NSConfidential

Transcript

1. NSCONFIDENTIAL

2. WAIT

3. were you followed?

4. (ARE YOU SURE?)

5. I HAVE REASON TO BELIEVE THAT THIS TALK IS BEING

   recorded. (ACTUALLY, I DON'T THINK THIS ONE IS)

6. ...

7. JUST ACT NATURAL

8. None

9. NSCONFIDENTIAL HOW TO SURVIVE IN A SURVEILLANCE STATE, WITH OBJECTIVE-C

   & COCOA
10. None

11. goto fail;

12. None

13. KNOWING ABOUT NETWORK SECURITY HAS NEVER BEEN MORE IMPORTANT

14. AND YET...

15. THIS IS TOO HARD TO UNDERSTAND

16. EXPERTS ONLY

17. TRUST US

18. YOU KNOW WHAT'S better THAN TRUST?

19. UNDERSTANDING

20. THAT SAID...

21. ▸ I am not a security expert ▸ I do

    not assume to know what I'm doing ▸ Don't take my word for it

22. SECURITY IS ABOUT keeping secrets

23. STEGANOGRAPHY CRYPTOGRAPHY

24. STEGANOGRAPHY Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed

    do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud ullamco nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor information hiding in plain sight velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id.

25. CRYPTOGRAPHY F2 80 FF 09 F3 F3 E8 00 00

    FF 00 8F A6 A6 80 F2 80 FF 05 F3 F3 D2 00 00 FF 8C 00 00 FF 8C 00 00 FF 8C 00 00 FF 8C 00 08 FF 00 9F 9D 8D 1E 1A 16 A8 84 00 09 FF 00 A4 A4 9C 23 1E 1A F2 AF 83 00 01 FF 00 80 A4 05 26 23 1E FF F2 AB 82 00 01 FF 00 80 6E 06 FF F3 DC FF FF F2 A9 81 00 01 FF 00 80 6E 02 FF FF F3 80 FF 01 F2 AB 80 00 01 FF 00 80 6E 84 FF 05 F2 AD 00 00 FF 00 80 FF 80 6E 09 FE F2 DC 45 3B 3B 00 00 FF 00 80 FF 80 6E 09 FE FE F2 4F 45 3B 00 00 FF 00 80 FF 80 6E 80 FE 06 57 4F 45 00 00 FF 00 80 93 80 F2 80 52 06 8F 88 7D 00 00 FF 00 80 93 80 F2 80 52 09 8F 8F 88 00 00 FF 00 7F 93 93 80 F2 80 52 05 8F 8F 7B 00 00 FF 8C 00 00 FF 8C 00 00 FF 8C 00 00 FF 8C 00 08 FF 00 C4 C1 AE 34 2D 26 A8 84 00 09 FF 00 CA CA C0 3C 34 2D F2 AF 83 00 01 FF 00 80 CA 05 42 3C 34 FF F2 AB 82 00 01 FF 00 80 F1 06 1D 1C 19 FF FF F2 A9 81
26. None
27. None

28. STEGANOGRAPHY

29. ্ि࢛߈㐝

30. - --- .-. - ..- .-. .

31. CODE STEGANOGRAPHY

32. (Whitespace)

33. None

34. IMAGE STEGANOGRAPHY

35. None

36. HIDING NSDATA IN NSBITMAPIMAGEREP

37. NSString *string = @"hello"; NSData *data = [string dataUsingEncoding:NSUTF8StringEncoding]; const

    uint8_t *bytes = [data bytes];

38. for (NSUInteger x = 0; x < bitmap.pixelsWide; x++) {

    for (NSUInteger y = 0; y < bitmap.pixelsHigh; y++) { if ([data length] < (x * bitmap.pixelsWide) + y) { break; } unsigned long pixel[numberOfComponents]; [bitmap getPixel:pixel atX:x y:y]; { // Flip parity bit } [bitmap setPixel:pixel atX:x y:y]; } }

39. const uint8_t byte = bytes[(x * bitmap.pixelsWide) + y]; for

    (NSUInteger c = 0; c < numberOfComponents; c++) { if ((byte & (1 << c) >> c)) { pixel[c] &= 254; // 0b11111110 } else { pixel[c] |= 1; // 0b00000001 } }

40. AUDIO STEGANOGRAPHY

41. None
42. None
43. None

44. NOPE

45. CRYPTOGRAPHY

46. P ≟ NP

47. IF THE SOLUTION TO A PROBLEM CAN BE QUICKLY verified

    BY A COMPUTER, CAN THE COMPUTER ALSO solve THAT PROBLEM QUICKLY?

