The document summarizes key points about cryptography for software developers from a presentation given by Raine Nieminen. It discusses symmetric and asymmetric ciphers, cryptographic hash functions, multi-party computation, and practical aspects of using cryptography like when to use it, algorithms and libraries, key management, key size, key generation, and key storage. The main messages are to use existing cryptographic libraries and implementations, understand the basics of how cryptography works, and that key management is critical for security.

1. TRESEC MEETUP
Introduction to cryptography
for software developers
Raine Nieminen, February 5, 2019

2. | © INSTA
Raine Nieminen
Security specialist at Intopalo Digital
Cryptography, software security,
information security, security consulting,
Master of Science (Tech.)
Connect with me on LinkedIn at
https://www.linkedin.com/in/raineniemine
nlinkedin/
About the speaker

3. | © INSTA
Outline
Cryptography
25% Theory (~5min)
75% Practice (~15min)

4. | © INSTA| © INSTA
Short
introduction to
cryptography

5. | © INSTA
Modern cryptography
No handwritten symbols, no mechanical machines anymore
Some crypto related terms:
• Cipher
• Secret, private and public key
• Key exchange
• Cryptographic hash function
• Message authentication code (MAC)
• Digital signature
• Homomorphic encryption
• Multi-party computation (MPC)
• Post-quantum cryptography
| 5

6. | © INSTA
Symmetric ciphers
One secret key that is used for both encryption and decryption
| 6
Secret message
to TreSec
participants cipher
$4=RGV3%$6ryC!
K$q6$"rr?GJ8Fz
vp)T/^6s{TX
Encryption
$4=RGV3%$6ryC!
K$q6$"rr?GJ8Fz
vp)T/^6s{TX cipher
Secret message
to TreSec
participants
Decryption

7. | © INSTA
Asymmetric ciphers
Two different keys
| 7
Secret message
to TreSec
participants cipher
xD}D2~$5Y$QP8B
83M5?q@w:9M*)#
MPH7^4`.!3x
Encryption
xD}D2~$5Y$QP8B
83M5?q@w:9M*)#
MPH7^4`.!3x cipher
Secret message
to TreSec
participants
Decryption

8. | © INSTA
Things to remember
Symmetric and asymmetric ciphers are fundamentally different
• To simplify, symmetric ciphers “scramble” the message and key by doing substitutions
and permutations on a bit level ➔ special hardware exists
• Asymmetric ciphers are based on mathematically difficult problems, which require
large numbers ➔ computations are relatively slow
The security relies fully on the secrecy of the key, not the cipher itself!
| 8

9. | © INSTA
Cryptographic hash functions
Properties that separate cryptographic hash functions from the regular ones:
• Pre-image resistance
• Second pre-image resistance
• Collision resistance
| 9
A long or
short message…
Hash
function
Fixed size!
“Digest”
2"BTd/{?Ef:T`.
"P%KX8@s;q6a}m
7/*{:"8m?][yDh

10. | © INSTA
Multi-party computation (MPC)
The idea is to compute a function without knowing the inputs
No third parties involved
Might sound absurd and impossible, but luckily cryptographers are smart!
| 10
function
A
A*
B
C
D
B*
C*
D*
The result

11. | © INSTA| © INSTA
Practical aspects
for software
developers

12. | © INSTA
The big picture
Our tool set
Crypto stuff
“Nothing magical”

13. | © INSTA
When to use crypto
Classical use cases:
• Confidentiality
• Integrity
• Availability
• Non-repudiation
• Authentication
• Authorization
Real life examples:
• Money transfer
• Auction/election
• Electronic contract
• Access control
| 13

14. | © INSTA
Basic principles
Follow these principles and I won’t need to hunt you down
1. Do not use your own crypto algorithms
2. Do not implement any crypto algorithm (by yourself) in production code
3. Do nothing, go home and quit your job
| 14

15. | © INSTA
How to use crypto: algorithms and libraries
Well known algorithms:
| 15
Symmetric alg. Asymmetric alg. Hash functions
AES RSA SHA-3
Serpent DSA SHA-2
Twofish ECDH
Example libraries:
OpenSSL Crypto++ Bouncy Castel ACE
C C++ Java, C# C

16. | © INSTA
How to use crypto: algorithms and libraries
If possible, use cryptographic protocols such as TLS
If not, the algorithms must be used correctly (obviously)
Includes, e.g., implementing padding and choosing mode of operation
• Follow suitable and standardized padding methods (e.g., RFC 5652 section 6.3)
• Electronic Codebook (ECB) mode should be avoided
• The use case determines which mode should be used and how to do authentication
• Initialization vectors (IV) must be unique and random
| 16

17. | © INSTA
Things to remember
Use existing implementations and do as little as you have to yourself
• Choose appropriate library/libraries for the use case (trustiness, license, language, …)
• FIPS 140-2
• ISO/IEC 19790:2012
• Document the usage of the libraries and possible weaknesses/misusages
• Follow if vulnerabilities are discovered and apply updates
Have basic understanding of what is happening and why
| 17
These things are complex and difficult but easy to get wrong… so take your time.

18. | © INSTA
Key management
Key management is something that software developers might need to take
care of even when the crypto algorithms are already there
This could include:
• Choosing the key size
• Generating the key
• Storing the key
Recall that the security relies fully on the secrecy of the key
➔ Therefore this is super important
| 18

19. | © INSTA
Key size
Basically, the longer the key is, the better
However, longer keys reduce the efficiency + overkill is rarely advisable anyway
| 19
AES RSA ECC
Near term 128 3072 256
Long term (>30 years) 256 15360 512
Sources: Algorithms, key size and protocols report. ECRYPT – CSA, 2018
Recommendation for key management, Part 1: General (revised). NIST, 2016

20. | © INSTA
Rule of thumb (key size)
Most likely 128-bit security is what you want
Symmetric ciphers provide one to one security regarding the key size
Hash function digest length must be twice as large as the security we want
With elliptic curves (asymmetric ciphers) the key size must also be twice as large
Other asymmetric ciphers require 3072-bit keys to provide 128-bit security
| 20

21. | © INSTA
Key generation
The importance is often underrated
Requires user input (password) or/and random numbers
• True random numbers (very difficult to produce)
• Cryptographically secure pseudo-random number generator (CSPRNG)
Some methods might already be implemented (e.g., Java SecureRandom)
• Take advantage of user behavior over time (e.g., mouse movements)
• Take advantage of hardware (e.g., CPU clock)
• For more, see RFC 4086 (Randomness Requirements for Security)
• Library functions can use different methods depending on the running OS
| 21

22. | © INSTA
Key storage
Which keys should be stored?
What is the purpose?
Examples:
• Password manager decryption key(s) is not stored but derived from the master password
• Some secret or private keys should be protected in special hardware (e.g., TPM or smart cards)
• Secure Shell (SSH) private keys can be stored locally in a text file
Be careful when storing keys in memory, since it could be accessible by other programs
and complete erasure is difficult (removing the pointer does not remove the key)
| 22

23. | © INSTA
Things to remember
Poor key management overshadows otherwise good usage of crypto
Short keys might be currently acceptable but not in the future
Important in key generation:
• A proper key derivation function (e.g., Argon2, bcrypt, …)
• The source of the randomness
Store keys carefully
Don’t get a false sense of security
| 23
These things are complex and difficult but easy to get wrong… so take your time.

24. | © INSTA
Discussion
Topics I skipped but interests you?
Overall thoughts, comments and questions?
| 24
Thank you for listening!