Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Don’t waste time on learning cryptography: bett...

vixentael
December 02, 2017
Programming
2
1.4k

Don’t waste time on learning cryptography: better use it properly

#crypto #security #trust

Presented at Owasp Winter 2017, Kyiv, Ukraine and at DevExperience18 in Iasi, Romania.

1. The typical engineering workflow "we should protect the data, what shall we do", and possible mistakes.
2. What is "boring crypto", what do we want from using crypto-products.
3. Possible solutions: HSM / TPM / software crypto.
4. How to select appropriate software crypto: libs, systems, containers.
5. We want crypto to be similar to the Edison lamp: controllable and boring system.

--------------------------------------

If you can't tap on the link inside slides, please open as pdf (button on the right).

--------------------------------------

Crypto in our lives: why you shouldn’t spend time learning all the details of the crypto-algorithms. Typical mistakes you make using crypto in your products. How to avoid late night commits, but to code 'fast and boring' instead.

--------------------------------------

Links to follow:

Boring crypto, Daniel J. Bernstein
https://cr.yp.to/talks/2015.10.05/slides-djb-20151005-a4.pdf

Why does cryptographic software fail?
https://pdos.csail.mit.edu/papers/cryptobugs:apsys14.pdf

API design for cryptography
https://2017.hack.lu/archive/2017/hacklu-crypto-api.pdf

Encrypting strings in Android: Let’s make better mistakes
https://tozny.com/blog/encrypting-strings-in-android-lets-make-better-mistakes/

Awesome crypto papers
https://github.com/pFarb/awesome-crypto-papers

12 And 1 Ideas How To Enhance Backend Data Security
https://www.cossacklabs.com/backend-data-security-modern-ideas.html

Attestation and Trusted Computing
https://courses.cs.washington.edu/courses/csep590/06wi/finalprojects/bare.pdf

vixentael

December 02, 2017
Tweet

More Decks by vixentael

See All by vixentael
Using YubiKey and FIDO U2F for secure authentication
vixentael
0
1.8k
Data is a new security boundary
vixentael
0
6.2k
Cryptographic protection of ML models
vixentael
0
2.9k
e2ee != security != privacy
vixentael
0
2.2k
Maintaining cryptographic library for 12 languages
vixentael
1
4k
10 lines of encryption, 1500 lines of key management
vixentael
2
1.7k
Security, privacy and cryptography at WWDC19
vixentael
1
730
Data encryption: CyberKids edition
vixentael
0
650
"Defense in depth": trench warfare principles for building secure distributed applications
vixentael
3
920

Other Decks in Programming

See All in Programming
TypeScript Graph でコードレビューの心理的障壁を乗り越える
ysk8hori
3
1.2k
Generative AI Use Cases JP (略称:GenU)奮闘記
hideg
1
300
Creating a Free Video Ad Network on the Edge
mizoguchicoji
0
120
距離関数を極める! / SESSIONS 2024
gam0022
0
290
受け取る人から提供する人になるということ
little_rubyist
0
250
.NET のための通信フレームワーク MagicOnion 入門 / Introduction to MagicOnion
mayuki
1
1.7k
RubyLSPのマルチバイト文字対応
notfounds
0
120
Better Code Design in PHP
afilina
PRO
0
130
3rd party scriptでもReactを使いたい! Preact + Reactのハイブリッド開発
righttouch
PRO
1
610
Webの技術スタックで マルチプラットフォームアプリ開発を可能にするElixirDesktopの紹介
thehaigo
2
1k
Pinia Colada が実現するスマートな非同期処理
naokihaba
4
230
NSOutlineView何もわからん:( 前編 / I Don't Understand About NSOutlineView :( Pt. 1
usagimaru
0
340

