Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Don’t waste time on learning cryptography: bett...

vixentael
December 02, 2017
Programming
2
1.4k

Don’t waste time on learning cryptography: better use it properly

#crypto #security #trust

Presented at Owasp Winter 2017, Kyiv, Ukraine and at DevExperience18 in Iasi, Romania.

1. The typical engineering workflow "we should protect the data, what shall we do", and possible mistakes.
2. What is "boring crypto", what do we want from using crypto-products.
3. Possible solutions: HSM / TPM / software crypto.
4. How to select appropriate software crypto: libs, systems, containers.
5. We want crypto to be similar to the Edison lamp: controllable and boring system.

--------------------------------------

If you can't tap on the link inside slides, please open as pdf (button on the right).

--------------------------------------

Crypto in our lives: why you shouldn’t spend time learning all the details of the crypto-algorithms. Typical mistakes you make using crypto in your products. How to avoid late night commits, but to code 'fast and boring' instead.

--------------------------------------

Links to follow:

Boring crypto, Daniel J. Bernstein
https://cr.yp.to/talks/2015.10.05/slides-djb-20151005-a4.pdf

Why does cryptographic software fail?
https://pdos.csail.mit.edu/papers/cryptobugs:apsys14.pdf

API design for cryptography
https://2017.hack.lu/archive/2017/hacklu-crypto-api.pdf

Encrypting strings in Android: Let’s make better mistakes
https://tozny.com/blog/encrypting-strings-in-android-lets-make-better-mistakes/

Awesome crypto papers
https://github.com/pFarb/awesome-crypto-papers

12 And 1 Ideas How To Enhance Backend Data Security
https://www.cossacklabs.com/backend-data-security-modern-ideas.html

Attestation and Trusted Computing
https://courses.cs.washington.edu/courses/csep590/06wi/finalprojects/bare.pdf

vixentael

December 02, 2017
Tweet

More Decks by vixentael

See All by vixentael
Using YubiKey and FIDO U2F for secure authentication
vixentael
0
1.8k
Data is a new security boundary
vixentael
0
6.1k
Cryptographic protection of ML models
vixentael
0
2.9k
e2ee != security != privacy
vixentael
0
2.2k
Maintaining cryptographic library for 12 languages
vixentael
1
3.9k
10 lines of encryption, 1500 lines of key management
vixentael
2
1.7k
Security, privacy and cryptography at WWDC19
vixentael
1
720
Data encryption: CyberKids edition
vixentael
0
640
"Defense in depth": trench warfare principles for building secure distributed applications
vixentael
3
920

Other Decks in Programming

See All in Programming
JaSST 24 九州:ワークショップ(は除く) 実践!マインドマップを活用したソフトウェアテスト+活用事例
satohiroyuki
0
260
推し活の ハイトラフィックに立ち向かう Railsとアーキテクチャ - Kaigi on Rails 2024
falcon8823
6
2.2k
Googleのテストサイズを活用したテスト環境の構築
toms74209200
0
270
Vue SFCのtemplateでTypeScriptの型を活用しよう
tsukkee
3
1.5k
PagerDuty を軸にした On-Call 構築と運用課題の解決 / PagerDuty Japan Community Meetup 4
horimislime
1
110
Vitest Browser Mode への期待 / Vitest Browser Mode
odanado
PRO
2
1.7k
約9000個の自動テストの 時間を50分->10分に短縮 Flakyテストを1%以下に抑えた話
hatsu38
23
11k
Kubernetes for Data Engineers: Building Scalable, Reliable Data Pipelines
sucitw
1
200
カスタムしながら理解するGraphQL Connection
yanagii
1
1.2k
Kaigi on Rails 2024 - Rails APIモードのためのシンプルで効果的なCSRF対策 / kaigionrails-2024-csrf
corocn
5
3.4k
現場で役立つモデリング 超入門
masuda220
PRO
13
2.9k
ピラミッド、アイスクリームコーン、SMURF: 自動テストの最適バランスを求めて / Pyramid Ice-Cream-Cone and SMURF
twada
PRO
9
1k

