crashcoursecrypto
play

CrashCourseCrypto Cryptography 101 for Developers Mathias T ausig - PowerPoint PPT Presentation

Mar 07, 2024 •411 likes •1.3k views

CrashCourseCrypto Cryptography 101 for Developers Mathias T ausig Erstellt von: Mathias T ausig, mathias.tausig@fh-campuswien.ac.at 1 Who am I? > MSc in Mathematics (University of T echnology Vienna) > Professional experience as a

  1. CrashCourseCrypto Cryptography 101 for Developers Mathias T ausig Erstellt von: Mathias T ausig, mathias.tausig@fh-campuswien.ac.at 1

  2. Who am I? > MSc in Mathematics (University of T echnology Vienna) > Professional experience as a Developer, Sysadmin, Security Officer, Computer retail > Spent 8 years in the PKI business > T eaching IT-Security at the FH Campus Wien > Research at the Competence Centre of IT-Security Erstellt von: Mathias T ausig, mathias.tausig@fh-campuswien.ac.at 2

  3. Who are you? > Developer > Having to do with security becoming ubiquitous > Realising security involves cryptography > Never learnt any cryptography > Relying on Stackoverflow for all things crypto Erstellt von: Mathias T ausig, mathias.tausig@fh-campuswien.ac.at 3

  4. Disclaimer > All rules presented are written to prevent you from shooting yourself in the foot. There might very well be exceptions to them. > Code snippets are written for brevity and might miss important aspects (especially error handling) > If you need this talk, you really shouldn’t be doing this . . . Erstellt von: Mathias T ausig, mathias.tausig@fh-campuswien.ac.at 4

  5. Basics > Do not design your own crypto > Do not implement your own crypto > There is probably an existing scheme for your usecase. Use it > https://keylength.com > Protect your keys ◮ Use your OS > Stackoverflow answers: Check reputation on security.stackexchange.com or crypto.stackexchange.com Erstellt von: Mathias T ausig, mathias.tausig@fh-campuswien.ac.at 5

  6. Kerckhoff Prinzip Die Sicherheit eines Systems muss alleine von der Geheimhaltung des Schlüssels abhängen, und darf nicht von der Geheimhaltung des Sy- stems abhängen. – Auguste Kerckhoff, La cryptographie militaire, 1883 Gegenteil: Security through obscurity Erstellt von: Mathias T ausig, mathias.tausig@fh-campuswien.ac.at 6

  7. What are we fighting for? Erstellt von: Mathias T ausig, mathias.tausig@fh-campuswien.ac.at 7

  8. Security is never an absolute thing. It is relative to your Threat Model and your Security Targets . Erstellt von: Mathias T ausig, mathias.tausig@fh-campuswien.ac.at 8

  9. Confidentiality Ensuring that only authorized persons are able to read a message’s content . Erstellt von: Mathias T ausig, mathias.tausig@fh-campuswien.ac.at 9

  10. Integrity Ensuring that a message cannot be altered undetected. Erstellt von: Mathias T ausig, mathias.tausig@fh-campuswien.ac.at 10

  11. Authentication Confirming the identity of a message’s author. Erstellt von: Mathias T ausig, mathias.tausig@fh-campuswien.ac.at 11

  12. Algorithms Erstellt von: Mathias T ausig, mathias.tausig@fh-campuswien.ac.at 12

  13. Random numbers Erstellt von: Mathias T ausig, mathias.tausig@fh-campuswien.ac.at 13

  14. Random numbers Random numbers are at the foundation of most cryptographic algorithms. Getting them wrong will probably break your whole system. Abbildung: Quelle: ❤tt♣✿✴✴❞✐❧❜❡rt✳❝♦♠✴str✐♣✴✷✵✵✶✲✶✵✲✷✺ Erstellt von: Mathias T ausig, mathias.tausig@fh-campuswien.ac.at 14

  15. Random numbers > True Random Numbers Obtained from physical sources (clocks, sensors, hard drives, . . . ) > Pseudo Random Numbers Calculated deterministically from a random seed value > Entropy Measures the amount of randomness within some random data Erstellt von: Mathias T ausig, mathias.tausig@fh-campuswien.ac.at 15

  16. Random numbers CSPRNG An ordinary Pseudorandom Number Generator (PRNG) creates numbers which are statistically indistinguishable from truly random numbers. For cryptographic usage, this is not enough. We need a Cryptographically Secure Pseudorandom Number Generator (CSPRNG) . That is a PRNG which is additionally forward and backward secure . An adversary cannot deduce future or past random values from observation of the random values. Erstellt von: Mathias T ausig, mathias.tausig@fh-campuswien.ac.at 16