Featured

See All Featured
Building a Modern Day 
E-commerce SEO Strategy
aleyda
38
6.9k
Designing for humans not robots
tammielis
250
25k
What's new in Ruby 2.0
geeforr
343
31k
Into the Great Unknown - MozCon
thekraken
32
1.5k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
33
1.9k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
131
33k
GraphQLの誤解/rethinking-graphql
sonatard
67
10k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
229
52k
Navigating Team Friction
lara
183
14k
Building Flexible Design Systems
yeseniaperezcruz
327
38k
Bootstrapping a Software Product
garrettdimon
PRO
305
110k
Fontdeck: Realign not Redesign
paulrobertlloyd
82
5.2k

Transcript

  1. DON’T WASTE TIME ON LEARNING CRYPTOGRAPHY: BETTER USE IT PROPERLY

    #devexperience18 @vixentael

  2. @vixentael Product Engineer Feel free to reach me with security

    questions. I do check my inbox :)
  3. None

  4. We want to protect our users’ data

  5. We want developers to protect data

  6. We want to protect our users’ data HOW? We want

    developers to protect data

  7. WE HAVE USER DATA. WHAT SHALL WE DO?

  8. #devexperience18 @vixentael PROTECTING USER DATA: STEPS MISTAKES WE DO

  9. 1. DEFINING THE DATA SCOPE sensitive user data GDPR /

    HIPAA / PCI DSS tech data (keys, logs) #devexperience18 @vixentael

  10. 1. DEFINING THE DATA SCOPE sensitive user data GDPR /

    HIPAA / PCI DSS tech data (keys, logs) mistake 1. wrong scope definition #devexperience18 @vixentael

  11. 2. SELECTING ALGORITHM twofish sha1 des md5 #devexperience18 @vixentael

  12. twofish sha1 des md5 #owaspkyiv @vixentael 2. SELECTING ALGORITHM mistake

    2. bad algo selection

  13. THINGS TO DECIDE ON KEY LENGTH DATA SCOPE ALGORITHM #devexperience18

    @vixentael

  14. https://wiki.openssl.org/index.php/EVP_Symmetric_Encryption_and_Decryption 3. USING ALGORITHM #devexperience18 @vixentael

  15. https://wiki.openssl.org/index.php/EVP_Symmetric_Encryption_and_Decryption 3. USING ALGORITHM #devexperience18 @vixentael

  16. https://wiki.openssl.org/index.php/EVP_Symmetric_Encryption_and_Decryption 3. USING ALGORITHM mistake 3. wrong params #devexperience18 @vixentael

  17. THINGS TO DECIDE ON PADDING KEY LENGTH MODE DATA SCOPE

    ALGORITHM IV #devexperience18 @vixentael

  18. 4. KEY MANAGEMENT user password keys KDF #devexperience18 @vixentael

  19. 4. KEY MANAGEMENT user password keys KDF mistake 4. bad

    key management https://www.owasp.org/index.php/Key_Management_Cheat_Sheet #devexperience18 @vixentael

  20. THINGS TO DECIDE ON PADDING KEY LENGTH KEY ROTATION MODE

    KEY DERIVATION KEY STORAGE KEY EXCHANGE DATA SCOPE ALGORITHM IV KEY REVOCATION #devexperience18 @vixentael

  21. 5. INFRASTRUCTURE #devexperience18 @vixentael

  22. PADDING KEY LENGTH KEY ROTATION MODE KEY DERIVATION KEY STORAGE

    THINGS TO DECIDE ON KEY EXCHANGE BACKUPS PLATFORMS DATA SCOPE ALGORITHM IV KEY REVOCATION #devexperience18 @vixentael
  23. None

  24. https://pdos.csail.mit.edu/papers/cryptobugs:apsys14.pdf 269 CVEs from 2011-2014 17% 83% bugs inside crypto

    libs misuses of crypto libs by individual apps #devexperience18 @vixentael

  25. AS USERS WE WANT… more ciphers? #devexperience18 @vixentael

  26. AES DES 3DES CBC CFB SEAL Salsa20 RSA DSA #devexperience18

    @vixentael

  27. AES DES 3DES CBC CFB SEAL Salsa20 RSA DSA OFB

    SHARK RC4 DSS ECB CTR SEED Blowfish #devexperience18 @vixentael

  28. AES DES 3DES CBC CFB SEAL Salsa20 RSA DSA OFB

    Blowfish SHARK RC4 DSS ECB CTR Twofish Camelia SEED Rabbit ECDSA #devexperience18 @vixentael

