Anthony Ferrara, profile picture
Uploaded byAnthony Ferrara
2,202 views

Cryptography For The Average Developer

This document provides an overview of cryptography concepts for PHP developers. It discusses keeping data secure from viewing, tampering and forgery through encryption but notes cryptography is not a silver bullet and vulnerabilities still exist. The document covers random number generation, symmetric and asymmetric encryption, hashing, common ciphers and modes, and securely storing passwords through hashing rather than encryption. It strongly recommends using existing libraries rather than implementing cryptography directly due to the complexity and risk of bugs.

Embed presentation

Downloaded 33 times
Cryptography In PHP For The Average Developer
Cryptography ● Keeping Data Secure ○ Safe From Viewing ○ Safe From Tampering ○ Safe From Forgery ● Not A Silver Bullet ○ XSS ○ SQLI ○ Social Engineering ● Very Hard To Do ○ Any bug will cause problems
The First Rule of Cryptography
Don't Do It!
Leave It For Experts
Random! The Foundation of Cryptography ● Classified Under Three Types: ○ Weak ■ For non-cryptographic usages ○ Strong ■ For cryptographic usages where security does not depend on the strength of randomness ○ Cryptographically Secure ■ For cryptographic usage when security does depend on the strength of randomness
Vulnerabilities of Randomness ● Bias ○ Certain values tend to occur more often making it easier to predict future numbers ● Predictability ○ Knowing past numbers helps predict future numbers ● Poisoning ○ Ability to alter future random number generation
Weak Random in PHP Not to be used for cryptographic usages!!! ● rand() ● mt_rand() ● uniqid() ● lcg_value()
Strong Random in PHP ● mcrypt_create_iv() ○ MCRYPT_DEV_URANDOM ● openssl_random_pseudo_bytes() ● /dev/urandom ○ For *nix systems only
Cryptographically Secure ● mcrypt_create_iv() ○ MCRYPT_DEV_RANDOM ● openssl_random_pseudo_bytes() ○ Maybe ● /dev/random ○ For *nix systems only
NEVER Use Weak For Security
NEVER Use CS When Not Needed
If In Doubt Use Strong Randomness
Encryption vs Hashing ● Encryption ○ Encoding ○ 2 Way / Reversible ○ Putting a lock on a box ● Hashing ○ Signing ○ 1 Way / Non-Reversible ○ Taking a person's finger-print
Encryption
Seriously, Don't Do It!
Terms ● Key ○ Secure string of data ● Plain-Text ○ The text you want to keep secret ● Cipher-Text ○ The encrypted output
Two Basic Types ● Symmetric Encryption ○ Like a Pad-Lock with a shared key ○ The only secret is the key ○ Both sides must have the same key ● Asymmetric Encryption ○ Like a pair of Pad-Locks ■ The "lock" is the public key ○ The only secret is the private key ○ Both sides have their own key
Symmetric Encryption 101 ● Number: 01 Scratch That ● Numbers: 01 04 01 54 95 42 64 12
Symmetric Encryption 101 Let's Add A "Secret" Number! 01 04 01 54 95 42 64 12 +10 11 14 11 64 05 52 74 22
Secret Numbers ● We just invented the Caesar Cipher ○ Commonly known as "ROT13" ● But There Are Problems: ○ Vulnerable To Statistical Attacks ○ Vulnerable To Brute Forcing ■ Only 100 possible secret numbers!
Symmetric Encryption 101 I Know: Let's Add A Different Number! 01 04 01 54 95 42 64 12 +10 43 21 95 42 67 31 83 11 47 22 49 37 09 95 95
How It Works We can generate the pads in two ways ● Randomly ○ If we only use once, perfect security ■ Known as a one-time-pad ○ If we use multiple times, same as caesar cipher ● With A Function ○ Give one or two inputs ■ A key, and an "input" ○ Generates a "stream" of pseudo random numbers
Ciphers ● Take 2 inputs ○ A secret key ○ An "input" ● Produces Pseudo-Random Output ○ Looks random (statistically) ○ Is deterministic ■ Reproducible given same inputs
Modes ● Multiple ways to use the keystream ● Each way is known as a "Mode" ● Some are secure ○ Others are not
ECB Electronic Code Book ● Uses plain-text as "input" ● Uses output as cipher-text ● VERY BROKEN!!!
ECB
CBC Cipher Block Chaining ● Uses an "Initialization Vector" ○ Helps "randomize" the plain-text ○ Ensures no non-unique blocks ○ Does NOT need to be secret ● Chains each block together ○ Propagating the generated "randomness" ● Plain-Text Must Be Padded ○ To a multiple of block-size ● Secure!