Featured

See All Featured
Product Roadmaps are Hard
iamctodd
PRO
48
10k
KATA
mclloyd
29
13k
Principles of Awesome APIs and How to Build Them.
keavy
126
17k
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
3
370
Documentation Writing (for coders)
carmenintech
65
4.4k
Scaling GitHub
holman
458
140k
Building Adaptive Systems
keathley
38
2.2k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
328
21k
Designing for Performance
lara
604
68k
Bash Introduction
62gerente
608
210k
Measuring & Analyzing Core Web Vitals
bluesmoon
1
41
Navigating Team Friction
lara
183
14k

Transcript

  1. DON’T WASTE TIME ON LEARNING CRYPTOGRAPHY: BETTER USE IT PROPERLY

    #devexperience18 @vixentael

  2. @vixentael Product Engineer Feel free to reach me with security

    questions. I do check my inbox :)
  3. None

  4. We want to protect our users’ data

  5. We want developers to protect data

  6. We want to protect our users’ data HOW? We want

    developers to protect data

  7. WE HAVE USER DATA. WHAT SHALL WE DO?

  8. #devexperience18 @vixentael PROTECTING USER DATA: STEPS MISTAKES WE DO

  9. 1. DEFINING THE DATA SCOPE sensitive user data GDPR /

    HIPAA / PCI DSS tech data (keys, logs) #devexperience18 @vixentael

  10. 1. DEFINING THE DATA SCOPE sensitive user data GDPR /

    HIPAA / PCI DSS tech data (keys, logs) mistake 1. wrong scope definition #devexperience18 @vixentael

  11. 2. SELECTING ALGORITHM twofish sha1 des md5 #devexperience18 @vixentael

  12. twofish sha1 des md5 #owaspkyiv @vixentael 2. SELECTING ALGORITHM mistake

    2. bad algo selection

  13. THINGS TO DECIDE ON KEY LENGTH DATA SCOPE ALGORITHM #devexperience18

    @vixentael

  14. https://wiki.openssl.org/index.php/EVP_Symmetric_Encryption_and_Decryption 3. USING ALGORITHM #devexperience18 @vixentael

  15. https://wiki.openssl.org/index.php/EVP_Symmetric_Encryption_and_Decryption 3. USING ALGORITHM #devexperience18 @vixentael

  16. https://wiki.openssl.org/index.php/EVP_Symmetric_Encryption_and_Decryption 3. USING ALGORITHM mistake 3. wrong params #devexperience18 @vixentael

  17. THINGS TO DECIDE ON PADDING KEY LENGTH MODE DATA SCOPE

    ALGORITHM IV #devexperience18 @vixentael

  18. 4. KEY MANAGEMENT user password keys KDF #devexperience18 @vixentael

  19. 4. KEY MANAGEMENT user password keys KDF mistake 4. bad

    key management https://www.owasp.org/index.php/Key_Management_Cheat_Sheet #devexperience18 @vixentael

  20. THINGS TO DECIDE ON PADDING KEY LENGTH KEY ROTATION MODE

    KEY DERIVATION KEY STORAGE KEY EXCHANGE DATA SCOPE ALGORITHM IV KEY REVOCATION #devexperience18 @vixentael

  21. 5. INFRASTRUCTURE #devexperience18 @vixentael

  22. PADDING KEY LENGTH KEY ROTATION MODE KEY DERIVATION KEY STORAGE

    THINGS TO DECIDE ON KEY EXCHANGE BACKUPS PLATFORMS DATA SCOPE ALGORITHM IV KEY REVOCATION #devexperience18 @vixentael
  23. None

  24. https://pdos.csail.mit.edu/papers/cryptobugs:apsys14.pdf 269 CVEs from 2011-2014 17% 83% bugs inside crypto

    libs misuses of crypto libs by individual apps #devexperience18 @vixentael

  25. AS USERS WE WANT… more ciphers? #devexperience18 @vixentael

  26. AES DES 3DES CBC CFB SEAL Salsa20 RSA DSA #devexperience18

    @vixentael

  27. AES DES 3DES CBC CFB SEAL Salsa20 RSA DSA OFB

    SHARK RC4 DSS ECB CTR SEED Blowfish #devexperience18 @vixentael

  28. AES DES 3DES CBC CFB SEAL Salsa20 RSA DSA OFB

    Blowfish SHARK RC4 DSS ECB CTR Twofish Camelia SEED Rabbit ECDSA #devexperience18 @vixentael