  29. AS USERS WE WANT… more ciphers! more vulnerabilities! more side

    channel attacks! more attacks! more constant time checks :) more protocols! more patches! #devexperience18 @vixentael
  30. None

  31. EXCITING, BUT FOR CRYPTO RESEARCHERS ONLY

  32. AS USERS WE WANT… more ciphers! BORING CRYPTO #devexperience18 @vixentael

  33. BORING CRYPTO — crypto that simply works, solidly resists attacks,

    never needs any upgrades https://cr.yp.to/talks/2015.10.05/slides-djb-20151005-a4.pdf Daniel J. Bernstein #devexperience18 @vixentael

  34. BORING CRYPTO PLUG & PLAY #devexperience18 @vixentael

  35. WHAT DO WE WANT? instead of adjusting our resources —

    SOLVE USE-CASES!

  36. WHAT DO WE WANT? — HIGH-LEVEL FUNCTIONS I want to

    store data securely I want to send data securely I want to verify data integrity #devexperience18 @vixentael

  37. WHAT DO WE WANT? store data securely send data securely

    verify data integrity key derivation key exchange key rotation sign/verify ephemeral keys encr / decr — HIGH-LEVEL FUNCTIONS #devexperience18 @vixentael

  38. NOBODY READS DOCS #devexperience18 @vixentael

  39. NOBODY READS DOCS “docs are for experts” “I just want

    to try” “gimme code!” #devexperience18 @vixentael

  40. 1. HOW TO START? pod try BoringSSL cmake -DANDROID_ABI=armeabi-v7a \

    -DCMAKE_TOOLCHAIN_FILE=../third_party/ android-cmake/android.toolchain.cmake \ -DANDROID_NATIVE_API_LEVEL=16 \ -GNinja .. https://boringssl.googlesource.com/boringssl/+/HEAD/BUILDING.md #devexperience18 @vixentael

  41. easy, architecture-independent installation 1. HOW TO START? #devexperience18 @vixentael

  42. 2. SUPPORTED PLATFORMS? *nix OSX web browsers embedded iOS Android

    Windows minimum expected: #devexperience18 @vixentael

  43. cross-platform is not an option anymore cross-platform is a must

    have 2. SUPPORTED PLATFORMS? #devexperience18 @vixentael

  44. OPTIONS WE HAVE

  45. #owaspkyiv @vixentael HSM

  46. HARDWARE SECURITY MODULE key generation provides cryptoprocessing key storage portable

    #devexperience18 @vixentael

  47. #owaspkyiv @vixentael TRUSTED PLATFORM MODULE key management disk protection trust

    anchor built-in remote attestation provides cryptoprimitives

  48. HSM & TPM: PROS fast hardware crypto! trusted environment known

    security guarantees keys calculations #devexperience18 @vixentael

  49. HSM & TPM: CONS vendor lock / vendor trust bad

    for interactive encryption complicated to maintain (install, upgrade, support, not cross-platform) #devexperience18 @vixentael

  50. HSM & TPM: PRO & CONS HSM app plaintext data

    plaintext data is far away from the place it is used #devexperience18 @vixentael

  51. SOFTWARE CRYPTO SYSTEMS https://github.com/sobolevn/awesome-cryptography any kind of encryption plaintext data

    is closer to its usage cross-platform

  52. https://github.com/sobolevn/awesome-cryptography SOFTWARE CRYPTO SYSTEMS any kind of encryption plaintext data

    is closer to its usage cross-platform NO DEVICE TRUST

  53. WEBBROWSER CRYPTO: CONS DOM, XSS, NO CODE TRUST #devexperience18 @vixentael

  54. HSM/TPM + SOFTWARE CS keys calculations TPM / own software

    cross-platform take best from both #devexperience18 @vixentael HSM
  55. None

  56. cross-platform easy to install easy to use USING CRYPTO SHOULD

    BE LIKE.. audited open source time proven well-documented #devexperience18 @vixentael