  17. Random numbers OS Preferably, you should just use the RNG provdided by your Operating system: > ✴❞❡✈✴✉r❛♥❞♦♠ (*NIX) > ❈r②♣t●❡♥❘❛♥❞♦♠ (Win) Erstellt von: Mathias T ausig, mathias.tausig@fh-campuswien.ac.at 17

  18. Random numbers Manual Workflow 1. Obtain a random seed value (possibly implicit) > Random Numbers as provided by the OS: ✴❞❡✈✴✉r❛♥❞♦♠ (*NIX), ❈r②♣t●❡♥❘❛♥❞♦♠ (Win) > Add another independent random source: Time (difference), tick value, tail of syslog, . . . Erstellt von: Mathias T ausig, mathias.tausig@fh-campuswien.ac.at 18

  19. ✴❞❡✈✴✉r❛♥❞♦♠ ❈r②♣t●❡♥❘❛♥❞♦♠ Random numbers Manual Workflow 1. Obtain a random seed value (possibly implicit) 2. Initialize a CSPRNG (with that seed) Erstellt von: Mathias T ausig, mathias.tausig@fh-campuswien.ac.at 19

  20. ✴❞❡✈✴✉r❛♥❞♦♠ ❈r②♣t●❡♥❘❛♥❞♦♠ Random numbers Manual Workflow 1. Obtain a random seed value (possibly implicit) 2. Initialize a CSPRNG (with that seed) 3. Generate random numbers Erstellt von: Mathias T ausig, mathias.tausig@fh-campuswien.ac.at 20

  21. ✴❞❡✈✴✉r❛♥❞♦♠ ❈r②♣t●❡♥❘❛♥❞♦♠ Random numbers Manual Workflow 1. Obtain a random seed value (possibly implicit) 2. Initialize a CSPRNG (with that seed) 3. Generate random numbers 4. (Reseed) Erstellt von: Mathias T ausig, mathias.tausig@fh-campuswien.ac.at 21

  22. ❙❡❝✉r❡❘❛♥❞♦♠ ❈r②♣t♦❘❛♥❞♦♠ Random number generators Don’t > r❛♥❞✭✮ , r❛♥❞♦♠✭✮ , Linear congruence generator, Mersenne T wister, ANSI X9.17 Erstellt von: Mathias T ausig, mathias.tausig@fh-campuswien.ac.at 22

  23. Random number generators Don’t > r❛♥❞✭✮ , r❛♥❞♦♠✭✮ , Linear congruence generator, Mersenne T wister, ANSI X9.17 Do > ❙❡❝✉r❡❘❛♥❞♦♠ , ❈r②♣t♦❘❛♥❞♦♠ , NIST SP-800-90*, CTR-DRBG, HASH-DRBG, HMAC-DRBG, Fortuna Erstellt von: Mathias T ausig, mathias.tausig@fh-campuswien.ac.at 23

  24. Random number generators Beware > Forks, threads > Embedded systems > Security level ≤ Length of seed Erstellt von: Mathias T ausig, mathias.tausig@fh-campuswien.ac.at 24

  25. Hash Functions Erstellt von: Mathias T ausig, mathias.tausig@fh-campuswien.ac.at 25

  26. A Cryptographic Hash Function identifies arbitrary data of arbitrary length with a deterministic identifier of fixed length, called the hash or digest value of the data. Erstellt von: Mathias T ausig, mathias.tausig@fh-campuswien.ac.at 26

  27. Such hash functions have the avalanche property , meaning that the slightest change to the input will lead to a completely different output. Examples SHA-256(“Crypto is great.”) = ❞✹✹✻✼❝✺❞❡❜❝❡✽✼✺❢✵✻✵✾✸✻❜✾✶✺✸✽✼✾✽❛✻✷❢✼✼✺✵✽✵✾✵❡❛❢✼✷❛✸✺✹❛❢✽✷❢✶✽❡❡✷✸❝ SHA-256(“Crypto is great:”) = ✼❛✼✸✽❡✻❡❜❝✻✽✾✷✷❜❛❞✶✹❜✷✽❞✹✶✵✹✼✼❡❛❜✼❡❜✹❝❜✸❡✸❡✶✹✼✾❡❛❝❝✺❞✹❛✻❝✶✽✾❝❝❢✹ SHA-256(4GB ISO Datei) = ✶✾✺❜❛❝❛✻❝✺❢✸❜✼❢✸❛❞✹❞✼✾✽✹❛✼❢✼❜❞✺❝✹❛✸✼❜❡✷❡❜✻✼❡✺✽❜✻✺❞✵✼❛❝✸❛✷❜✺✾✾❡✽✸ Erstellt von: Mathias T ausig, mathias.tausig@fh-campuswien.ac.at 27