CBC
CFB Cipher FeedBack ● Uses an "Initialization Vector" ● Plain-Text never enters cipher ○ Does not need to be padded ● "Decrypt" Is Never Used ● Secure!
CFB
Ciphers ● AES 128 & 256 ○ Standard ■ NIST Approved ○ Also Known As RIJNDAEL-128 ■ 128 here refers to "block size" ○ Very Strong ○ Note, the number after AES is *key size* ● Blowfish ● TwoFish ● Serpent
Authentication How do you know it wasn't tampered with / came from your friend? ● HMAC ○ Hash-based Message Authentication Code ● USE A SEPARATE KEY! ● Encrypt-Then-MAC ○ Always MAC after encryption
All Together Now!
Encrypt $key = 'xxxxxxxxxxxxxxxx'; $authKey = 'XXXXXXXXXXXXXX'; $plain = 'This is plain text that I am going to encrypt'; $size = mcrypt_get_iv_size( MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CFB ); $iv = mcrypt_create_iv( $size, MCRYPT_DEV_URANDOM ); $cipherText = mcrypt_encrypt( MCRYPT_RIJNDAEL_128, $key, $plain, MCRYPT_MODE_CFB, $iv ); $auth = hash_hmac('sha512', $cipherText, $authKey, true); $encrypted = base64_encode($iv . $cipherText . $auth);
Decrypt $key = 'xxxxxxxxxxxxxxxx'; $authKey = 'XXXXXXXXXXXXXX'; $size = mcrypt_get_iv_size( MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CFB ); $encrypted = base64_decode($encrypted); $iv = substr($encrypted, 0, $size); $auth = substr($encrypted, -64); $cipherText = substr($encrypted, $size, -64); if ($auth != hash_hmac('sha512', $cipherText, $authKey, true)) { // Auth Failed!!! return false; } $plainText = mcrypt_decrypt( MCRYPT_RIJNDAEL_128, $key, $cipherText, MCRYPT_MODE_CFB, $iv );
Please Don't Do It! ● Notice How Much Code It Took ○ Without error checking ● Notice How Complex It Is ○ Without flexibility ● Notice How Easy To Screw Up ○ Without Key Storage ● Notice How Many Decisions To Make
If you MUST, Use a Library
Common Encryption Needs ● Between Client / Server ○ Use SSL ○ Really, just use SSL ○ I'm not kidding, just use SSL ● Storage ○ Use disk encryption ○ Use database encryption
Really, Don't Do It!
Encryption Resources ● Zend Framework Encryption ○ Very good and complete lib ○ ZF2 ■ ZendCryptBlockCipher ● PHP Sec Lib ○ phpseclib.sourceforge.net ○ Pure PHP ● Not Many Others ○ Beware of online tutorials!!!
Password Storage
Passwords Should Be HASHED! Not Encrypted!
Password Hashes ● Use A Salt ○ Defeats Rainbow Tables ○ Makes Each Hash a "Proof Of Work" ○ Should be random! ■ Strong Randomness ● Should Be SLOW! ○ Salt is not enough ○ Salted SHA256: 11 BILLION per second ○ bcrypt: 3200 per second
Good Algorithms crypt($password, $salt); pbkdf2($password, $salt, $i); password_hash( $password, PASSWORD_BCRYPT ); $passLib->hash($password); $phpass->hashPassword($pass);
Cost Parameter ● Target: 0.25 - 0.5 Seconds ○ As slow as you can afford ● Depends on hardware ○ Test it! ● Good Defaults: ○ BCrypt: 10 ○ PBKDF2: 10,000
Simplified Password Hashing
New API for 5.5 ● string password_hash($pass, $algo, array $options = array() ) ○ Generates Salt, hashes password ● bool password_verify($pass, $hash) ○ Verifies Hash with Password ● bool password_needs_rehash($hash, $algo, array $options = array()) ○ Determines if the hash is the same as specified by algo and options ● array password_get_info($hash) ○ Returns information about the hash
Example function register($user, $password) { $hash = password_hash($password, PASSWORD_BCRYPT); $this->store($user, $hash); } function login($user, $password) { $hash = $this->fetchHash($user); if (password_verify($password, $hash)) { if (password_needs_rehahs($hash, PASSWORD_BCRYPT)) { $hash = password_hash($password, PASSWORD_BCRYPT); $this->store($user, $hash); } $this->startSession(); return true; } return false; }
Hashing Resources ● PHP 5.5 API ○ wiki.php.net/rfc/password_hash ● Password Compat ○ PHP 5.5 Compatibility ○ github/ircmaxell/password_compat ● PasswordLib ○ 5.3+, Multiple Algorithms, Portable ○ github/ircmaxell/PHP-PasswordLib ● PHPASS ○ PHP 4+ ○ openwall.com/phpass
Seriously, Hire an Expert!
You Have Been Warned
Questions? Comments? Snide Remarks?
Anthony Ferrara @ircmaxell blog.ircmaxell.com me@ircmaxell.com joind.in/7939