  57. crypto-libraries crypto-systems boxed solutions FORM-FACTOR STAIRS

  58. #devexperience18 @vixentael

  59. 1. CRYPTO-LIBS implements single or multiple security functions #devexperience18 @vixentael

    https://github.com/sobolevn/awesome-cryptography

  60. 1. CRYPTO-LIBS libsodium themis https://github.com/sobolevn/awesome-cryptography implements single or multiple security

    functions keyczar noise #devexperience18 @vixentael

  61. EXAMPLE https://github.com/cossacklabs/themis/wiki/Python-Howto secure messaging with forward secrecy #devexperience18 @vixentael

  62. 2. CRYPTO-SYSTEMS combines security functions for solving exact use-case #devexperience18

    @vixentael

  63. 2. CRYPTO-SYSTEMS axolotl hermes combines security functions for solving exact

    use-case SSL/TLS ZeroKit #devexperience18 @vixentael

  64. EXAMPLE https://github.com/cossacklabs/hermes-core/wiki/Python-tutorial data access control based on crypto-keys python docs/examples/python/hermes_client.py

    --id USER1 --config=docs/examples/python/config.json --private_key USER1.priv --doc secretfile --read #devexperience18 @vixentael

  65. 3. BOXED SOLUTIONS unites crypto-systems and user functions for solving

    problems #devexperience18 @vixentael

  66. 3. BOXED SOLUTIONS truecrypt ssh acra vault unites crypto-systems and

    user functions for solving problems #devexperience18 @vixentael

  67. EXAMPLE https://github.com/cossacklabs/acra/wiki/Trying-Acra-with-Docker database proxy for encrypting / decrypting git clone

    https://github.com/cossacklabs/acra cd acra/docker docker-compose -f acra-pgsql-ssl-proxy.yml up -d #devexperience18 @vixentael

  68. CAN I SOLVE MY USE-CASE USING… boxed solutions

  69. CAN I SOLVE MY USE-CASE USING… crypto-libraries crypto-systems boxed solutions

    more pain

  70. CAN I SOLVE MY USE-CASE USING… crypto-libraries crypto-systems boxed solutions

    more pain even more pain

  71. https://www.cossacklabs.com/choose-your-ios-crypto.html

  72. THE WORLD DOESN’T HAVE A PROBLEM WITH NEW CRYPTO-ALGORITHMS.

  73. THE WORLD DOESN’T HAVE A PROBLEM WITH NEW CRYPTO-ALGORITHMS. PROBLEM

    IS THAT THEY ARE NOT BORING ENOUGH

  74. #devexperience18 @vixentael

  75. VS #devexperience18 @vixentael

  76. make the light controllable #devexperience18 @vixentael

  77. #devexperience18 @vixentael

  78. make the crypto security controllable #devexperience18 @vixentael

  79. make the crypto security controllable and booooring #devexperience18 @vixentael

  80. #owaspkyiv @vixentael

  81. LINKS 1 Boring crypto, Daniel J. Bernstein https://cr.yp.to/talks/2015.10.05/slides-djb-20151005-a4.pdf Why does

    cryptographic software fail? https://pdos.csail.mit.edu/papers/cryptobugs:apsys14.pdf API design for cryptography https://2017.hack.lu/archive/2017/hacklu-crypto-api.pdf

  82. LINKS 2 Encrypting strings in Android: Let’s make better mistakes

    https://tozny.com/blog/encrypting-strings-in-android-lets-make-better-mistakes/ Awesome crypto papers https://github.com/pFarb/awesome-crypto-papers 12 And 1 Ideas How To Enhance Backend Data Security https://www.cossacklabs.com/backend-data-security-modern-ideas.html Attestation and Trusted Computing https://courses.cs.washington.edu/courses/csep590/06wi/finalprojects/bare.pdf

  83. MY OTHER SECURITY SLIDES https://github.com/ vixentael/my-talks …and more

  84. @vixentael Product Engineer Feel free to reach me with security

    questions. I do check my inbox :)