48. e.g. DIVIDE THE ROOM UP INTO 2 GROUPS, SUCH THAT

    EACH GROUP HAS THE SAME COMBINED AGE IN YEARS. THIS IS AN EXAMPLE OF THE Partition Problem, WHICH IS REFERRED TO AS "THE EASIEST HARD PROBLEM"

49. e.g. FIND THE SHORTEST ROUTE TO VISIT ALL OF THE

    COFFEE SHOPS IN SAN FRANCISCO EXACTLY ONCE. THIS IS A VERSION OF THE Traveling Salesman Problem, A CLASSIC PROBLEM IN COMPUTER SCIENCE.

50. SECURITY THROUGH HARD MATH PROBLEMS

51. SYMMETRIC or ASYMMETRIC

52. SYMMETRIC ENCRYPTION KEY AND DECRYPTION KEY ARE THE same

53. None
54. None

55. ASYMMETRIC ENCRYPTION KEY AND DECRYPTION KEY ARE different

56. None

57. DIFFIE-HELLMAN KEY EXCHANGE

58. None

59. COCOA

60. ENCRYPTION TECHNOLOGIES COMMON TO IOS AND OS X ▸ Keychain

    Services API ▸ Cryptographic Message Syntax ▸ Certificate, Key, and Trust Services

61. KEYCHAIN SERVICES API SECURE STORAGE OF CREDENTIALS (PASSWORDS, KEYS, ETC.)

    BUILT ON THE COMMON DATA SECURITY ARCHITECTURE (CDSA) AND ITS PROGRAMMING INTERFACE, COMMON SECURITY SERVICES MANAGER (CSSM)

62. CRYPTOGRAPHIC MESSAGE SYNTAX SERVICES DIGITAL SIGNATURES AND ENCRYPTION FOR S/MIME

    MESSAGES. CMS IS THE IETF'S STANDARD FOR CRYPTOGRAPHICALLY PROTECTED MESSAGES

63. CERTIFICATE, KEY, AND TRUST SERVICES AUTHENTICATE AND AUTHORIZE USERS AND

    PROCESSES USING KEYS AND CERTIFICATES MANY OF THE FUNCTIONS IN THIS API MUST BE USED IN CONJUNCTION WITH KEYCHAIN SERVICES API.

64. SecKeyEncrypt Encrypts data using the specified key. SecKeyDecrypt Decrypts data

    using the specified key.

65. SecKeyRawSign Signs data using the specified key. SecKeyRawVerify Verifies a

    signature against data and a specified key.

66. COMMONCRYPTO LOW-LEVEL C SUPPORT FOR ENCRYPTION AND DECRYPTION MD5 /

    SHA DIGESTS & HMAC

67. CREATING A SHA-1 CHECKSUM NSData *data = ...; uint8_t output[CC_SHA1_DIGEST_LENGTH];

    CC_SHA1(data.bytes, data.length, output); NSData *checksum = [NSData dataWithBytes:output length:CC_SHA1_DIGEST_LENGTH];
68. None

69. CREATING SHA-1 HMAC NSData *data, *key; unsigned int length =

    CC_SHA1_DIGEST_LENGTH; unsigned char output[length]; CCHmac(kCCHmacAlgSHA1, key.bytes, key.length, data.bytes, data.length, output);