More Related Content

PDF
Cryptography For The Average Developer - Sunshine PHP
byAnthony Ferrara
 
PDF
Cryptography in PHP: use cases
byEnrico Zimuel
 
PDF
How does cryptography work? by Jeroen Ooms
byAjay Ohri
 
PDF
Password Storage And Attacking In PHP - PHP Argentina
byAnthony Ferrara
 
PDF
Strong cryptography in PHP
byEnrico Zimuel
 
PDF
Even the LastPass Will be Stolen Deal with It!
byMartin Vigo
 
PPTX
Cargo Cult Security at OpenWest
byDerrick Isaacson
 
PPT
9 password security
bydrewz lin
 
Cryptography For The Average Developer - Sunshine PHP
byAnthony Ferrara
 
Cryptography in PHP: use cases
byEnrico Zimuel
 
How does cryptography work? by Jeroen Ooms
byAjay Ohri
 
Password Storage And Attacking In PHP - PHP Argentina
byAnthony Ferrara
 
Strong cryptography in PHP
byEnrico Zimuel
 
Even the LastPass Will be Stolen Deal with It!
byMartin Vigo
 
Cargo Cult Security at OpenWest
byDerrick Isaacson
 
9 password security
bydrewz lin
 

What's hot

PDF
Encryption Boot Camp on the JVM
byMatthew McCullough
 
ODP
Password Security
byAlex Hyer
 
PDF
Cryptography in PHP: Some Use Cases
byZend by Rogue Wave Software
 
PDF
Password Security
byCSCJournals
 
PDF
DEFCON 23 - Eijah - crypto for hackers
byFelipe Prado
 
PPTX
Cargo Cult Security UJUG Sep2015
byDerrick Isaacson
 
PPTX
Cryptography for Absolute Beginners (May 2019)
bySvetlin Nakov
 
PPTX
Passwords presentation
byGreg MacPherson
 
PDF
OWASP Poland Day 2018 - Damian Rusinek - Outsmarting smart contracts
byOWASP
 
PDF
Hacker News vs. Slashdot—Reputation Systems in Crowdsourced Technology News
byChristoph Matthies
 
