195,280,136.1 15,619,921,335.6 650,830,055.7 1,783,096.0
Alphanumerical 4 62 14776336 3,787.7 63.1 2.6 0.0
lower/uppercase letters and numbers 5 62 916132832 234,835.4 3,913.9 163.1 0.4
10 numbers and 52 letters 6 62 5.6800E+10 14,559,793.7 242,663.2 10,111.0 27.7
7 62 3.5216E+12 902,707,210.7 15,045,120.2 626,880.0 1,717.5
8 62 2.1834E+14 55,967,847,064.9 932,797,451.1 38,866,560.5 106,483.7
9 62 1.3537E+16 3,470,006,518,025.6 57,833,441,967.1 2,409,726,748.6 6,601,991.1
10 62 8.3930E+17 215,140,404,117,585.0 3,585,673,401,959.7 149,403,058,415.0 409,323,447.7
Complex 4 107 131079601 33,600.1 560.0 23.3 0.1
lower/uppercase letters and numbers 5 107 1.4026E+10 3,595,207.6 59,920.1 2,496.7 6.8
symbols 6 107 1.5007E+12 384,687,213.5 6,411,453.6 267,143.9 731.9
10 numbers, 52 letters and 45 symbols 7 107 1.6058E+14 41,161,531,847.1 686,025,530.8 28,584,397.1 78,313.4
8 107 1.7182E+16 4,404,283,907,635.8 73,404,731,793.9 3,058,530,491.4 8,379,535.6
9 107 1.8385E+18 471,258,378,117,033.0 7,854,306,301,950.6 327,262,762,581.3 896,610,308.4
10 107 1.9672E+20 50,424,646,458,522,500.0 840,410,774,308,709.0 35,017,115,596,196.2 95,937,303,003.3
29. IAIK
Backup, SD-Card
Backup:
Depends on Android version, proprietery platform extentions
Mobile Device Management: Fragmentation: Google, Samsung etc.
SD card:
not supported on every device
encryption also depends on the platform
30. IAIK
Summary
Heteregeneous Mobile Device Encryption Systems
Different systems, scope etc. require many security related considerations
Worflows for Security Officers
iOS worflow published
Now we are working on all the details of the Android system
31. IAIK
Android
Problems:
external brute force: extract salt, something that is encrypted, use a
cluster...
no protection classes, nor file based encryption, data is accessible
even when device is locked (malicious apps in background???)
Android is so nice to tell us the complexity of the PIN (no permission
required)
Advantage (in comparison to IOS):
The device level encryption key is based on the PIN, does the PIN is
needed to access the data (compare with device-level protection on
32. IAIK
iOS
standard
iOS
data protection
Android
> 3.x
Blackberry Windows Phone
Purpose? remote wipe data, credentials prot. data, cred. pr. data cred. pr. ?
Scope? filesystem files filesystem ? WP7: files WP8: file-system
Key storage? SE, RAM SE, RAM disk, RAM disk, RAM (?) ? (no)
Encrytion keys
available during lock?
yes no yes no ?
Key derivation? SE SE, PIN PIN PIN (?) ?
Brute-Force? - on device off device off device ?
Activated by? always developer/user (PIN) user (settings) policies, user developer ?
User/admin? - no yes yes ?
Issues
jailbreak danger
only for remote
wipe
developer decides!
user does not know state
manual
activation
keys remain in
RAM
no classes
? ?
Encryption Overview
33. IAIK
iOS - Data Protection - Files
Key handling when locked/unlocked
NSProtectionComplete: Keys are removed from memory when device is
locked, thus the files are not available in the locked state
NSFileProtectionCompleteUntilFirstUserAuthentication: files are available
after first unlock
NSFileProtectionCompleteUnlessOpen: symmetric keys are not available
when the device is locked. How to encrypt incoming data? e.g. emails? by
using asymmetric encryption (in this case: based on elliptic curves),
private key is not available when locked
35. IAIK
IOS - PINS
Key derivation includes many iteration and requires the HSM key
Further: brute forcing must be done on the device!!! The HSM key is only on
the chip on the device...
A real HSM: why doesn’t the chip implement some kind of exponential back-
off, or even wipe the key when using the wrong PIN to often?
After talking to some hardware experts at the IAIK: an HSM is quite complex,
e.g. implementing the counter is quite difficult (where to store that?)
36. IAIK
IOS - PINS
PIN length: typically: numerical PINs with length 4: 10000 possible
PINs... not much
Brute force:
not possible via GUI: option to wipe the device after several wrong
entries
however who is attacking this via the GUI :-) ?
Jail breaking: access to API, brute forcing the PINs
BUT: key derivation based on PIN and the key in the HSM