  28. Properties > Collission resistance : No collission (two different inputs with the same digest) are known or can be computed > Preimage resistance : It is not possible to calculate a preimage for a digest ( O ne Way Functions) Note These properties only hold for cryptographic hash functions 1 . 1 there are non-cryptographic ones, too Erstellt von: Mathias T ausig, mathias.tausig@fh-campuswien.ac.at 28

  29. Integrity This property makes a hash function usable to ensure the Integrity of some data. Any change to the data will lead to an altered hash value and can thus be detected. Erstellt von: Mathias T ausig, mathias.tausig@fh-campuswien.ac.at 29

  30. Integrity This property makes a hash function usable to ensure the Integrity of some data. Any change to the data will lead to an altered hash value and can thus be detected. Caveat This is only true against errors during the transmission or if your adversary is only a passive attacker (eavesdropper) . Since no secret is needed for the hash calculation, an active attacker can just recalculate the digest for the manipulated data. Erstellt von: Mathias T ausig, mathias.tausig@fh-campuswien.ac.at 30

  31. Usage > Integrity checks for files > Digital signatures > Git > Blockchain > Identifiers in data structures > Building block of other cryptographic functions Erstellt von: Mathias T ausig, mathias.tausig@fh-campuswien.ac.at 31

  32. ▼❉✺ ❙❍❆✲✶ ❘■P❊▼❉✲✶✻✵ ❈❘❈✲✸✷ Do > ❙❍❆✲✷ ◮ ❙❍❆✲✷✺✻ (256 bit = 32 byte digest length) ◮ ❙❍❆✲✺✶✷ (512 bit = 64 byte digest length) > ❙❍❆✲✸ ◮ ❙❍❆✲✸✲✷✺✻ or ❙❍❆✲✸✲✺✶✷ Erstellt von: Mathias T ausig, mathias.tausig@fh-campuswien.ac.at 32

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Tracking David Stuart University of California Santa Barbara August 18-20, 2008 2 Plan My

Tracking David Stuart University of California Santa Barbara August 18-20, 2008 2 Plan My

Tracking David Stuart University of California Santa Barbara August 18-20, 2008 2 Plan My intentions are to: Help you build intuition about the experimental role of tracking. Help you build intuition about tracking hardware. Help you build

810 views • 78 slides
Ontology-driven Annotation of Literary Texts Thierry Declerck Multilingual Technologies Lab DFKI

Ontology-driven Annotation of Literary Texts Thierry Declerck Multilingual Technologies Lab DFKI

Annotation in DH (annDH) Workshop at Ontology-driven Annotation of Literary Texts Thierry Declerck Multilingual Technologies Lab DFKI GmbH Saarbrcken, Germany Background This presentation is based on the results of a series of

939 views • 54 slides
Security in Outsourcing of Association Rule Mining

Security in Outsourcing of Association Rule Mining

Security in Outsourcing of Association Rule Mining

490 views • 29 slides
Workshop on Christian Doppler Laboratory for Portfolio Risk Management (PRisMa Lab) Portfolio

Workshop on Christian Doppler Laboratory for Portfolio Risk Management (PRisMa Lab) Portfolio

Workshop on Christian Doppler Laboratory for Portfolio Risk Management (PRisMa Lab) Portfolio Risk Management Web site: www.prismalab.at (PRisMa 2006) Legal organisation and evaluation: Sept. 26, 2006 Christian Doppler Research

59 views • 3 slides
From Context Awareness to Socially Aware and Interactive Systems Paul Lukowicz DFKI/University

From Context Awareness to Socially Aware and Interactive Systems Paul Lukowicz DFKI/University

From Context Awareness to Socially Aware and Interactive Systems Paul Lukowicz DFKI/University of Kaiserslautern Germany Overview Part 1: Introduction of key concepts Part 2: Basic technologies Sensing Reasoning Part 3:

1.88k views • 187 slides
Chapter 7: Clustering (Unsupervised Data Organization) 7.1 Hierarchical Clustering 7.2 Flat

Chapter 7: Clustering (Unsupervised Data Organization) 7.1 Hierarchical Clustering 7.2 Flat