70. WRITING DATA TO KEYCHAIN NSString *key, service; NSData *data; NSMutableDictionary

    *mutableQuery = [NSMutableDictionary dictionary]; mutableQuery[(__bridge id)kSecClass] = (__bridge id)kSecClassGenericPassword; mutableQuery[(__bridge id)kSecAttrService]= service; mutableQuery[(__bridge id)kSecAttrGeneric]= key; mutableQuery[(__bridge id)kSecAttrAccount]= key; OSStatus status = SecItemCopyMatching((__bridge CFDictionaryRef)mutableQuery, NULL);

71. if (status == errSecSuccess) { NSMutableDictionary *attributesToUpdate = [[NSMutableDictionary alloc]

    init]; [attributesToUpdate setObject: forKey:]; NSDictionary *updatedAttributes = @{(__bridge id)kSecValueData: data}; SecItemUpdate((__bridge CFDictionaryRef)query, (__bridge CFDictionaryRef)updatedAttributes); }

72. else { NSMutableDictionary *mutableAttributes = [NSMutableDictionary dictionary]; mutableAttributes[(__bridge id)kSecClass] =

    (__bridge id)kSecClassGenericPassword; mutableAttributes[(__bridge id)kSecAttrService] = service; mutableAttributes[(__bridge id)kSecAttrGeneric] = key; mutableAttributes[(__bridge id)kSecAttrAccount] = key; mutableAttributes[(__bridge id)kSecAttrAccessible] = (__bridge id)kSecAttrAccessibleAfterFirstUnlock; mutableAttributes[(__bridge id)kSecValueData] = data; SecItemAdd((__bridge CFDictionaryRef)attributes, NULL); }

73. cocoapods.org/?q=keychain

74. VERIFYING SSL CERTIFICATE SecTrustRef trust; SecPolicyRef X509Policy = SecPolicyCreateBasicX509(); SecTrustSetPolicies(serverTrust,

    (__bridge CFArrayRef)@[(__bridge id)X509Policy]); SecTrustResultType result; __Require_noErr(SecTrustEvaluate(trust, &result), exit);

75. X.509 CERTIFICATE $ openssl x509 -in freesoft-certificate.pem -noout -text Certificate:

    Data: Version: 1 (0x0) Serial Number: 7829 (0x1e95) Signature Algorithm: md5WithRSAEncryption Issuer: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Server CA/[email protected] Validity Not Before: Jul 9 16:04:02 1998 GMT Not After : Jul 9 16:04:02 1999 GMT Subject: C=US, ST=Maryland, L=Pasadena, O=Brent Baccala, OU=FreeSoft, CN=www.freesoft.org/[email protected] Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): 00:b4:31:98:0a:c4:bc:62:c1:88:aa:dc:b0:c8:bb:... Exponent: 65537 (0x10001) Signature Algorithm: md5WithRSAEncryption 93:5f:8f:5f:c5:af:bf:0a:ab:a5:6d:fb:24:5f:b6:59:5d:9d:...

76. SSL PINNING PREVENT MAN-IN-THE-MIDDLE ATTACKS VALIDATES CERTIFICATE OR PUBLIC KEY

    CHAIN

77. AFSECURITYPOLICY GITHUB.COM/AFNETWORKING

78. ZZZZZZZZ.....

79. LET'S MAKE SOMETHING

80. MULTIPEERCONNECTIVITY SECURITY CORE IMAGE AVFOUNDATION

81. MULTIPEERCONNECTIVITY

82. NSString *name = [[UIDevice currentDevice] name]; MCPeerID *localPeerID = [[MCPeerID

    alloc] initWithDisplayName:name];

83. MCNearbyServiceAdvertiser *advertiser = [[MCNearbyServiceAdvertiser alloc] initWithPeer:localPeerID discoveryInfo:nil serviceType:XXServiceType]; advertiser.delegate =

    self; [advertiser startAdvertisingPeer];

84. #pragma mark - MCNearbyServiceAdvertiserDelegate - (void)advertiser:(MCNearbyServiceAdvertiser *)advertiser didReceiveInvitationFromPeer:(MCPeerID *)peerID withContext:(NSData