  29. AS USERS WE WANT… more ciphers! more vulnerabilities! more side

    channel attacks! more attacks! more constant time checks :) more protocols! more patches! #devexperience18 @vixentael
  30. None

  31. EXCITING, BUT FOR CRYPTO RESEARCHERS ONLY

  32. AS USERS WE WANT… more ciphers! BORING CRYPTO #devexperience18 @vixentael

  33. BORING CRYPTO — crypto that simply works, solidly resists attacks,

    never needs any upgrades https://cr.yp.to/talks/2015.10.05/slides-djb-20151005-a4.pdf Daniel J. Bernstein #devexperience18 @vixentael

  34. BORING CRYPTO PLUG & PLAY #devexperience18 @vixentael

  35. WHAT DO WE WANT? instead of adjusting our resources —

    SOLVE USE-CASES!

  36. WHAT DO WE WANT? — HIGH-LEVEL FUNCTIONS I want to

    store data securely I want to send data securely I want to verify data integrity #devexperience18 @vixentael

  37. WHAT DO WE WANT? store data securely send data securely

    verify data integrity key derivation key exchange key rotation sign/verify ephemeral keys encr / decr — HIGH-LEVEL FUNCTIONS #devexperience18 @vixentael

  38. NOBODY READS DOCS #devexperience18 @vixentael

  39. NOBODY READS DOCS “docs are for experts” “I just want

    to try” “gimme code!” #devexperience18 @vixentael

  40. 1. HOW TO START? pod try BoringSSL cmake -DANDROID_ABI=armeabi-v7a \

    -DCMAKE_TOOLCHAIN_FILE=../third_party/ android-cmake/android.toolchain.cmake \ -DANDROID_NATIVE_API_LEVEL=16 \ -GNinja .. https://boringssl.googlesource.com/boringssl/+/HEAD/BUILDING.md #devexperience18 @vixentael

  41. easy, architecture-independent installation 1. HOW TO START? #devexperience18 @vixentael

  42. 2. SUPPORTED PLATFORMS? *nix OSX web browsers embedded iOS Android

    Windows minimum expected: #devexperience18 @vixentael

  43. cross-platform is not an option anymore cross-platform is a must

    have 2. SUPPORTED PLATFORMS? #devexperience18 @vixentael

  44. OPTIONS WE HAVE

  45. #owaspkyiv @vixentael HSM

  46. HARDWARE SECURITY MODULE key generation provides cryptoprocessing key storage portable

    #devexperience18 @vixentael

  47. #owaspkyiv @vixentael TRUSTED PLATFORM MODULE key management disk protection trust

    anchor built-in remote attestation provides cryptoprimitives

  48. HSM & TPM: PROS fast hardware crypto! trusted environment known

    security guarantees keys calculations #devexperience18 @vixentael

  49. HSM & TPM: CONS vendor lock / vendor trust bad

    for interactive encryption complicated to maintain (install, upgrade, support, not cross-platform) #devexperience18 @vixentael

  50. HSM & TPM: PRO & CONS HSM app plaintext data

    plaintext data is far away from the place it is used #devexperience18 @vixentael

  51. SOFTWARE CRYPTO SYSTEMS https://github.com/sobolevn/awesome-cryptography any kind of encryption plaintext data

    is closer to its usage cross-platform

  52. https://github.com/sobolevn/awesome-cryptography SOFTWARE CRYPTO SYSTEMS any kind of encryption plaintext data

    is closer to its usage cross-platform NO DEVICE TRUST

  53. WEBBROWSER CRYPTO: CONS DOM, XSS, NO CODE TRUST #devexperience18 @vixentael

  54. HSM/TPM + SOFTWARE CS keys calculations TPM / own software

    cross-platform take best from both #devexperience18 @vixentael HSM
  55. None

  56. cross-platform easy to install easy to use USING CRYPTO SHOULD

    BE LIKE.. audited open source time proven well-documented #devexperience18 @vixentael

