SlideShare a Scribd company logo

A Brief History of Cryptographic Failures - Mork

Download as PPTX, PDF
Nothing Nowhere
Nothing Nowhere

The document summarizes a presentation given on cryptographic failures. It introduces the speaker and provides context on cryptography. It then details three specific failures: 1) the use of MD5 for digital certificates led to forged certificates, 2) reuse of settings and keys undermined the security of the Enigma machine, and 3) flaws in WEP allowed wireless networks to be cracked. It also briefly mentions some other notable crypto failures and systems with weaknesses. The presentation used a lighthearted comic approach to explain the technical concepts.

1 of 41
@NTXISSA #NTXISSACSC4 A Brief History of Cryptographic Failures Brian Mork CISO Celanese 2016-10-07
@NTXISSA #NTXISSACSC4 Who Am I? • CISO at S&P 500/Fortune 500 company • Former air-drop hacker, security engineer, penetration tester, RF simulation engineer, electronics intelligence expert, optician’s assistant, newspaper delivery boy, software pirate, party organizer, and short order cook. • Also known as “Hermit” within the information security/hacker community NTX ISSA Cyber Security Conference – October 2-3, 2015 2
@NTXISSA #NTXISSACSC4 DISCLAIMERS • I’m not an expert in cryptography • While I take cryptography seriously, I don’t take myself seriously • I used pictures from the Internet. I’ve listed the sources I know on the second to last slide. • If we can’t have fun with this… NTX ISSA Cyber Security Conference – October 2-3, 2015 3
@NTXISSA #NTXISSACSC4 Well, then… NTX ISSA Cyber Security Conference – October 2-3, 2015 4
@NTXISSA #NTXISSACSC4 Agenda • What is Cryptography? • Why Cryptography? • Our Cast • The Failures • Honorable Mentions • Q&A NTX ISSA Cyber Security Conference – October 7-8, 2016 5
@NTXISSA #NTXISSACSC4 What Is Cryptography? “The process of writing or reading secret messages or codes.” - Miriam Webster Dictionary “The art of writing or solving codes.” - Oxford English Dictionary “The scientific field of study related to protecting or verifying information.” - Brian Mork NTX ISSA Cyber Security Conference – October 2-3, 2015 6
@NTXISSA #NTXISSACSC4 Why Cryptography? • Because you lack trust in… something… • Transmission mediums • Integrity of communications • Other people • Governments • Cigarette smoking men • Etc. NTX ISSA Cyber Security Conference – October 2-3, 2015 7
@NTXISSA #NTXISSACSC4 Our Cast In traditional cryptographic discussions we would consider the following actors: • Alice – Someone sending information • Bob – Someone receiving information • Eve – Someone eavesdropping All because Ron Rivest (of RSA fame) used such terms back in the 1970s. NTX ISSA Cyber Security Conference – October 2-3, 2015 8
@NTXISSA #NTXISSACSC4 Our REAL Cast Times have changed, and we need heroes who reflect those times… NTX ISSA Cyber Security Conference – October 2-3, 2015 9 Alice, as… well… Alice … Dilbert, as Bob … … and Catbert, as Eve. Or evil. Either one/both.
@NTXISSA #NTXISSACSC4 And now here’s something we hope you’ll really like! NTX ISSA Cyber Security Conference – October 2-3, 2015 10
@NTXISSA #NTXISSACSC4 Failure One NTX ISSA Cyber Security Conference – October 2-3, 2015 11 REGULAR FAIL
@NTXISSA #NTXISSACSC4 The Scenario Alice and Dilbert set up a secure website. It’s amazing. It was hacker proof (just trust me on this one), with an official certificate and everything. Unfortunately, their agents used browsers that still trusted root certificate authorities that used MD5 for hashing. NTX ISSA Cyber Security Conference – October 2-3, 2015 12
@NTXISSA #NTXISSACSC4 Failure: MD5 Certificate So what is MD5? • Hashing algorithm • Vulnerable to collisions • Was still used through 2008 by certificate authorities NTX ISSA Cyber Security Conference – October 2-3, 2015 13
@NTXISSA #NTXISSACSC4 Failure: MD5 Collisions What is a collision? It’s when two different inputs create the same output. Why is that bad? Because… that’s exactly what it’s not supposed to do! NTX ISSA Cyber Security Conference – October 2-3, 2015 14
@NTXISSA #NTXISSACSC4 Failure: MD5 Collisions How can we make that worse? By having a condition where two different inputs share a function or format, such as documents and executables Or, I don’t know… cryptographic material NTX ISSA Cyber Security Conference – October 2-3, 2015 15
@NTXISSA #NTXISSACSC4 Failure: MD5 Collisions The first MD5 collision was in 2004. By 2007 colliding executables, documents, and more were possible and had been demonstrated, due to chosen-prefix collisions. Enter the fake certificate authority! NTX ISSA Cyber Security Conference – October 2-3, 2015 16
@NTXISSA #NTXISSACSC4 Failure: MD5 Collisions Step 1: Generate a pair of certificates with the same hash but different characteristics (e.g. make one a CA that can sign anything). Step 2: Get the benign certificate signed by a ”real” CA and copy that signature to the malicious one. Step 3: Profit NTX ISSA Cyber Security Conference – October 2-3, 2015 17
@NTXISSA #NTXISSACSC4 Failure: MD5 Collisions NTX ISSA Cyber Security Conference – October 2-3, 2015 18
@NTXISSA #NTXISSACSC4 Failure: MD5 Collisions And what does that give you? A certificate that can sign literally anything, and which validates back to a trusted root certificate authority. I am Google Microsoft Mr. Robot Whomever I want to be! NTX ISSA Cyber Security Conference – October 2-3, 2015 19
@NTXISSA #NTXISSACSC4 Failure: MD5 Collisions NTX ISSA Cyber Security Conference – October 2-3, 2015 20 I am Dilbert. You can trust this because Alice said I am. Now tell me all your secrets. They’re safe with me.
@NTXISSA #NTXISSACSC4 Failure Two NTX ISSA Cyber Security Conference – October 2-3, 2015 21
@NTXISSA #NTXISSACSC4 The Scenario • In an alternate dimension, Alice has ascended to lead a military force against the evil feline nation of Catbertia. • Dilbert, her lead general, needs to communicate securely with her. • They decide to deploy one of the most effective physical cryptographic systems ever made… the enigmatic… er… Enigma. NTX ISSA Cyber Security Conference – October 2-3, 2015 22
@NTXISSA #NTXISSACSC4 Failure X: Enigma This is the Engima. It was a beauty of engineering. Multiple rotors, each input changed the next encoding, easy to operate and fiendishly difficult to brute force. NTX ISSA Cyber Security Conference – October 2-3, 2015 23
@NTXISSA #NTXISSACSC4 Failure X: Engima How complex was it? • 3 rotor wheel positions, 5 wheel choices (60 starting combinations) • 26 starting positions per wheel (17,576 combinations) • Wheels rotate one another… wiring to create substitutions… egads! • 107,458,687,327,250,619,360,000 keys NTX ISSA Cyber Security Conference – October 2-3, 2015 24
@NTXISSA #NTXISSACSC4 Failure X: Engima Oh, and then there was the fact that Engima operations used key encrypting keys… really! The day key was a pre-shared secret used to encrypt one-time keys called message keys. Message keys were then used to encrypt actual messages. Pretty nifty! NTX ISSA Cyber Security Conference – October 2-3, 2015 25
@NTXISSA #NTXISSACSC4 Catbert Has No Chance! • It’s true! With that many combinations and frequency of change there’s no hope for the empire of evil. • Then again, people have been known to make mistakes. • But I’m sure Alice and Dilbert wouldn’t make the same ones that their historical predecessors did. What were those again? NTX ISSA Cyber Security Conference – October 2-3, 2015 26
@NTXISSA #NTXISSACSC4 Failure X: Engima How was Enigma previously defeated? • Reuse of rotor settings • Transmission with multiple ciphers • Operators often reused the same message key multiple times (e.g. “cillies”) • Common message formats NTX ISSA Cyber Security Conference – October 2-3, 2015 27
@NTXISSA #NTXISSACSC4 Failure X: Enigma • What’s that? Dilbert has taken to using the day of the week as the message key? NTX ISSA Cyber Security Conference – October 2-3, 2015 28
@NTXISSA #NTXISSACSC4 Failure 2 NTX ISSA Cyber Security Conference – October 2-3, 2015 29
@NTXISSA #NTXISSACSC4 The Scenario Alice and Dilbert are joining the modern age. They visit each other’s houses frequently, and use each other’s wireless networks. To be extra safe, they’ve selected Wired Equivalent Privacy (WEP) to secure their network. What could possibly go wrong? Well, since WEP uses a single key that needs to be protected! NTX ISSA Cyber Security Conference – October 2-3, 2015 30
@NTXISSA #NTXISSACSC4 Failure: WEP NTX ISSA Cyber Security Conference – October 2-3, 2015 31 They know that Catbert is trying to intercept their communications, so they paid a driver to take the out in the middle of a mud field in Elbonia. Once out there, they chose a super secret password just between the two of them. This is now their wireless network password. Whew! That was close. Good thing that sharing the key is the biggest concern. Right?
@NTXISSA #NTXISSACSC4 Failure: WEP Well, maybe not JUST that… there’s also: • Poor initialization vectors (IV) size • Weak IVs • Weak key space • Poor key entry (ASCII reduces key space) • Replay/packet stimulation (when you need more IVs) • Chop-Chop Attack! NTX ISSA Cyber Security Conference – October 2-3, 2015 32
@NTXISSA #NTXISSACSC4 Failure: WEP NTX ISSA Cyber Security Conference – October 2-3, 2015 33 The only thing I like more than weak crypto is my enemies using it.
@NTXISSA #NTXISSACSC4NTX ISSA Cyber Security Conference – October 2-3, 2015 34 Will this guy ever shut up?
@NTXISSA #NTXISSACSC4 Honorable Mention • Advanced Encryption Standard (AES) – Electronic Codebook (ECB) • Same key used over and over • Block-based encryption • Known plaintext lookup! • SmashECB, for example (written by yours truly) NTX ISSA Cyber Security Conference – October 2-3, 2015 35
@NTXISSA #NTXISSACSC4 Honorable Mention • Clipper Chip – Law Enforcement Access Field • Included data necessary to recover key • Only 16-bit hash protecting it • Bypass and reuse were possible and demonstrated • Use of third party LEAF data was possible too! NTX ISSA Cyber Security Conference – October 2-3, 2015 36
@NTXISSA #NTXISSACSC4 Honorable Mention • Microsoft’s ”Golden Key” • Booting RT/ARM devices check two things: a policy (must be signed by Microsoft) and the operating system (also must be signed by Microsoft) • The “Golden Key” is a debug mode policy that was accidentally shipped, and that policy allows skipping the check for the operating system • Presto! Any OS on a Surface/WinPhone/etc. NTX ISSA Cyber Security Conference – October 2-3, 2015 37
@NTXISSA #NTXISSACSC4 Honorable Mentions And so many, many more… • WPA - Design • Dual EC DRBG - Design • MD4 – Time, mostly • NIST P- curves (ECC) – Design • Digital Encryption Standard (DES) – Design • 3 DES – Design NTX ISSA Cyber Security Conference – October 7-8, 2016 38
@NTXISSA #NTXISSACSC4 Questions If you’ve got ’em, throw ‘em. If I know the answer, I’ll give it. If I don’t, I’ll answer anyways before I disclose that I have no clue what I’m talking about. NTX ISSA Cyber Security Conference – October 2-3, 2015 39
@NTXISSA #NTXISSACSC4 Miscellaneous • Picture Credits • Mulder Image: Pascal Wagler • Dilbert Characters: Scott Adams • Engima Machine: TheHistoryBlog.com • Failure Pictures: The Internet Tubes • Find Me • Twitter: @hermit_hacker • LinkedIn: /in/bcmork NTX ISSA Cyber Security Conference – October 2-3, 2015 40
@NTXISSA #NTXISSACSC4@NTXISSA #NTXISSACSC4 The Collin College Engineering Department Collin College Student Chapter of the North Texas ISSA North Texas ISSA (Information Systems Security Association) NTX ISSA Cyber Security Conference – October 7-8, 2016 41 Thank you

