Upgrade to Pro — share decks privately, control downloads, hide ads and more …

No More Crypto Fails

Inndy
March 18, 2017

No More Crypto Fails

2017/03/18 at SITCON 2017

Inndy

March 18, 2017
Tweet

More Decks by Inndy

Other Decks in Technology

Transcript

  1. ꧹廔 )BTI # Python def my_hash(data): return sum(bytearray(data.encode())) % 256

    // C int my_hash(char *data, size_t len) { int i, H = 0; for(i = 0; i < len; i++) H = (H + data[i]) % 256; return H; } 15
  2. ꧹廔 )BTI • my_hash("Hash") == 132 • my_hash("Inndy") == 2

    • my_hash("SITCON") == 208 • my_hash("SITCON2017") == 154 16
  3. ꧹廔涸欽鸁 ˙ ꧹廔邍 )BTI5BCMF 须俲穡圓 ˙ 焷⥃须俲㸤侮䚍 ˙ ♴鯺㣐墂呪增叆IBTI⢵焷㹁墂呪尝剤䴦㡏 ˙

    侸⡙砞畎 ˙ 笪畀盘椚㆞ㄤ㹐剪鿪濼麥⡹涸㺙焺 ˙ ⥃㶸⢪欽罏涸㺙焺儘䥰鑪⥃㶸㺙焺涸꧹廔⧩ 17
  4. ꧹廔焥中 ˙ 1㺙焺鱒Ⰵ姻焷 ˙ 2) JOQVU 瘞倴 ˙ 㥶卓㺙焺鱒Ⰵ姻焷⵱) JOQVU

    瘞倴 ˙ 㥶卓) JOQVU ♶瘞倴⵱㺙焺鱒Ⰵꐫ铐 ˙ 㥶卓) JOQVU 瘞倴⵱㺙焺鱒Ⰵ姻焷 ˙ ꧹廔焥中 )BTI$PMMJTJPO 22
  5. ꧹廔焥中 • my_hash("cActo4ri5Hm3OZzB") == 123 • my_hash("ABCDEFGHIJKLMN9Y") == 123 •

    my_hash("0123456789fkcecr") == 123 • my_hash("Collision_Yhpvah") == 123 • my_hash("I am Inndy_5pRRz") == 123 • my_hash("SITCON 2017_N4hx") == 123 24
  6. 㺙焺⥃㶸 ˙ )."$锅㄂⸈뛥,FZFE)BTI 4BMUFE)BTI ˙ IBTI 㺙焺 TBMU  ˙

    )."$僽겳⡂涸嚌䙂⡎僽剤暶㹁涸㻜⡲倰䒭 ˙ 湬䱺⢪欽㼠Ꟍ捀㺙焺鏤鎙涸꧹廔倰岁 ˙ "SHPO 1#,%' TDSZQU CDSZQU 29
  7. Ꟁ䏞䒂㾝余乹 ˙ 䊺濼) LFZ EBUB ⟃⿻EBUB⡎♶濼麥LFZ ˙ 〳⟃皿ⴀ) LFZ EBUB

    QBEEJOH FWJM  ˙ 〳⟃㖈剤IBTI增叆涸朜屣♴幑⸈겙㢫须俲 ˙ .% 4)" 4)" 4)"鿪「ⵌ䕧갠 ˙ 䊨ⰨIBTIQVNQ ˙ ⢪欽)."$⽰〳鼚⯝ 30
  8. ⩝ꦑ堥侸欴欰㐼 13/( ˙ ⯓歋♧⦐珏㶩 TFFE ⴲ㨥⻋✥侸朜䢀 TUBUF  ˙ ⱄ竤歋暶㹁涸怵皿䌢欰ꦑ堥侸

    ˙ 製꧌㣁㢵涸✥侸䖕〳⟃凐⸂灶鍑䧴僽皿ⴀTFFE ˙ 䘎鎹ⴲ㨥⻋㽠Ꟛ㨥欽⵱剚欴欰ⴀ♧垺涸ꦑ堥侸 ˙ 㣐㢵侸➃剚欽儘꟦⢵殹⡲ⴲ㨥⻋⿮侸 33
  9. ⩝ꦑ堥侸欴欰㐼 13/( ˙ HMJCD傍劍涸㻜⡲箁䚍ず긅 -$(  ˙ SFUVSOTUBUF TUBUF YDFE

       YG ˙ 濼麥♧⦐✥侸㽠〳⟃湬䱺皿ⴀ⛓䖕涸䨾剤✥侸 ˙ ⛳㽠僽〳⟃갸庠劢⢵涸✥侸 ˙ 歋倴TUBUF剤ꣳ䨾⟃✥侸剚鹋劍䚍涸ꅾ醳 34
  10. ⸈㺙禺窡ⴕ겳 ˙ 呏亙⸈㺙禺窡涸麌⡲倰䒭ⴕ䧭♲珏 ˙ 㼩珖䒭 ˙ ⴕ穉⸈㺙 #MPDL$JQIFS  ˙

    ⚮崩⸈㺙 4USFBN$JQIFS  ˙ ꬌ㼩珖 ˙ ⰗꟚꆄꚤ禺窡 1VCMJD,FZ&ODSZQUJPO 37
  11. ⚮崩⸈㺙 ˙ 㺙ꚤ♶〳⟃ꅾ醳⢪欽 ˙ & 9 , 邍爚⟃㺙ꚤ,⸈㺙须俲9 ˙ &