  57. crypto-libraries crypto-systems boxed solutions FORM-FACTOR STAIRS

  58. #devexperience18 @vixentael

  59. 1. CRYPTO-LIBS implements single or multiple security functions #devexperience18 @vixentael

    https://github.com/sobolevn/awesome-cryptography

  60. 1. CRYPTO-LIBS libsodium themis https://github.com/sobolevn/awesome-cryptography implements single or multiple security

    functions keyczar noise #devexperience18 @vixentael

  61. EXAMPLE https://github.com/cossacklabs/themis/wiki/Python-Howto secure messaging with forward secrecy #devexperience18 @vixentael

  62. 2. CRYPTO-SYSTEMS combines security functions for solving exact use-case #devexperience18

    @vixentael

  63. 2. CRYPTO-SYSTEMS axolotl hermes combines security functions for solving exact

    use-case SSL/TLS ZeroKit #devexperience18 @vixentael

  64. EXAMPLE https://github.com/cossacklabs/hermes-core/wiki/Python-tutorial data access control based on crypto-keys python docs/examples/python/hermes_client.py

    --id USER1 --config=docs/examples/python/config.json --private_key USER1.priv --doc secretfile --read #devexperience18 @vixentael

  65. 3. BOXED SOLUTIONS unites crypto-systems and user functions for solving

    problems #devexperience18 @vixentael

  66. 3. BOXED SOLUTIONS truecrypt ssh acra vault unites crypto-systems and

    user functions for solving problems #devexperience18 @vixentael

  67. EXAMPLE https://github.com/cossacklabs/acra/wiki/Trying-Acra-with-Docker database proxy for encrypting / decrypting git clone

    https://github.com/cossacklabs/acra cd acra/docker docker-compose -f acra-pgsql-ssl-proxy.yml up -d #devexperience18 @vixentael

  68. CAN I SOLVE MY USE-CASE USING… boxed solutions

  69. CAN I SOLVE MY USE-CASE USING… crypto-libraries crypto-systems boxed solutions

    more pain

  70. CAN I SOLVE MY USE-CASE USING… crypto-libraries crypto-systems boxed solutions

    more pain even more pain

  71. https://www.cossacklabs.com/choose-your-ios-crypto.html

  72. THE WORLD DOESN’T HAVE A PROBLEM WITH NEW CRYPTO-ALGORITHMS.

  73. THE WORLD DOESN’T HAVE A PROBLEM WITH NEW CRYPTO-ALGORITHMS. PROBLEM

    IS THAT THEY ARE NOT BORING ENOUGH

  74. #devexperience18 @vixentael

  75. VS #devexperience18 @vixentael

  76. make the light controllable #devexperience18 @vixentael

  77. #devexperience18 @vixentael

  78. make the crypto security controllable #devexperience18 @vixentael

  79. make the crypto security controllable and booooring #devexperience18 @vixentael

  80. #owaspkyiv @vixentael

  81. LINKS 1 Boring crypto, Daniel J. Bernstein https://cr.yp.to/talks/2015.10.05/slides-djb-20151005-a4.pdf Why does

    cryptographic software fail? https://pdos.csail.mit.edu/papers/cryptobugs:apsys14.pdf API design for cryptography https://2017.hack.lu/archive/2017/hacklu-crypto-api.pdf

  82. LINKS 2 Encrypting strings in Android: Let’s make better mistakes

    https://tozny.com/blog/encrypting-strings-in-android-lets-make-better-mistakes/ Awesome crypto papers https://github.com/pFarb/awesome-crypto-papers 12 And 1 Ideas How To Enhance Backend Data Security https://www.cossacklabs.com/backend-data-security-modern-ideas.html Attestation and Trusted Computing https://courses.cs.washington.edu/courses/csep590/06wi/finalprojects/bare.pdf

  83. MY OTHER SECURITY SLIDES https://github.com/ vixentael/my-talks …and more

  84. @vixentael Product Engineer Feel free to reach me with security

    questions. I do check my inbox :)