Recommended

A Brief History of Cryptographic Failures
A Brief History of Cryptographic FailuresA Brief History of Cryptographic Failures
A Brief History of Cryptographic Failures
Nothing Nowhere
 
Crypto failures every developer should avoid
Crypto failures every developer should avoidCrypto failures every developer should avoid
Crypto failures every developer should avoidFilip Šebesta
 
IPv6 Security Talk mit Joe Klein
IPv6 Security Talk mit Joe KleinIPv6 Security Talk mit Joe Klein
IPv6 Security Talk mit Joe Klein
Digicomp Academy AG
 
NTXISSACSC4 - Ransomware: History Analysis & Mitigation
NTXISSACSC4 - Ransomware: History Analysis & MitigationNTXISSACSC4 - Ransomware: History Analysis & Mitigation
NTXISSACSC4 - Ransomware: History Analysis & Mitigation
North Texas Chapter of the ISSA
 
NTXISSACSC4 - The Art of Evading Anti-Virus
NTXISSACSC4 - The Art of Evading Anti-VirusNTXISSACSC4 - The Art of Evading Anti-Virus
NTXISSACSC4 - The Art of Evading Anti-Virus
North Texas Chapter of the ISSA
 
y3dips - Who Own Your Sensitive Information?
y3dips - Who Own Your Sensitive Information?y3dips - Who Own Your Sensitive Information?
y3dips - Who Own Your Sensitive Information?
Ammar WK
 
NTXISSACSC4 - Cyber Insurance – Did You Know?
NTXISSACSC4 - Cyber Insurance – Did You Know?NTXISSACSC4 - Cyber Insurance – Did You Know?
NTXISSACSC4 - Cyber Insurance – Did You Know?
North Texas Chapter of the ISSA
 