PPTX
Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018)
bySvetlin Nakov
 
PPTX
Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)
bySvetlin Nakov
 
PDF
Securing your Bitcoin wallet
byRon Reiter
 
PDF
apidays LIVE New York - WT* is JWT? by Maciej Treder
byapidays
 
PPTX
Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)
bySvetlin Nakov
 
PPTX
Cryptography 101 for Java developers
byMichel Schudel
 
Encryption Boot Camp on the JVM
byMatthew McCullough
 
Password Security
byAlex Hyer
 
Cryptography in PHP: Some Use Cases
byZend by Rogue Wave Software
 
Password Security
byCSCJournals
 
DEFCON 23 - Eijah - crypto for hackers
byFelipe Prado
 
Cargo Cult Security UJUG Sep2015
byDerrick Isaacson
 
Cryptography for Absolute Beginners (May 2019)
bySvetlin Nakov
 
Passwords presentation
byGreg MacPherson
 
OWASP Poland Day 2018 - Damian Rusinek - Outsmarting smart contracts
byOWASP
 
Hacker News vs. Slashdot—Reputation Systems in Crowdsourced Technology News
byChristoph Matthies
 
Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018)
bySvetlin Nakov
 
Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)
bySvetlin Nakov
 
Securing your Bitcoin wallet
byRon Reiter
 
apidays LIVE New York - WT* is JWT? by Maciej Treder
byapidays
 
Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)
bySvetlin Nakov
 
Cryptography 101 for Java developers
byMichel Schudel
 

Similar to Cryptography For The Average Developer

PPTX
Encryption in php
bysana mateen
 
PDF
Cryptography with Zend Framework
byEnrico Zimuel
 
PDF
Cryptography With PHP
byMark Niebergall
 
PDF
SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer
byAdam Englander
 
PDF
Cryptography with PHP (Workshop)
byMark Niebergall
 
PDF
Encryption: It's For More Than Just Passwords
byJohn Congdon
 
PDF
Password (in)security
byEnrico Zimuel
 
PDF
Cryptography With PHP - ZendCon 2017 Workshop
byMark Niebergall
 
PDF
ZendCon 2017 - Cryptography for Beginners
byAdam Englander
 
PDF
PHP Identity and Data Security
byJonathan LeBlanc
 
PDF
Password Storage and Attacking in PHP
byAnthony Ferrara
 
PDF
php[world] 2016 - Tales From the Crypto: A Cryptography Primer
byAdam Englander
 
PPTX
501 ch 10 cryptography
byToyeeb Onimole
 
PPTX
Cryptography for the mere mortals - for phpXperts Seminar 2011 by Hasin and Tonu
byHasin Hayder
 
PPTX
Cryptography for the mere mortals
byM A Hossain Tonu
 
PDF
Encryption Recap: A Refresher on Key Concepts
bythomashtkim
 
PPT
Eight simple rules to writing secure PHP programs
byAleksandr Yampolskiy
 
PPTX
Using Cryptography Properly in Applications
byGreat Wide Open
 
PDF
Intro to Cryptography
byMichael Soltys
 
PDF
Data Storage and Security Strategies of Network Identity
byAntiy Labs
 
Encryption in php
bysana mateen
 
Cryptography with Zend Framework
byEnrico Zimuel
 
Cryptography With PHP
byMark Niebergall
 
SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer
byAdam Englander
 
Cryptography with PHP (Workshop)
byMark Niebergall
 
Encryption: It's For More Than Just Passwords
byJohn Congdon
 
Password (in)security
byEnrico Zimuel
 
Cryptography With PHP - ZendCon 2017 Workshop
byMark Niebergall
 
ZendCon 2017 - Cryptography for Beginners
byAdam Englander
 
PHP Identity and Data Security
byJonathan LeBlanc
 
Password Storage and Attacking in PHP
byAnthony Ferrara
 
php[world] 2016 - Tales From the Crypto: A Cryptography Primer
byAdam Englander
 
501 ch 10 cryptography
byToyeeb Onimole
 
Cryptography for the mere mortals - for phpXperts Seminar 2011 by Hasin and Tonu
byHasin Hayder
 