    9 , 9?13/( ,  ˙ & " , ?& # ,  "?L ? #?L "?# ˙ 㼩倴僈俒剤㣁㢵涸澗鍑㽠〳⟃灶㺙 39
  12. 1,$4㞅⯏ ˙ ず垺涸僈俒莅㺙ꚤ⸈㺙ⴀ⢵剚䖤ⵌ湱ず涸穡卓 ˙ 䧮⦛䒸Ⰵ✫ⴲ㨥ぢꆀ *7 堥ⵖ⢵贖椚鸏⦐㉏겗 • n =

    BLK_SZ - (len(data) % BLK_SZ) • padding = byte(n) * n • "0123456789AB\x05\x05\x05\x05\x05" ˙ 瘞瘞䧮⦛剚㔐⢵溏1,$4鸤䧭涸㉏겗 43
  13. $#$垸䒭⸈㺙 Cipher Block Chaining (CBC) mode encryption block cipher encryption

    Key Ciphertext Plaintext block cipher encryption Key Ciphertext Plaintext block cipher encryption Key Ciphertext Plaintext Initialization Vector (IV) 9PS *7<> *7<> *7<> 46
  14. Cipher Block Chaining (CBC) mode decryption block cipher decryption Key

    Plaintext Ciphertext Initialization Vector (IV) block cipher decryption Key Plaintext Ciphertext block cipher decryption Key Plaintext Ciphertext $#$垸䒭鍑㺙 *7<> *7<> *7<> 48
  15. 1BEEJOH0SBDMF"UUBDL ˙ 䎃痧♧妄鄄䲿ⴀ⢵ ˙ 3BJMT "41/&5 +BWB瘞㣐ꆀ笪畀「ⵌ䕧갠 ˙ $#$垸䒭⸈♳1,$4㞅⯏倰䒭 ˙

    㥶卓䧮⥜佖✫㺙俒灶㡏✫㞅⯏⧩ ˙ ⡹欽涸⸈㺙玑䒭䏨〳腋剚UISPXFSSPS ˙ 尝剤DBUDI涸鑨⢪欽罏剚溏ⵌ ˙ 㼬荞〳⟃㖈劢濼㺙ꚤ涸䞕屣♴鍑㺙⥜佖Ⰹ㺂 50
  16. ˙ ➊랃⯋稇剚䕧갠僈俒 ˙ $JQIFSUFYU ˙ ,FZ ˙ *7䧴♳♧㝆㺙俒 ˙ 䖰齡酭♴䩛嫲鯱㺂僒

    ˙ 齡䎙⦐僽䧮⦛濼麥罜⚂〳⟃䱾ⵖ涸 1BEEJOH0SBDMF"UUBDL Cipher Block Chain block cipher decryption Key Plaintext Ciphertext Initialization Vector (IV) Key 51
  17. 1BEEJOH0SBDMF"UUBDL • Plain = "AESXX" • Key = "??!@#$!@#$" •

    P = 41 45 53 58 58 • IV = c8 76 30 94 87 • C = aa bb cc dd ee • c = 89 33 63 cc df 54 Cipher Block Chainin block cipher decryption Key Plaintext Ciphertext Initialization Vector (IV) Key $ 1 * 랱盳
  18. 1BEEJOH0SBDMF"UUBDL • IV = c8 76 30 94 87 •

    c = 89 33 63 cc df • iv = 00 00 00 00 00 • iv = 00 00 00 00 01 • ... • iv = 00 00 00 00 de • 0xde ^ 0xdf = 0x01 • p = 89 33 63 cc 01 // 正確的填充 55 Cipher Block Chainin block cipher decryption Key Plaintext Ciphertext Initialization Vector (IV) Key D 1 * 랱盳
  19. 1BEEJOH0SBDMF"UUBDL • IV = c8 76 30 94 87 •

    P = 41 45 53 58 58 • c = 89 33 63 cc df • iv = 00 00 00 00 de • p = 89 33 63 cc 01 填充正確解密成功! • last byte: 0xde ^ 0x01 ^ 0x87 = 0x58 • 接下來來做 02 02 結尾,解開倒數第⼆二 byte 56
  20. ꬌ㼩珖⸈㺙 ˙ 植➿㺙焺㷸剓ꅾ銴涸涮僈⛓♧ ˙ 34"剓䌢鋅⛳剓䌢⢪欽 ˙ 堬㕩刼箁㺙焺 &$$  ˙

    欴欰LFZ剚欴ⴀ♧㼩Ⱇꚤ莅猙ꚤ ˙ Ⱇꚤ〳⟃ⰗꟚ窍Ⱖ➮➃ ˙ 猙ꚤ〫剤⡹荈䊹䭰剤 60
  21. 穡锸 ˙ )BTI ˙ ⮭㶸㺙焺欽BSHPO QCLEG TDSZQU CDSZQU ˙ 鼚⯝须俲鄄睕佖)BTI

    )."$ ˙ 㼭䗱-FOHUI&YUFOTJPO"UUBDL ˙ .% 4)"♶銴欽 63