Hackers are innocent
Hackers are innocentHackers are innocent
Hackers are innocent
danish3
 

Recommended

A Brief History of Cryptographic Failures
A Brief History of Cryptographic FailuresA Brief History of Cryptographic Failures
A Brief History of Cryptographic Failures
Nothing Nowhere
 
Crypto failures every developer should avoid
Crypto failures every developer should avoidCrypto failures every developer should avoid
Crypto failures every developer should avoidFilip Šebesta
 
IPv6 Security Talk mit Joe Klein
IPv6 Security Talk mit Joe KleinIPv6 Security Talk mit Joe Klein
IPv6 Security Talk mit Joe Klein
Digicomp Academy AG
 
NTXISSACSC4 - Ransomware: History Analysis & Mitigation
NTXISSACSC4 - Ransomware: History Analysis & MitigationNTXISSACSC4 - Ransomware: History Analysis & Mitigation
NTXISSACSC4 - Ransomware: History Analysis & Mitigation
North Texas Chapter of the ISSA
 
NTXISSACSC4 - The Art of Evading Anti-Virus
NTXISSACSC4 - The Art of Evading Anti-VirusNTXISSACSC4 - The Art of Evading Anti-Virus
NTXISSACSC4 - The Art of Evading Anti-Virus
North Texas Chapter of the ISSA
 
y3dips - Who Own Your Sensitive Information?
y3dips - Who Own Your Sensitive Information?y3dips - Who Own Your Sensitive Information?
y3dips - Who Own Your Sensitive Information?
Ammar WK
 
NTXISSACSC4 - Cyber Insurance – Did You Know?
NTXISSACSC4 - Cyber Insurance – Did You Know?NTXISSACSC4 - Cyber Insurance – Did You Know?
NTXISSACSC4 - Cyber Insurance – Did You Know?
North Texas Chapter of the ISSA
 
Hackers are innocent
Hackers are innocentHackers are innocent
Hackers are innocent
danish3
 
NTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard
NTXISSACSC4 - Red, Amber, Green Status: The Human DashboardNTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard
NTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard
North Texas Chapter of the ISSA
 
NTXISSACSC3 - Cyber Warfare: Identifying Attackers Hiding Amongst the Flock b...
NTXISSACSC3 - Cyber Warfare: Identifying Attackers Hiding Amongst the Flock b...NTXISSACSC3 - Cyber Warfare: Identifying Attackers Hiding Amongst the Flock b...
NTXISSACSC3 - Cyber Warfare: Identifying Attackers Hiding Amongst the Flock b...
North Texas Chapter of the ISSA
 
Hacking Closed Networks
Hacking Closed NetworksHacking Closed Networks
Hacking Closed Networks
Priyanka Aash
 
Analyzing and Defending from Modern Internet Threats
Analyzing and Defending from Modern Internet ThreatsAnalyzing and Defending from Modern Internet Threats
Analyzing and Defending from Modern Internet Threats
NECST Lab @ Politecnico di Milano
 
GreyNoise - Lowering Signal To Noise
GreyNoise - Lowering Signal To NoiseGreyNoise - Lowering Signal To Noise
GreyNoise - Lowering Signal To Noise
Andrew Morris
 
Defcon Crypto Village - OPSEC Concerns in Using Crypto
Defcon Crypto Village - OPSEC Concerns in Using CryptoDefcon Crypto Village - OPSEC Concerns in Using Crypto
Defcon Crypto Village - OPSEC Concerns in Using Crypto
John Bambenek
 
"There's a pot of Bitcoins behind the ransomware rainbow"
"There's a pot of Bitcoins behind the ransomware rainbow""There's a pot of Bitcoins behind the ransomware rainbow"
"There's a pot of Bitcoins behind the ransomware rainbow"
Christiaan Beek
 
Advantage Technology - Ransomware and the NIST Cybersecurity Framework
Advantage Technology - Ransomware and the NIST Cybersecurity FrameworkAdvantage Technology - Ransomware and the NIST Cybersecurity Framework
Advantage Technology - Ransomware and the NIST Cybersecurity Framework
Jack Shaffer
 
"Giving the bad guys no sleep"
"Giving the bad guys no sleep""Giving the bad guys no sleep"
"Giving the bad guys no sleep"
Christiaan Beek
 
NTXISSACSC4 - Array Networks - A Layered Approach to Web and Application Secu...
NTXISSACSC4 - Array Networks - A Layered Approach to Web and Application Secu...NTXISSACSC4 - Array Networks - A Layered Approach to Web and Application Secu...
NTXISSACSC4 - Array Networks - A Layered Approach to Web and Application Secu...
North Texas Chapter of the ISSA
 
Offensive malware usage and defense
Offensive malware usage and defenseOffensive malware usage and defense
Offensive malware usage and defense
Christiaan Beek
 
ANALYZE'15 - Bulk Malware Analysis at Scale
ANALYZE'15 - Bulk Malware Analysis at ScaleANALYZE'15 - Bulk Malware Analysis at Scale
ANALYZE'15 - Bulk Malware Analysis at Scale
John Bambenek
 
Information security in the starbucks generation
Information security in the starbucks generationInformation security in the starbucks generation
Information security in the starbucks generation
Tony Lauro
 
NTXISSACSC4 - Mitigating Security Risks in Vendor Agreements
NTXISSACSC4 - Mitigating Security Risks in Vendor AgreementsNTXISSACSC4 - Mitigating Security Risks in Vendor Agreements
NTXISSACSC4 - Mitigating Security Risks in Vendor Agreements
North Texas Chapter of the ISSA
 
Hacking Exposed: The Mac Attack
Hacking Exposed: The Mac AttackHacking Exposed: The Mac Attack
Hacking Exposed: The Mac Attack
Priyanka Aash
 
20 security
20 security20 security
20 securityabiy2004
 
From Strategy To Tactics - Targeting And Protecting Privileged Accounts
From Strategy To Tactics - Targeting And Protecting Privileged AccountsFrom Strategy To Tactics - Targeting And Protecting Privileged Accounts
From Strategy To Tactics - Targeting And Protecting Privileged Accounts
Lavi Lazarovitz
 
cryptography deepan fav subject
cryptography deepan fav subjectcryptography deepan fav subject
cryptography deepan fav subject
deepan v
 
JS Fest 2019. Анастасия Войтова. "Defense in depth": trench warfare principle...
JS Fest 2019. Анастасия Войтова. "Defense in depth": trench warfare principle...JS Fest 2019. Анастасия Войтова. "Defense in depth": trench warfare principle...
JS Fest 2019. Анастасия Войтова. "Defense in depth": trench warfare principle...
JSFestUA
 
The 4horsemen of ics secapocalypse
The 4horsemen of ics secapocalypseThe 4horsemen of ics secapocalypse
The 4horsemen of ics secapocalypse
Christiaan Beek
 
Alkanes
AlkanesAlkanes
Alkanes
srinidhimateti
 
RS powerpoint
RS powerpointRS powerpoint
RS powerpointSpencer Podsiadlo
 

More Related Content

What's hot

NTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard
NTXISSACSC4 - Red, Amber, Green Status: The Human DashboardNTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard
NTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard
North Texas Chapter of the ISSA
 