Cryptography for the mere mortals
byM A Hossain Tonu
 
Encryption Recap: A Refresher on Key Concepts
bythomashtkim
 
Eight simple rules to writing secure PHP programs
byAleksandr Yampolskiy
 
Using Cryptography Properly in Applications
byGreat Wide Open
 
Intro to Cryptography
byMichael Soltys
 
Data Storage and Security Strategies of Network Identity
byAntiy Labs
 

More from Anthony Ferrara

PDF
Beyond design patterns phpnw14
byAnthony Ferrara
 
PDF
Don't Be STUPID, Grasp SOLID - ConFoo Edition
byAnthony Ferrara
 
PDF
Development By The Numbers - ConFoo Edition
byAnthony Ferrara
 
PDF
Don't Be STUPID, Grasp SOLID - DrupalCon Prague
byAnthony Ferrara
 
PDF
Don't be STUPID, Grasp SOLID - North East PHP
byAnthony Ferrara
 
PDF
PHP, Under The Hood - DPC
byAnthony Ferrara
 
PDF
Development by the numbers
byAnthony Ferrara
 
PDF
Don't Be Stupid, Grasp Solid - MidWestPHP
byAnthony Ferrara
 
Beyond design patterns phpnw14
byAnthony Ferrara
 
Don't Be STUPID, Grasp SOLID - ConFoo Edition
byAnthony Ferrara
 
Development By The Numbers - ConFoo Edition
byAnthony Ferrara
 
Don't Be STUPID, Grasp SOLID - DrupalCon Prague
byAnthony Ferrara
 
Don't be STUPID, Grasp SOLID - North East PHP
byAnthony Ferrara
 
PHP, Under The Hood - DPC
byAnthony Ferrara
 
Development by the numbers
byAnthony Ferrara
 
Don't Be Stupid, Grasp Solid - MidWestPHP
byAnthony Ferrara
 

Recently uploaded

PDF
Effective Ai powered mock interview .pdf
byamazingnishusingh766
 
PDF
Best-Travel-Portal-Development-Solutions-for-Online-Growth
bykashishnagarrajput
 
PDF
DataLiva-LivaGRC- Business Software for Governance, Risk, and Compliance
byMustafa Kuğu
 
PDF
Digital Transformation Services The Key to Futureproofing Your Business
byQuadrafort Technolgies
 
PDF
Using Change Data Capture (CDC) to Ingest Data into Apache Kafka
byGiovanni Marigi
 
PPTX
TechSprint Kickoff - Everything You Need to Know
bygdgcodecellcmpn
 
PDF
Louisville User Group: Transforming Technical Debt into Technical Wealth
byLynda Kane
 
PDF
SAP WalkMe Overview.pdf SAP WalkMe Overview.pdf
byMurniatiSimbolon2
 
PDF
Master the FME Connector for ArcGIS: Streamlined Data Management & Robust Met...
bySafe Software
 
PPTX
Lecture 04. about Black heads and Hackerss.pptx
byvinocol222
 
PPTX
Full course that Prymehat uploads for you
byOhenebaManu1
 
PPT
Waste water treatment plant operation and maintenance
byDuggineniRamakrishna
 
PDF
Taxonomy Principles to Support Knowledge Management at a Not-for-Profit
byEnterprise Knowledge
 
PPTX
KTU-PEMET413 -MODULE 2-POLYMER MATRIX COMPOSITES - LECTURE 1.pptx
byVINAY B
 
PPTX
On-Device AI with Gemma 3n and PaliGemma 2 Session Slides - GDG VESIT
bygdgcodecellcmpn
 
PPTX
Design Flaws and Known Attacks in Agentic AI - ITI Business Session
byInformation Technology Institute
 