Chapter 7: Clustering (Unsupervised Data Organization) 7.1 Hierarchical Clustering 7.2 Flat Clustering 7.3 Embedding into Vector Space for Visualization 7.4 Applications Clustering: unsupervised grouping (partitioning) of objects into

763 views • 49 slides
A tutorial on lexical classes Ricardo Bermdez-Otero University of Manchester I NTRODUCTION Goals

A tutorial on lexical classes Ricardo Bermdez-Otero University of Manchester I NTRODUCTION Goals

A tutorial on lexical classes Ricardo Bermdez-Otero University of Manchester I NTRODUCTION Goals of the tutorial 1 Our brief: L to address the key issues arising from exponence phenomena in which the lexicon is divided into arbitrary

400 views • 12 slides
Ahmad Dimyati Director General of Horticulture Ministry of Agriculture Republic of Indonesia

Ahmad Dimyati Director General of Horticulture Ministry of Agriculture Republic of Indonesia

THE MARKETING OF TROPICAL FRUITS THE MARKETING OF TROPICAL FRUITS INVOLVING SMALL GROWERS IN INDONESIA INVOLVING SMALL GROWERS IN INDONESIA Ahmad Dimyati Director General of Horticulture Ministry of Agriculture Republic of Indonesia

792 views • 21 slides
MA111: Contemporary mathematics If you had as many people as you wanted, but only one person

MA111: Contemporary mathematics If you had as many people as you wanted, but only one person

MA111: Contemporary mathematics If you had as many people as you wanted, but only one person could work on one task, when is the earliest you could be finished putting out the pots and pans measured in minutes after you start working on the

291 views • 4 slides
Indigenous Africans toward New solar cell technology Mussie Alemseghed, Ph.D. Mussie Alemseghed,

Indigenous Africans toward New solar cell technology Mussie Alemseghed, Ph.D. Mussie Alemseghed,

Indigenous Africans toward New solar cell technology Mussie Alemseghed, Ph.D. Mussie Alemseghed, Ph.D. University of Cincinnati/Oak Ridge National Lab University of Cincinnati/Oak Ridge National Lab NanoPower Africa NanoPower Africa 11/08/2011

436 views • 39 slides
Monday 11 th May Acrostic Poems What is an acrostic poem? What is special about them? Watch:

Monday 11 th May Acrostic Poems What is an acrostic poem? What is special about them? Watch:

Monday 11 th May Acrostic Poems What is an acrostic poem? What is special about them? Watch: https://www.bbc.co.uk/bitesize/topics/z4mmn39/articles/ztdvw6f In an acrostic poem, the first letter of each line spells a word. The word is the

183 views • 17 slides
Advanced Analytics in Business [D0S07a] Big Data Platforms & Technologies [D0S06a]

Advanced Analytics in Business [D0S07a] Big Data Platforms & Technologies [D0S06a]

Advanced Analytics in Business [D0S07a] Big Data Platforms & Technologies [D0S06a] Unsupervised Learning Anomaly Detection Overview Frequent itemset and association rule mining Other itemset extensions Clustering Dimensionality reduction

1.56k views • 124 slides
This!part!of!the!tutorial! 1. Overview:(Types(of(Inference(Knowledge( 2.

This!part!of!the!tutorial! 1. Overview:(Types(of(Inference(Knowledge( 2.

! !Textual!Entailment! ! !Part!3:! !Knowledge!Resources!and! ! ! ! ! !Knowledge!Acquisi;on!! Sebas&an(Pado ( ( (Rui(Wang( Ins&tut(fr(Computerlinguis&k (Language(Technology( Universitt(Heidelberg,(Germany

195 views • 18 slides
A multimodal logic for closeness Alfredo Burrieza Emilio Mu noz-Velasco Manuel Ojeda-Aciego

A multimodal logic for closeness Alfredo Burrieza Emilio Mu noz-Velasco Manuel Ojeda-Aciego

A multimodal logic for closeness Alfredo Burrieza Emilio Mu noz-Velasco Manuel Ojeda-Aciego Universidad de M alaga. Andaluc a Tech Mar 4, 2016 Manuel Ojeda-Aciego (UMA) A multimodal logic for closeness Mar 4, 2016 1 / 15

456 views • 26 slides
Medicaid Innovation Accelerator Program (IAP) Supporting Housing Tenancy Series: Webinar 1

Medicaid Innovation Accelerator Program (IAP) Supporting Housing Tenancy Series: Webinar 1