NTXISSACSC3 - Cyber Warfare: Identifying Attackers Hiding Amongst the Flock b...
NTXISSACSC3 - Cyber Warfare: Identifying Attackers Hiding Amongst the Flock b...NTXISSACSC3 - Cyber Warfare: Identifying Attackers Hiding Amongst the Flock b...
NTXISSACSC3 - Cyber Warfare: Identifying Attackers Hiding Amongst the Flock b...
North Texas Chapter of the ISSA
 
Hacking Closed Networks
Hacking Closed NetworksHacking Closed Networks
Hacking Closed Networks
Priyanka Aash
 
Analyzing and Defending from Modern Internet Threats
Analyzing and Defending from Modern Internet ThreatsAnalyzing and Defending from Modern Internet Threats
Analyzing and Defending from Modern Internet Threats
NECST Lab @ Politecnico di Milano
 
GreyNoise - Lowering Signal To Noise
GreyNoise - Lowering Signal To NoiseGreyNoise - Lowering Signal To Noise
GreyNoise - Lowering Signal To Noise
Andrew Morris
 
Defcon Crypto Village - OPSEC Concerns in Using Crypto
Defcon Crypto Village - OPSEC Concerns in Using CryptoDefcon Crypto Village - OPSEC Concerns in Using Crypto
Defcon Crypto Village - OPSEC Concerns in Using Crypto
John Bambenek
 
"There's a pot of Bitcoins behind the ransomware rainbow"
"There's a pot of Bitcoins behind the ransomware rainbow""There's a pot of Bitcoins behind the ransomware rainbow"
"There's a pot of Bitcoins behind the ransomware rainbow"
Christiaan Beek
 
Advantage Technology - Ransomware and the NIST Cybersecurity Framework
Advantage Technology - Ransomware and the NIST Cybersecurity FrameworkAdvantage Technology - Ransomware and the NIST Cybersecurity Framework
Advantage Technology - Ransomware and the NIST Cybersecurity Framework
Jack Shaffer
 
"Giving the bad guys no sleep"
"Giving the bad guys no sleep""Giving the bad guys no sleep"
"Giving the bad guys no sleep"
Christiaan Beek
 
NTXISSACSC4 - Array Networks - A Layered Approach to Web and Application Secu...
NTXISSACSC4 - Array Networks - A Layered Approach to Web and Application Secu...NTXISSACSC4 - Array Networks - A Layered Approach to Web and Application Secu...
NTXISSACSC4 - Array Networks - A Layered Approach to Web and Application Secu...
North Texas Chapter of the ISSA
 
Offensive malware usage and defense
Offensive malware usage and defenseOffensive malware usage and defense
Offensive malware usage and defense
Christiaan Beek
 
ANALYZE'15 - Bulk Malware Analysis at Scale
ANALYZE'15 - Bulk Malware Analysis at ScaleANALYZE'15 - Bulk Malware Analysis at Scale
ANALYZE'15 - Bulk Malware Analysis at Scale
John Bambenek
 
Information security in the starbucks generation
Information security in the starbucks generationInformation security in the starbucks generation
Information security in the starbucks generation
Tony Lauro
 
NTXISSACSC4 - Mitigating Security Risks in Vendor Agreements
NTXISSACSC4 - Mitigating Security Risks in Vendor AgreementsNTXISSACSC4 - Mitigating Security Risks in Vendor Agreements
NTXISSACSC4 - Mitigating Security Risks in Vendor Agreements
North Texas Chapter of the ISSA
 
Hacking Exposed: The Mac Attack
Hacking Exposed: The Mac AttackHacking Exposed: The Mac Attack
Hacking Exposed: The Mac Attack
Priyanka Aash
 
20 security
20 security20 security
20 securityabiy2004
 
From Strategy To Tactics - Targeting And Protecting Privileged Accounts
From Strategy To Tactics - Targeting And Protecting Privileged AccountsFrom Strategy To Tactics - Targeting And Protecting Privileged Accounts
From Strategy To Tactics - Targeting And Protecting Privileged Accounts
Lavi Lazarovitz
 
cryptography deepan fav subject
cryptography deepan fav subjectcryptography deepan fav subject
cryptography deepan fav subject
deepan v
 
JS Fest 2019. Анастасия Войтова. "Defense in depth": trench warfare principle...
JS Fest 2019. Анастасия Войтова. "Defense in depth": trench warfare principle...JS Fest 2019. Анастасия Войтова. "Defense in depth": trench warfare principle...
JS Fest 2019. Анастасия Войтова. "Defense in depth": trench warfare principle...
JSFestUA
 
The 4horsemen of ics secapocalypse
The 4horsemen of ics secapocalypseThe 4horsemen of ics secapocalypse
The 4horsemen of ics secapocalypse
Christiaan Beek
 

What's hot (20)

NTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard
NTXISSACSC4 - Red, Amber, Green Status: The Human DashboardNTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard
NTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard
 
NTXISSACSC3 - Cyber Warfare: Identifying Attackers Hiding Amongst the Flock b...
NTXISSACSC3 - Cyber Warfare: Identifying Attackers Hiding Amongst the Flock b...NTXISSACSC3 - Cyber Warfare: Identifying Attackers Hiding Amongst the Flock b...
NTXISSACSC3 - Cyber Warfare: Identifying Attackers Hiding Amongst the Flock b...
 
Hacking Closed Networks
Hacking Closed NetworksHacking Closed Networks
Hacking Closed Networks
 
Analyzing and Defending from Modern Internet Threats
Analyzing and Defending from Modern Internet ThreatsAnalyzing and Defending from Modern Internet Threats
Analyzing and Defending from Modern Internet Threats
 
GreyNoise - Lowering Signal To Noise
GreyNoise - Lowering Signal To NoiseGreyNoise - Lowering Signal To Noise
GreyNoise - Lowering Signal To Noise
 
Defcon Crypto Village - OPSEC Concerns in Using Crypto
Defcon Crypto Village - OPSEC Concerns in Using CryptoDefcon Crypto Village - OPSEC Concerns in Using Crypto
Defcon Crypto Village - OPSEC Concerns in Using Crypto
 
"There's a pot of Bitcoins behind the ransomware rainbow"
"There's a pot of Bitcoins behind the ransomware rainbow""There's a pot of Bitcoins behind the ransomware rainbow"
"There's a pot of Bitcoins behind the ransomware rainbow"
 
Advantage Technology - Ransomware and the NIST Cybersecurity Framework
Advantage Technology - Ransomware and the NIST Cybersecurity FrameworkAdvantage Technology - Ransomware and the NIST Cybersecurity Framework
Advantage Technology - Ransomware and the NIST Cybersecurity Framework
 
"Giving the bad guys no sleep"
"Giving the bad guys no sleep""Giving the bad guys no sleep"
"Giving the bad guys no sleep"
 
NTXISSACSC4 - Array Networks - A Layered Approach to Web and Application Secu...
NTXISSACSC4 - Array Networks - A Layered Approach to Web and Application Secu...NTXISSACSC4 - Array Networks - A Layered Approach to Web and Application Secu...
NTXISSACSC4 - Array Networks - A Layered Approach to Web and Application Secu...
 