PDF
JR : Quality Random Data from the Command line
byGiovanni Marigi
 
PPTX
Full course that Prymehat uploads for you version 2
byOhenebaManu1
 
PDF
Higgsfield AI: The New Way to Create Cinematic Video
bytechnologyupside
 
PDF
How Fintechs Scrape Financial News to Predict Market Moves.pdf
by3i Data Scraping
 
Effective Ai powered mock interview .pdf
byamazingnishusingh766
 
Best-Travel-Portal-Development-Solutions-for-Online-Growth
bykashishnagarrajput
 
DataLiva-LivaGRC- Business Software for Governance, Risk, and Compliance
byMustafa Kuğu
 
Digital Transformation Services The Key to Futureproofing Your Business
byQuadrafort Technolgies
 
Using Change Data Capture (CDC) to Ingest Data into Apache Kafka
byGiovanni Marigi
 
TechSprint Kickoff - Everything You Need to Know
bygdgcodecellcmpn
 
Louisville User Group: Transforming Technical Debt into Technical Wealth
byLynda Kane
 
SAP WalkMe Overview.pdf SAP WalkMe Overview.pdf
byMurniatiSimbolon2
 
Master the FME Connector for ArcGIS: Streamlined Data Management & Robust Met...
bySafe Software
 
Lecture 04. about Black heads and Hackerss.pptx
byvinocol222
 
Full course that Prymehat uploads for you
byOhenebaManu1
 
Waste water treatment plant operation and maintenance
byDuggineniRamakrishna
 
Taxonomy Principles to Support Knowledge Management at a Not-for-Profit
byEnterprise Knowledge
 
KTU-PEMET413 -MODULE 2-POLYMER MATRIX COMPOSITES - LECTURE 1.pptx
byVINAY B
 
On-Device AI with Gemma 3n and PaliGemma 2 Session Slides - GDG VESIT
bygdgcodecellcmpn
 
Design Flaws and Known Attacks in Agentic AI - ITI Business Session
byInformation Technology Institute
 
JR : Quality Random Data from the Command line
byGiovanni Marigi
 
Full course that Prymehat uploads for you version 2
byOhenebaManu1
 
Higgsfield AI: The New Way to Create Cinematic Video
bytechnologyupside
 
How Fintechs Scrape Financial News to Predict Market Moves.pdf
by3i Data Scraping
 