Medicaid Innovation Accelerator Program (IAP) Supporting Housing Tenancy Series: Webinar 1 February 24, 2016 Logistics for the Webinar All lines will be muted Please do not put your line on hold To participate in a polling question,

860 views • 57 slides
k P o s i t i o n o n D o - N o t - T r a c k T N D 1 i i P A digital marketing

k P o s i t i o n o n D o - N o t - T r a c k T N D 1 i i P A digital marketing

A p r i l 2 8 , 2 0 11 k P o s i t i o n o n D o - N o t - T r a c k T N D 1 i i P A digital marketing technology company that brands, agencies and publishers depend on to discover, reach and retain their ideal audiences. 700+

226 views • 5 slides
Text to 3D Scene Generation with Rich Lexical Grounding Angel Chang Will Monroe Manolis

Text to 3D Scene Generation with Rich Lexical Grounding Angel Chang Will Monroe Manolis

Text to 3D Scene Generation with Rich Lexical Grounding Angel Chang Will Monroe Manolis Savva Christopher Potts Christoper D. Manning Stanford University There is a desk and there is a notepad on the desk. There is a pen next to

1.03k views • 92 slides
Joint Representation Learning for Multi-Modal Transportation Recommendation Hao Liu 1 , Ting Li 2 ,

Joint Representation Learning for Multi-Modal Transportation Recommendation Hao Liu 1 , Ting Li 2 ,

Joint Representation Learning for Multi-Modal Transportation Recommendation Hao Liu 1 , Ting Li 2 , Renjun Hu 3 , Yanjie Fu 4 , Jingjing Gu 5 , Hui Xiong 1 1 The Business Intelligence Lab, Baidu Research 2 National University of Defense

390 views • 17 slides
Point bar Beds Graded bedding Alluvial fan Delta Shallow marine Reef Glacial Fluvial

Point bar Beds Graded bedding Alluvial fan Delta Shallow marine Reef Glacial Fluvial

Floodplain Point bar Beds Graded bedding Alluvial fan Delta Shallow marine Reef Glacial Fluvial Beach Desert Barrier island Tidal flat SONAR Submersibles Mountain erosion at Rivers shoreline Normal slope Collapsed slope

1.06k views • 81 slides
M obius Functions of Embedding Orders Bruce E. Sagan Department of Mathematics Michigan State

M obius Functions of Embedding Orders Bruce E. Sagan Department of Mathematics Michigan State

M obius Functions of Embedding Orders Bruce E. Sagan Department of Mathematics Michigan State University East Lansing, MI 48824-1027 sagan@math.msu.edu www.math.msu.edu/sagan and Vincent R. Vatter Department of Mathematics Rutgers

295 views • 10 slides
September 16, 2015 AD Tech Assist Group (AD-TAG) Thurston Solid Waste Thurston Water

September 16, 2015 AD Tech Assist Group (AD-TAG) Thurston Solid Waste Thurston Water

Thurston County Biodigester Study September 16, 2015 AD Tech Assist Group (AD-TAG) Thurston Solid Waste Thurston Water Resources LOTT Clean Water Alliance Puget Sound Energy The Evergreen State College Plus All Stakeholders

332 views • 10 slides
Visualizing search results Haystack Europe, London 2018 / sebastian.russ@tudock.de / Visualizing

Visualizing search results Haystack Europe, London 2018 / sebastian.russ@tudock.de / Visualizing

Visualizing search results Haystack Europe, London 2018 / sebastian.russ@tudock.de / Visualizing search results About us Haystack Europe, London 2018 / sebastian.russ@tudock.de / About us Development Consulting more... more... more...

349 views • 32 slides
Engineering Geology Sedimentary Rocks Hussien Al - deeky 1 Engineering Geology Definition

Engineering Geology Sedimentary Rocks Hussien Al - deeky 1 Engineering Geology Definition

Engineering Geology Sedimentary Rocks Hussien Al - deeky 1 Engineering Geology Definition Sedimentary rock is a type of rock that is formed by sedimentation of material at the Earth's surface and within bodies of water. Sedimentation is the

236 views • 23 slides
Welcome Welcome to the Public Information Centre for: Lisgar District Basement Water Infiltration

Welcome Welcome to the Public Information Centre for: Lisgar District Basement Water Infiltration

Welcome Welcome to the Public Information Centre for: Lisgar District Basement Water Infiltration Class Environmental Assessment Study for Pumping Stations The purpose of this Public Information Centre is to: Provide an overview of the study

468 views • 21 slides

More recommend