Offensive malware usage and defense
Offensive malware usage and defenseOffensive malware usage and defense
Offensive malware usage and defense
 
ANALYZE'15 - Bulk Malware Analysis at Scale
ANALYZE'15 - Bulk Malware Analysis at ScaleANALYZE'15 - Bulk Malware Analysis at Scale
ANALYZE'15 - Bulk Malware Analysis at Scale
 
Information security in the starbucks generation
Information security in the starbucks generationInformation security in the starbucks generation
Information security in the starbucks generation
 
NTXISSACSC4 - Mitigating Security Risks in Vendor Agreements
NTXISSACSC4 - Mitigating Security Risks in Vendor AgreementsNTXISSACSC4 - Mitigating Security Risks in Vendor Agreements
NTXISSACSC4 - Mitigating Security Risks in Vendor Agreements
 
Hacking Exposed: The Mac Attack
Hacking Exposed: The Mac AttackHacking Exposed: The Mac Attack
Hacking Exposed: The Mac Attack
 
20 security
20 security20 security
20 security
 
From Strategy To Tactics - Targeting And Protecting Privileged Accounts
From Strategy To Tactics - Targeting And Protecting Privileged AccountsFrom Strategy To Tactics - Targeting And Protecting Privileged Accounts
From Strategy To Tactics - Targeting And Protecting Privileged Accounts
 
cryptography deepan fav subject
cryptography deepan fav subjectcryptography deepan fav subject
cryptography deepan fav subject
 
JS Fest 2019. Анастасия Войтова. "Defense in depth": trench warfare principle...
JS Fest 2019. Анастасия Войтова. "Defense in depth": trench warfare principle...JS Fest 2019. Анастасия Войтова. "Defense in depth": trench warfare principle...
JS Fest 2019. Анастасия Войтова. "Defense in depth": trench warfare principle...
 
The 4horsemen of ics secapocalypse
The 4horsemen of ics secapocalypseThe 4horsemen of ics secapocalypse
The 4horsemen of ics secapocalypse
 

Viewers also liked

Alkanes
AlkanesAlkanes
Alkanes
srinidhimateti
 
Overview of TCP IP
Overview of TCP IPOverview of TCP IP
Overview of TCP IP
university of education,Lahore
 
Semana 6 - Enrutamiento
Semana 6 - EnrutamientoSemana 6 - Enrutamiento
Semana 6 - Enrutamiento
Julio Antonio Huaman Chuque
 
React & Redux in Hulu
React & Redux in HuluReact & Redux in Hulu
React & Redux in Hulu
Morgan Cheng
 
Generating searchable public key ciphertexts
Generating searchable public key ciphertextsGenerating searchable public key ciphertexts
Generating searchable public key ciphertexts
jpstudcorner
 
Power Leveling your TypeScript
Power Leveling your TypeScriptPower Leveling your TypeScript
Power Leveling your TypeScript
Offirmo
 
tcp_udp [Redes de Computadoras] [Semana 7]
tcp_udp [Redes de Computadoras] [Semana 7]tcp_udp [Redes de Computadoras] [Semana 7]
tcp_udp [Redes de Computadoras] [Semana 7]
Julio Antonio Huaman Chuque
 
Advanced JAVA
Advanced JAVAAdvanced JAVA
Advanced JAVA
Rajvi Vaghasiya
 
PROTOCOLO TCP/IP
PROTOCOLO TCP/IP PROTOCOLO TCP/IP
PROTOCOLO TCP/IP
Bogdan Kaleb García Rivera 101
 
Oldcastle Precast Spokane - Urban Modular Construction - The Grand Hotel
Oldcastle Precast Spokane - Urban Modular Construction - The Grand HotelOldcastle Precast Spokane - Urban Modular Construction - The Grand Hotel
Oldcastle Precast Spokane - Urban Modular Construction - The Grand HotelBlake Johnson
 
Project Scheduling, Planning and Risk Management
Project Scheduling, Planning and Risk ManagementProject Scheduling, Planning and Risk Management
Project Scheduling, Planning and Risk Management
university of education,Lahore
 

Viewers also liked (12)

Alkanes
AlkanesAlkanes
Alkanes
 
RS powerpoint
RS powerpointRS powerpoint
RS powerpoint
 
Overview of TCP IP
Overview of TCP IPOverview of TCP IP
Overview of TCP IP
 
Semana 6 - Enrutamiento
Semana 6 - EnrutamientoSemana 6 - Enrutamiento
Semana 6 - Enrutamiento
 
React & Redux in Hulu
React & Redux in HuluReact & Redux in Hulu
React & Redux in Hulu
 
Generating searchable public key ciphertexts
Generating searchable public key ciphertextsGenerating searchable public key ciphertexts
Generating searchable public key ciphertexts
 
Power Leveling your TypeScript
Power Leveling your TypeScriptPower Leveling your TypeScript
Power Leveling your TypeScript
 
tcp_udp [Redes de Computadoras] [Semana 7]
tcp_udp [Redes de Computadoras] [Semana 7]tcp_udp [Redes de Computadoras] [Semana 7]
tcp_udp [Redes de Computadoras] [Semana 7]
 
Advanced JAVA
Advanced JAVAAdvanced JAVA
Advanced JAVA
 
PROTOCOLO TCP/IP
PROTOCOLO TCP/IP PROTOCOLO TCP/IP
PROTOCOLO TCP/IP
 
Oldcastle Precast Spokane - Urban Modular Construction - The Grand Hotel
Oldcastle Precast Spokane - Urban Modular Construction - The Grand HotelOldcastle Precast Spokane - Urban Modular Construction - The Grand Hotel
Oldcastle Precast Spokane - Urban Modular Construction - The Grand Hotel
 
Project Scheduling, Planning and Risk Management
Project Scheduling, Planning and Risk ManagementProject Scheduling, Planning and Risk Management
Project Scheduling, Planning and Risk Management
 

Similar to A Brief History of Cryptographic Failures - Mork

NTXISSACSC4 - A Brief History of Cryptographic Failures
NTXISSACSC4 - A Brief History of Cryptographic FailuresNTXISSACSC4 - A Brief History of Cryptographic Failures
NTXISSACSC4 - A Brief History of Cryptographic Failures
North Texas Chapter of the ISSA
 
NTXISSACSC3 - Metasploit Year in Review by James Lee
NTXISSACSC3 - Metasploit Year in Review by James LeeNTXISSACSC3 - Metasploit Year in Review by James Lee
NTXISSACSC3 - Metasploit Year in Review by James Lee
North Texas Chapter of the ISSA
 