Cryptography For The Average Developer

  • 1.
    Cryptography In PHP For The Average Developer
  • 2.
    Cryptography ● Keeping DataSecure ○ Safe From Viewing ○ Safe From Tampering ○ Safe From Forgery ● Not A Silver Bullet ○ XSS ○ SQLI ○ Social Engineering ● Very Hard To Do ○ Any bug will cause problems
  • 3.
    The First Rule ofCryptography
  • 4.
  • 5.
    Leave It For Experts
  • 6.
    Random! The Foundation ofCryptography ● Classified Under Three Types: ○ Weak ■ For non-cryptographic usages ○ Strong ■ For cryptographic usages where security does not depend on the strength of randomness ○ Cryptographically Secure ■ For cryptographic usage when security does depend on the strength of randomness
  • 7.
    Vulnerabilities of Randomness ● Bias ○ Certain values tend to occur more often making it easier to predict future numbers ● Predictability ○ Knowing past numbers helps predict future numbers ● Poisoning ○ Ability to alter future random number generation
  • 8.
    Weak Random inPHP Not to be used for cryptographic usages!!! ● rand() ● mt_rand() ● uniqid() ● lcg_value()
  • 9.
    Strong Random inPHP ● mcrypt_create_iv() ○ MCRYPT_DEV_URANDOM ● openssl_random_pseudo_bytes() ● /dev/urandom ○ For *nix systems only
  • 10.
    Cryptographically Secure ● mcrypt_create_iv() ○ MCRYPT_DEV_RANDOM ● openssl_random_pseudo_bytes() ○ Maybe ● /dev/random ○ For *nix systems only
  • 11.
  • 12.
  • 13.
    If In Doubt Use Strong Randomness
  • 14.
    Encryption vs Hashing ●Encryption ○ Encoding ○ 2 Way / Reversible ○ Putting a lock on a box ● Hashing ○ Signing ○ 1 Way / Non-Reversible ○ Taking a person's finger-print
  • 15.
  • 16.
  • 17.
    Terms ● Key ○ Secure string of data ● Plain-Text ○ The text you want to keep secret ● Cipher-Text ○ The encrypted output
  • 18.
    Two Basic Types ●Symmetric Encryption ○ Like a Pad-Lock with a shared key ○ The only secret is the key ○ Both sides must have the same key ● Asymmetric Encryption ○ Like a pair of Pad-Locks ■ The "lock" is the public key ○ The only secret is the private key ○ Both sides have their own key
  • 19.
    Symmetric Encryption 101 ●Number: 01 Scratch That ● Numbers: 01 04 01 54 95 42 64 12
  • 20.
    Symmetric Encryption 101 Let's Add A "Secret" Number! 01 04 01 54 95 42 64 12 +10 11 14 11 64 05 52 74 22
  • 21.
    Secret Numbers ● Wejust invented the Caesar Cipher ○ Commonly known as "ROT13" ● But There Are Problems: ○ Vulnerable To Statistical Attacks ○ Vulnerable To Brute Forcing ■ Only 100 possible secret numbers!
  • 22.
    Symmetric Encryption 101 I Know: Let's Add A Different Number! 01 04 01 54 95 42 64 12 +10 43 21 95 42 67 31 83 11 47 22 49 37 09 95 95
  • 23.
    How It Works Wecan generate the pads in two ways ● Randomly ○ If we only use once, perfect security ■ Known as a one-time-pad ○ If we use multiple times, same as caesar cipher ● With A Function ○ Give one or two inputs ■ A key, and an "input" ○ Generates a "stream" of pseudo random numbers
  • 24.
    Ciphers ● Take 2inputs ○ A secret key ○ An "input" ● Produces Pseudo-Random Output ○ Looks random (statistically) ○ Is deterministic ■ Reproducible given same inputs
  • 25.
    Modes ● Multiple waysto use the keystream ● Each way is known as a "Mode" ● Some are secure ○ Others are not
  • 26.
    ECB Electronic Code Book ●Uses plain-text as "input" ● Uses output as cipher-text ● VERY BROKEN!!!
  • 27.
  • 28.
    CBC Cipher Block Chaining ●Uses an "Initialization Vector" ○ Helps "randomize" the plain-text ○ Ensures no non-unique blocks ○ Does NOT need to be secret ● Chains each block together ○ Propagating the generated "randomness" ● Plain-Text Must Be Padded ○ To a multiple of block-size ● Secure!
  • 29.
  • 30.
    CFB Cipher FeedBack ● Usesan "Initialization Vector" ● Plain-Text never enters cipher ○ Does not need to be padded ● "Decrypt" Is Never Used ● Secure!
  • 31.
  • 32.