    *)context invitationHandler:(void(^)(BOOL accept, MCSession *session))invitationHandler { if ([context isEqualToData:self.secret) { MCSession *session = [[MCSession alloc] initWithPeer:localPeerID securityIdentity:identity encryptionPreference:MCEncryptionRequired]; session.delegate = self; if (invitationHandler) { invitationHandler(YES, session); } } else { if (invitationHandler) { invitationHandler(NO, nil); } } }

85. NSString *message = @"Hello, World!"; NSData *data = [message dataUsingEncoding:NSUTF8StringEncoding];

    NSError *error = nil; if (![self.session sendData:data toPeers:peers withMode:MCSessionSendDataReliable error:&error]) { NSLog(@"[Error] %@", error); }

86. #pragma mark - MCSessionDelegate - (void)session:(MCSession *)session didReceiveData:(NSData *)data fromPeer:(MCPeerID

    *)peerID { NSString *message = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding]; NSLog(@"%@", message); }

87. SECURITY

88. SECURELY GETTING RANDOM BYTES NSUInteger length = 1024; NSMutableData *mutableData

    = [NSMutableData dataWithLength:length]; OSStatus success = SecRandomCopyBytes(kSecRandomDefault, length, mutableData.mutableBytes); __Require_noErr(success, exit);
89. None

90. COREIMAGE

91. NSData *oneTimePad; CIFilter *QRCodeGenerator = [CIFilter filterWithName:@"CIQRCodeGenerator"]; [QRCodeGenerator setValue:oneTimePad forKey:@"inputMessage"];

    [QRCodeGenerator setValue:@"H" forKey:@"inputCorrectionLevel"];

92. "ASCII ARMOR"

93. BASE64-ENCODING DATA SecTransformRef transform = SecEncodeTransformCreate(kSecBase64Encoding, NULL); SecTransformSetAttribute(transform, kSecTransformInputAttributeName, (__bridge

    CFDataRef)data, NULL); NSData *encodedData = (__bridge_transfer NSData *)SecTransformExecute(transform, NULL); CFRelease(transform);

94. AVFOUNDATION

95. AVCaptureSession *session = [[AVCaptureSession alloc] init]; AVCaptureDevice *device = [AVCaptureDevice

    defaultDeviceWithMediaType:AVMediaTypeVideo]; NSError *error = nil; AVCaptureDeviceInput *input = [AVCaptureDeviceInput deviceInputWithDevice:device error:&error]; if (input) { [session addInput:input]; } else { NSLog(@"Error: %@", error); } AVCaptureMetadataOutput *output = [[AVCaptureMetadataOutput alloc] init]; [session addOutput:output]; [output setMetadataObjectsDelegate:self queue:dispatch_get_main_queue()]; [output setMetadataObjectTypes:@[AVMetadataObjectTypeQRCode]]; [session startRunning];

96. - (void)captureOutput:(AVCaptureOutput *)captureOutput didOutputMetadataObjects:(NSArray *)metadataObjects fromConnection:(AVCaptureConnection *)connection { NSString *QRCode

    = nil; for (AVMetadataObject *metadata in metadataObjects) { if ([metadata.type isEqualToString:AVMetadataObjectTypeQRCode]) { QRCode = [(AVMetadataMachineReadableCodeObject *)metadata stringValue]; break; } } NSLog(@"QR Code: %@", QRCode); }

97. BASE64-DECODING DATA SecTransformRef transform = SecEncodeTransformCreate(kSecBase64Decoding, NULL); NSData *data =

    [QRCode dataUsingEncoding:NSUTF8StringEncoding]; SecTransformSetAttribute(transform, kSecTransformInputAttributeName, (__bridge CFDataRef)data, NULL); NSData *decodedData = (__bridge_transfer NSData *)SecTransformExecute(transform, NULL); CFRelease(transform);

98. (BUT SERIOUSLY, YOU'RE MUCH, MUCH BETTER OFF ROLLING AN EXISTING,

    TESTED SECURITY IMPLEMENTATION)

99. IN CONCLUSION

100. RESOURCES ▸ Apple's "Introduction to Secure Coding Guide" ▸ Stanford

     University Cryptography I on Coursera ▸ ChatSecure & OTRKit

101. THANKS! Stay Safe!