NTXISSACSC3 - Find, Fix, Finish ... Tracking the Real Bad Guys in Cyberspace ...
NTXISSACSC3 - Find, Fix, Finish ... Tracking the Real Bad Guys in Cyberspace ...NTXISSACSC3 - Find, Fix, Finish ... Tracking the Real Bad Guys in Cyberspace ...
NTXISSACSC3 - Find, Fix, Finish ... Tracking the Real Bad Guys in Cyberspace ...
North Texas Chapter of the ISSA
 
Ntxissacsc5 purple 5-insider threat-_andy_thompson
Ntxissacsc5 purple 5-insider threat-_andy_thompsonNtxissacsc5 purple 5-insider threat-_andy_thompson
Ntxissacsc5 purple 5-insider threat-_andy_thompson
North Texas Chapter of the ISSA
 
NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...
NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...
NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...
North Texas Chapter of the ISSA
 
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczul
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczulNtxissacsc5 purple 4-threat detection using machine learning-markszewczul
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczul
North Texas Chapter of the ISSA
 
NTXISSACSC3 - Critical Criteria for (Cloud) Workload Security by Steve Armend...
NTXISSACSC3 - Critical Criteria for (Cloud) Workload Security by Steve Armend...NTXISSACSC3 - Critical Criteria for (Cloud) Workload Security by Steve Armend...
NTXISSACSC3 - Critical Criteria for (Cloud) Workload Security by Steve Armend...
North Texas Chapter of the ISSA
 
Social Engineering 101 or The Art of How You Got Owned by That Random Stranger
Social Engineering 101 or The Art of How You Got Owned by That Random StrangerSocial Engineering 101 or The Art of How You Got Owned by That Random Stranger
Social Engineering 101 or The Art of How You Got Owned by That Random Stranger
Steven Hatfield
 
NTXISSACSC2 - Social Engineering 101 or The Art of How You Got Owned by That ...
NTXISSACSC2 - Social Engineering 101 or The Art of How You Got Owned by That ...NTXISSACSC2 - Social Engineering 101 or The Art of How You Got Owned by That ...
NTXISSACSC2 - Social Engineering 101 or The Art of How You Got Owned by That ...
North Texas Chapter of the ISSA
 
Ntxissacsc5 blue 4-the-attack_life_cycle_erich_mueller
Ntxissacsc5 blue 4-the-attack_life_cycle_erich_muellerNtxissacsc5 blue 4-the-attack_life_cycle_erich_mueller
Ntxissacsc5 blue 4-the-attack_life_cycle_erich_mueller
North Texas Chapter of the ISSA
 
Ntxissacsc5 gold 1 mimecast e mail resiliency
Ntxissacsc5 gold 1 mimecast e mail resiliencyNtxissacsc5 gold 1 mimecast e mail resiliency
Ntxissacsc5 gold 1 mimecast e mail resiliency
North Texas Chapter of the ISSA
 
Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowicz
Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowiczNtxissacsc5 gold 1--mimecast email resiliency- erez-haimowicz
Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowicz
North Texas Chapter of the ISSA
 
Fundamentals of Network security
Fundamentals of Network securityFundamentals of Network security
Fundamentals of Network security
APNIC
 
5 Cryptography Part1
5 Cryptography Part15 Cryptography Part1
5 Cryptography Part1
Alfred Ouyang
 
2015 rsac-waitwait-markmiller-final-150423172349-conversion-gate02-2
2015 rsac-waitwait-markmiller-final-150423172349-conversion-gate02-22015 rsac-waitwait-markmiller-final-150423172349-conversion-gate02-2
2015 rsac-waitwait-markmiller-final-150423172349-conversion-gate02-2
Sonatype
 
Wait Wait... don't pwn me! at RSA Conference 2015
Wait Wait... don't pwn me! at RSA Conference 2015Wait Wait... don't pwn me! at RSA Conference 2015
Wait Wait... don't pwn me! at RSA Conference 2015
Mark Miller
 
Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017
Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017
Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017
FRSecure
 
NTXISSACSC4 - Detecting and Catching the Bad Guys Using Deception
NTXISSACSC4 - Detecting and Catching the Bad Guys Using DeceptionNTXISSACSC4 - Detecting and Catching the Bad Guys Using Deception
NTXISSACSC4 - Detecting and Catching the Bad Guys Using Deception
North Texas Chapter of the ISSA
 
A chip to protect IOT
A chip to protect IOTA chip to protect IOT
A chip to protect IOT
NarayanlalMenariya
 
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeqNtxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
North Texas Chapter of the ISSA
 

Similar to A Brief History of Cryptographic Failures - Mork (20)

NTXISSACSC4 - A Brief History of Cryptographic Failures
NTXISSACSC4 - A Brief History of Cryptographic FailuresNTXISSACSC4 - A Brief History of Cryptographic Failures
NTXISSACSC4 - A Brief History of Cryptographic Failures
 
NTXISSACSC3 - Metasploit Year in Review by James Lee
NTXISSACSC3 - Metasploit Year in Review by James LeeNTXISSACSC3 - Metasploit Year in Review by James Lee
NTXISSACSC3 - Metasploit Year in Review by James Lee
 
NTXISSACSC3 - Find, Fix, Finish ... Tracking the Real Bad Guys in Cyberspace ...
NTXISSACSC3 - Find, Fix, Finish ... Tracking the Real Bad Guys in Cyberspace ...NTXISSACSC3 - Find, Fix, Finish ... Tracking the Real Bad Guys in Cyberspace ...
NTXISSACSC3 - Find, Fix, Finish ... Tracking the Real Bad Guys in Cyberspace ...
 
Ntxissacsc5 purple 5-insider threat-_andy_thompson
Ntxissacsc5 purple 5-insider threat-_andy_thompsonNtxissacsc5 purple 5-insider threat-_andy_thompson
Ntxissacsc5 purple 5-insider threat-_andy_thompson
 
NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...
NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...
NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...
 
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczul
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczulNtxissacsc5 purple 4-threat detection using machine learning-markszewczul
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczul
 
NTXISSACSC3 - Critical Criteria for (Cloud) Workload Security by Steve Armend...
NTXISSACSC3 - Critical Criteria for (Cloud) Workload Security by Steve Armend...NTXISSACSC3 - Critical Criteria for (Cloud) Workload Security by Steve Armend...
NTXISSACSC3 - Critical Criteria for (Cloud) Workload Security by Steve Armend...
 
Social Engineering 101 or The Art of How You Got Owned by That Random Stranger
Social Engineering 101 or The Art of How You Got Owned by That Random StrangerSocial Engineering 101 or The Art of How You Got Owned by That Random Stranger
Social Engineering 101 or The Art of How You Got Owned by That Random Stranger
 
NTXISSACSC2 - Social Engineering 101 or The Art of How You Got Owned by That ...
NTXISSACSC2 - Social Engineering 101 or The Art of How You Got Owned by That ...NTXISSACSC2 - Social Engineering 101 or The Art of How You Got Owned by That ...
NTXISSACSC2 - Social Engineering 101 or The Art of How You Got Owned by That ...
 