    Ciphers ● AES 128& 256 ○ Standard ■ NIST Approved ○ Also Known As RIJNDAEL-128 ■ 128 here refers to "block size" ○ Very Strong ○ Note, the number after AES is *key size* ● Blowfish ● TwoFish ● Serpent
  • 33.
    Authentication How do youknow it wasn't tampered with / came from your friend? ● HMAC ○ Hash-based Message Authentication Code ● USE A SEPARATE KEY! ● Encrypt-Then-MAC ○ Always MAC after encryption
  • 34.
  • 35.
    Encrypt $key = 'xxxxxxxxxxxxxxxx'; $authKey= 'XXXXXXXXXXXXXX'; $plain = 'This is plain text that I am going to encrypt'; $size = mcrypt_get_iv_size( MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CFB ); $iv = mcrypt_create_iv( $size, MCRYPT_DEV_URANDOM ); $cipherText = mcrypt_encrypt( MCRYPT_RIJNDAEL_128, $key, $plain, MCRYPT_MODE_CFB, $iv ); $auth = hash_hmac('sha512', $cipherText, $authKey, true); $encrypted = base64_encode($iv . $cipherText . $auth);
  • 36.
    Decrypt $key = 'xxxxxxxxxxxxxxxx'; $authKey= 'XXXXXXXXXXXXXX'; $size = mcrypt_get_iv_size( MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CFB ); $encrypted = base64_decode($encrypted); $iv = substr($encrypted, 0, $size); $auth = substr($encrypted, -64); $cipherText = substr($encrypted, $size, -64); if ($auth != hash_hmac('sha512', $cipherText, $authKey, true)) { // Auth Failed!!! return false; } $plainText = mcrypt_decrypt( MCRYPT_RIJNDAEL_128, $key, $cipherText, MCRYPT_MODE_CFB, $iv );
  • 37.
    Please Don't DoIt! ● Notice How Much Code It Took ○ Without error checking ● Notice How Complex It Is ○ Without flexibility ● Notice How Easy To Screw Up ○ Without Key Storage ● Notice How Many Decisions To Make
  • 38.
  • 39.
    Common Encryption Needs ● Between Client / Server ○ Use SSL ○ Really, just use SSL ○ I'm not kidding, just use SSL ● Storage ○ Use disk encryption ○ Use database encryption
  • 40.
  • 41.
    Encryption Resources ● ZendFramework Encryption ○ Very good and complete lib ○ ZF2 ■ ZendCryptBlockCipher ● PHP Sec Lib ○ phpseclib.sourceforge.net ○ Pure PHP ● Not Many Others ○ Beware of online tutorials!!!
  • 42.
  • 43.
    Passwords ShouldBe HASHED! Not Encrypted!
  • 44.
    Password Hashes ● UseA Salt ○ Defeats Rainbow Tables ○ Makes Each Hash a "Proof Of Work" ○ Should be random! ■ Strong Randomness ● Should Be SLOW! ○ Salt is not enough ○ Salted SHA256: 11 BILLION per second ○ bcrypt: 3200 per second
  • 45.
    Good Algorithms crypt($password, $salt); pbkdf2($password,$salt, $i); password_hash( $password, PASSWORD_BCRYPT ); $passLib->hash($password); $phpass->hashPassword($pass);
  • 46.
    Cost Parameter ● Target:0.25 - 0.5 Seconds ○ As slow as you can afford ● Depends on hardware ○ Test it! ● Good Defaults: ○ BCrypt: 10 ○ PBKDF2: 10,000
  • 47.
  • 48.
    New API for5.5 ● string password_hash($pass, $algo, array $options = array() ) ○ Generates Salt, hashes password ● bool password_verify($pass, $hash) ○ Verifies Hash with Password ● bool password_needs_rehash($hash, $algo, array $options = array()) ○ Determines if the hash is the same as specified by algo and options ● array password_get_info($hash) ○ Returns information about the hash
  • 49.
    Example function register($user, $password){ $hash = password_hash($password, PASSWORD_BCRYPT); $this->store($user, $hash); } function login($user, $password) { $hash = $this->fetchHash($user); if (password_verify($password, $hash)) { if (password_needs_rehahs($hash, PASSWORD_BCRYPT)) { $hash = password_hash($password, PASSWORD_BCRYPT); $this->store($user, $hash); } $this->startSession(); return true; } return false; }
  • 50.
    Hashing Resources ● PHP5.5 API ○ wiki.php.net/rfc/password_hash ● Password Compat ○ PHP 5.5 Compatibility ○ github/ircmaxell/password_compat ● PasswordLib ○ 5.3+, Multiple Algorithms, Portable ○ github/ircmaxell/PHP-PasswordLib ● PHPASS ○ PHP 4+ ○ openwall.com/phpass
  • 51.
  • 52.
  • 53.
  • 54.
    Anthony Ferrara @ircmaxell blog.ircmaxell.com me@ircmaxell.com joind.in/7939