Ntxissacsc5 blue 4-the-attack_life_cycle_erich_mueller
Ntxissacsc5 blue 4-the-attack_life_cycle_erich_muellerNtxissacsc5 blue 4-the-attack_life_cycle_erich_mueller
Ntxissacsc5 blue 4-the-attack_life_cycle_erich_mueller
 
Ntxissacsc5 gold 1 mimecast e mail resiliency
Ntxissacsc5 gold 1 mimecast e mail resiliencyNtxissacsc5 gold 1 mimecast e mail resiliency
Ntxissacsc5 gold 1 mimecast e mail resiliency
 
Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowicz
Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowiczNtxissacsc5 gold 1--mimecast email resiliency- erez-haimowicz
Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowicz
 
Fundamentals of Network security
Fundamentals of Network securityFundamentals of Network security
Fundamentals of Network security
 
5 Cryptography Part1
5 Cryptography Part15 Cryptography Part1
5 Cryptography Part1
 
2015 rsac-waitwait-markmiller-final-150423172349-conversion-gate02-2
2015 rsac-waitwait-markmiller-final-150423172349-conversion-gate02-22015 rsac-waitwait-markmiller-final-150423172349-conversion-gate02-2
2015 rsac-waitwait-markmiller-final-150423172349-conversion-gate02-2
 
Wait Wait... don't pwn me! at RSA Conference 2015
Wait Wait... don't pwn me! at RSA Conference 2015Wait Wait... don't pwn me! at RSA Conference 2015
Wait Wait... don't pwn me! at RSA Conference 2015
 
Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017
Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017
Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017
 
NTXISSACSC4 - Detecting and Catching the Bad Guys Using Deception
NTXISSACSC4 - Detecting and Catching the Bad Guys Using DeceptionNTXISSACSC4 - Detecting and Catching the Bad Guys Using Deception
NTXISSACSC4 - Detecting and Catching the Bad Guys Using Deception
 
A chip to protect IOT
A chip to protect IOTA chip to protect IOT
A chip to protect IOT
 
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeqNtxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
 

A Brief History of Cryptographic Failures - Mork

  • 1. @NTXISSA #NTXISSACSC4 A Brief History of Cryptographic Failures Brian Mork CISO Celanese 2016-10-07
  • 2. @NTXISSA #NTXISSACSC4 Who Am I? • CISO at S&P 500/Fortune 500 company • Former air-drop hacker, security engineer, penetration tester, RF simulation engineer, electronics intelligence expert, optician’s assistant, newspaper delivery boy, software pirate, party organizer, and short order cook. • Also known as “Hermit” within the information security/hacker community NTX ISSA Cyber Security Conference – October 2-3, 2015 2
  • 3. @NTXISSA #NTXISSACSC4 DISCLAIMERS • I’m not an expert in cryptography • While I take cryptography seriously, I don’t take myself seriously • I used pictures from the Internet. I’ve listed the sources I know on the second to last slide. • If we can’t have fun with this… NTX ISSA Cyber Security Conference – October 2-3, 2015 3
  • 4. @NTXISSA #NTXISSACSC4 Well, then… NTX ISSA Cyber Security Conference – October 2-3, 2015 4
  • 5. @NTXISSA #NTXISSACSC4 Agenda • What is Cryptography? • Why Cryptography? • Our Cast • The Failures • Honorable Mentions • Q&A NTX ISSA Cyber Security Conference – October 7-8, 2016 5
  • 6. @NTXISSA #NTXISSACSC4 What Is Cryptography? “The process of writing or reading secret messages or codes.” - Miriam Webster Dictionary “The art of writing or solving codes.” - Oxford English Dictionary “The scientific field of study related to protecting or verifying information.” - Brian Mork NTX ISSA Cyber Security Conference – October 2-3, 2015 6
  • 7. @NTXISSA #NTXISSACSC4 Why Cryptography? • Because you lack trust in… something… • Transmission mediums • Integrity of communications • Other people • Governments • Cigarette smoking men • Etc. NTX ISSA Cyber Security Conference – October 2-3, 2015 7
  • 8. @NTXISSA #NTXISSACSC4 Our Cast In traditional cryptographic discussions we would consider the following actors: • Alice – Someone sending information • Bob – Someone receiving information • Eve – Someone eavesdropping All because Ron Rivest (of RSA fame) used such terms back in the 1970s. NTX ISSA Cyber Security Conference – October 2-3, 2015 8
  • 9. @NTXISSA #NTXISSACSC4 Our REAL Cast Times have changed, and we need heroes who reflect those times… NTX ISSA Cyber Security Conference – October 2-3, 2015 9 Alice, as… well… Alice … Dilbert, as Bob … … and Catbert, as Eve. Or evil. Either one/both.
  • 10. @NTXISSA #NTXISSACSC4 And now here’s something we hope you’ll really like! NTX ISSA Cyber Security Conference – October 2-3, 2015 10
  • 11. @NTXISSA #NTXISSACSC4 Failure One NTX ISSA Cyber Security Conference – October 2-3, 2015 11 REGULAR FAIL
  • 12. @NTXISSA #NTXISSACSC4 The Scenario Alice and Dilbert set up a secure website. It’s amazing. It was hacker proof (just trust me on this one), with an official certificate and everything. Unfortunately, their agents used browsers that still trusted root certificate authorities that used MD5 for hashing. NTX ISSA Cyber Security Conference – October 2-3, 2015 12
  • 13. @NTXISSA #NTXISSACSC4 Failure: MD5 Certificate So what is MD5? • Hashing algorithm • Vulnerable to collisions • Was still used through 2008 by certificate authorities NTX ISSA Cyber Security Conference – October 2-3, 2015 13
  • 14. @NTXISSA #NTXISSACSC4 Failure: MD5 Collisions What is a collision? It’s when two different inputs create the same output. Why is that bad? Because… that’s exactly what it’s not supposed to do! NTX ISSA Cyber Security Conference – October 2-3, 2015 14
  • 15. @NTXISSA #NTXISSACSC4 Failure: MD5 Collisions How can we make that worse? By having a condition where two different inputs share a function or format, such as documents and executables Or, I don’t know… cryptographic material NTX ISSA Cyber Security Conference – October 2-3, 2015 15
  • 16. @NTXISSA #NTXISSACSC4 Failure: MD5 Collisions The first MD5 collision was in 2004. By 2007 colliding executables, documents, and more were possible and had been demonstrated, due to chosen-prefix collisions. Enter the fake certificate authority! NTX ISSA Cyber Security Conference – October 2-3, 2015 16
  • 17. @NTXISSA #NTXISSACSC4 Failure: MD5 Collisions Step 1: Generate a pair of certificates with the same hash but different characteristics (e.g. make one a CA that can sign anything). Step 2: Get the benign certificate signed by a ”real” CA and copy that signature to the malicious one. Step 3: Profit NTX ISSA Cyber Security Conference – October 2-3, 2015 17
  • 18. @NTXISSA #NTXISSACSC4 Failure: MD5 Collisions NTX ISSA Cyber Security Conference – October 2-3, 2015 18
  • 19. @NTXISSA #NTXISSACSC4 Failure: MD5 Collisions And what does that give you? A certificate that can sign literally anything, and which validates back to a trusted root certificate authority. I am Google Microsoft Mr. Robot Whomever I want to be! NTX ISSA Cyber Security Conference – October 2-3, 2015 19
  • 20. @NTXISSA #NTXISSACSC4 Failure: MD5 Collisions NTX ISSA Cyber Security Conference – October 2-3, 2015 20 I am Dilbert. You can trust this because Alice said I am. Now tell me all your secrets. They’re safe with me.
  • 21. @NTXISSA #NTXISSACSC4 Failure Two NTX ISSA Cyber Security Conference – October 2-3, 2015 21
  • 22. @NTXISSA #NTXISSACSC4 The Scenario • In an alternate dimension, Alice has ascended to lead a military force against the evil feline nation of Catbertia. • Dilbert, her lead general, needs to communicate securely with her. • They decide to deploy one of the most effective physical cryptographic systems ever made… the enigmatic… er… Enigma. NTX ISSA Cyber Security Conference – October 2-3, 2015 22
  • 23. @NTXISSA #NTXISSACSC4 Failure X: Enigma This is the Engima. It was a beauty of engineering. Multiple rotors, each input changed the next encoding, easy to operate and fiendishly difficult to brute force. NTX ISSA Cyber Security Conference – October 2-3, 2015 23
  • 24. @NTXISSA #NTXISSACSC4 Failure X: Engima How complex was it? • 3 rotor wheel positions, 5 wheel choices (60 starting combinations) • 26 starting positions per wheel (17,576 combinations) • Wheels rotate one another… wiring to create substitutions… egads! • 107,458,687,327,250,619,360,000 keys NTX ISSA Cyber Security Conference – October 2-3, 2015 24
  • 25. @NTXISSA #NTXISSACSC4 Failure X: Engima Oh, and then there was the fact that Engima operations used key encrypting keys… really! The day key was a pre-shared secret used to encrypt one-time keys called message keys. Message keys were then used to encrypt actual messages. Pretty nifty! NTX ISSA Cyber Security Conference – October 2-3, 2015 25
  • 26. @NTXISSA #NTXISSACSC4 Catbert Has No Chance! • It’s true! With that many combinations and frequency of change there’s no hope for the empire of evil. • Then again, people have been known to make mistakes. • But I’m sure Alice and Dilbert wouldn’t make the same ones that their historical predecessors did. What were those again? NTX ISSA Cyber Security Conference – October 2-3, 2015 26
  • 27. @NTXISSA #NTXISSACSC4 Failure X: Engima How was Enigma previously defeated? • Reuse of rotor settings • Transmission with multiple ciphers • Operators often reused the same message key multiple times (e.g. “cillies”) • Common message formats NTX ISSA Cyber Security Conference – October 2-3, 2015 27
  • 28. @NTXISSA #NTXISSACSC4 Failure X: Enigma • What’s that? Dilbert has taken to using the day of the week as the message key? NTX ISSA Cyber Security Conference – October 2-3, 2015 28
  • 29. @NTXISSA #NTXISSACSC4 Failure 2 NTX ISSA Cyber Security Conference – October 2-3, 2015 29
  • 30. @NTXISSA #NTXISSACSC4 The Scenario Alice and Dilbert are joining the modern age. They visit each other’s houses frequently, and use each other’s wireless networks. To be extra safe, they’ve selected Wired Equivalent Privacy (WEP) to secure their network. What could possibly go wrong? Well, since WEP uses a single key that needs to be protected! NTX ISSA Cyber Security Conference – October 2-3, 2015 30
  • 31. @NTXISSA #NTXISSACSC4 Failure: WEP NTX ISSA Cyber Security Conference – October 2-3, 2015 31 They know that Catbert is trying to intercept their communications, so they paid a driver to take the out in the middle of a mud field in Elbonia. Once out there, they chose a super secret password just between the two of them. This is now their wireless network password. Whew! That was close. Good thing that sharing the key is the biggest concern. Right?
  • 32. @NTXISSA #NTXISSACSC4 Failure: WEP Well, maybe not JUST that… there’s also: • Poor initialization vectors (IV) size • Weak IVs • Weak key space • Poor key entry (ASCII reduces key space) • Replay/packet stimulation (when you need more IVs) • Chop-Chop Attack! NTX ISSA Cyber Security Conference – October 2-3, 2015 32
  • 33. @NTXISSA #NTXISSACSC4 Failure: WEP NTX ISSA Cyber Security Conference – October 2-3, 2015 33 The only thing I like more than weak crypto is my enemies using it.
  • 34. @NTXISSA #NTXISSACSC4NTX ISSA Cyber Security Conference – October 2-3, 2015 34 Will this guy ever shut up?
  • 35. @NTXISSA #NTXISSACSC4 Honorable Mention • Advanced Encryption Standard (AES) – Electronic Codebook (ECB) • Same key used over and over • Block-based encryption • Known plaintext lookup! • SmashECB, for example (written by yours truly) NTX ISSA Cyber Security Conference – October 2-3, 2015 35
  • 36. @NTXISSA #NTXISSACSC4 Honorable Mention • Clipper Chip – Law Enforcement Access Field • Included data necessary to recover key • Only 16-bit hash protecting it • Bypass and reuse were possible and demonstrated • Use of third party LEAF data was possible too! NTX ISSA Cyber Security Conference – October 2-3, 2015 36
  • 37. @NTXISSA #NTXISSACSC4 Honorable Mention • Microsoft’s ”Golden Key” • Booting RT/ARM devices check two things: a policy (must be signed by Microsoft) and the operating system (also must be signed by Microsoft) • The “Golden Key” is a debug mode policy that was accidentally shipped, and that policy allows skipping the check for the operating system • Presto! Any OS on a Surface/WinPhone/etc. NTX ISSA Cyber Security Conference – October 2-3, 2015 37
  • 38. @NTXISSA #NTXISSACSC4 Honorable Mentions And so many, many more… • WPA - Design • Dual EC DRBG - Design • MD4 – Time, mostly • NIST P- curves (ECC) – Design • Digital Encryption Standard (DES) – Design • 3 DES – Design NTX ISSA Cyber Security Conference – October 7-8, 2016 38
  • 39. @NTXISSA #NTXISSACSC4 Questions If you’ve got ’em, throw ‘em. If I know the answer, I’ll give it. If I don’t, I’ll answer anyways before I disclose that I have no clue what I’m talking about. NTX ISSA Cyber Security Conference – October 2-3, 2015 39
  • 40. @NTXISSA #NTXISSACSC4 Miscellaneous • Picture Credits • Mulder Image: Pascal Wagler • Dilbert Characters: Scott Adams • Engima Machine: TheHistoryBlog.com • Failure Pictures: The Internet Tubes • Find Me • Twitter: @hermit_hacker • LinkedIn: /in/bcmork NTX ISSA Cyber Security Conference – October 2-3, 2015 40
  • 41. @NTXISSA #NTXISSACSC4@NTXISSA #NTXISSACSC4 The Collin College Engineering Department Collin College Student Chapter of the North Texas ISSA North Texas ISSA (Information Systems Security Association) NTX ISSA Cyber Security Conference – October 7-8, 2016 41 Thank you