![Page 1: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/1.jpg)
CYBERSECURITY:ESSENTIALSDanielMedina—[email protected]
![Page 2: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/2.jpg)
ADMINISTRATION
Notes:h)ps://medina.github.io
Anyonenewjoin?
![Page 3: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/3.jpg)
NEWS
![Page 4: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/4.jpg)
RECAP
![Page 5: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/5.jpg)
CRYPTOGRAPHY
![Page 6: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/6.jpg)
SUBSTITUTION
ASECRETMESSAGE
XPBZOBQJBPPXDB
What’sthekey?
![Page 7: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/7.jpg)
TRANSPOSITION
ASECRETMESSAGE
RGAERESSTXESMXCA
What’sthekey?
ASECRETMESSAGEXX
AREGSESEETSXCMAX
RGAERESSTXESMXCA
RGAERESSTXESMXCA
![Page 8: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/8.jpg)
TRANSPOSITION&
SUBSTITUTION
![Page 9: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/9.jpg)
BITSBYTESCHARS
ASECRETMESSAGE
Sisacharacter
8-bitsbyteperchar
01010011
![Page 10: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/10.jpg)
AND,OR,XOR
![Page 11: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/11.jpg)
ONETIMEPAD
MessageXORKey=Encrypted
Length(KEY)==Length(MESSAGE)
![Page 12: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/12.jpg)
ONETIMEPAD
Message=BUY_|SELL|HOLD Key=4randomchars
EncryptedMessage=XOR(M,K)
M = 1010011 1000101 1001100 1001100 K = 0110101 0100100 0011111 1010110 E = 1100110 1100001 1010011 0011010
![Page 13: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/13.jpg)
ONETIMEPAD
Problems?
![Page 14: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/14.jpg)
DES
F has subs, trans, xor
Certified for gov’t use:NIST FIPS PUB 46
Tampering:S-BoxesKey length (64/56 bits)
![Page 15: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/15.jpg)
DES
What’sthekey?
(64-bits=>56-bits+8paritybits)
Problems?
AES:S$ckFigureGuide
![Page 16: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/16.jpg)
DIFFIEHELLMANKX
Keyexchange
Solvethekey-sharingproblem
![Page 17: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/17.jpg)
CryptoCharacters:
Alice&BobEve(passiveadversary)Mallory(aceveadversary)
Ilikethecookie-doughversionofthis…
![Page 18: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/18.jpg)
RSA
![Page 19: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/19.jpg)
RSA
Asymmetric System
Public Key
Private Key
A “hard” problem:factoring large #s
![Page 20: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/20.jpg)
HASHFUNCTIONSMD5:128bits,`md5`or`opensslmd5`
'IleaveallmyfortunetoAlice'|md519755c81218340ed42f575bff3691c57'IleaveallmyfortunetoBob'|md54b67189b91f32b8a12f968ea1989a8fe
#Thiswouldbebad'IleaveallmyvastfortunetoEve'|md519755c81218340ed42f575bff3691c57
![Page 21: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/21.jpg)
HASHFUNCTIONSSHA1:160bits,`shasum`or`opensslsha1`
echo'Hello,World'|shasum-a1#160bits4ab299c8ad6ed14f31923dd94f8b5f5cb89dfb54
echo'Hello,World'|shasum-a256#256bits8663bab6d124806b9727f89bb4ab9db4cbcc3862\f6bbf22024dfa7212aa4ab7d
echo'Hello,World'|shasum-a512#512bits44c4f73161332b2b058360310640c6704796ece7\6593e22ca32f76ccbc2c469d5b26ae64b996c781\65929ac1af7f9a0ae6132010c917f6b104196b86\48e108d3
![Page 22: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/22.jpg)
HYBRIDS
Weknowabout:SymmetricKeyEncrypeonAsymmetricKeyEncrypeon
KeyExchangeHashFunceons
Howtomixandmatch?
![Page 23: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/23.jpg)
SSL/TLS
ConfidentialityIntegrityAuthenticity
“Data in transit” security on the Internet
Increasingly attacked
![Page 24: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/24.jpg)
![Page 25: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/25.jpg)
![Page 26: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/26.jpg)
![Page 27: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/27.jpg)
![Page 28: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/28.jpg)
![Page 29: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/29.jpg)
![Page 30: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/30.jpg)
SSL/TLS
Lotsofbackgroundreadingsonthechallenges• Heartbleed,comic(SSL/TLSvulnerability)• AAacksonSSL(iSecPartners)• SSLObservatory(EFF)• Themostdangerouscodeintheworld• SSLLabs/SSLLabsGradingChangesJanuary2017• RogueCAs:fakinggoogle.com,geknghacked,andgenerallyfailing
![Page 31: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/31.jpg)
TOOLS
• opensslcommand-linetoolsforalmostallciphers,
hashes,andcombinaeons• Smallexercisewithopensslencrypeonmodes• SSLLabsprovidesexcellent“scoring”• SSLCheckerdecodecereficates• Let’sEncryptisafreeCAthatworkswithwebserverstogeneratecereficates
• Keybaseispublic/privatekeyhosengforpeople
![Page 32: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/32.jpg)
OTHERCRYPTOREADINGS
• Crypto101,onlinebookunderdevelopment• SecurityEngineering,RossAnderson• TheDebianPRNGBug,HDMoore(2008)• RandomnessandtheNetscapeBrowser(1996)• WindowsNTran$ngsfromtheL0pht(1997)• Encryp$ngtheWeb,EFF
![Page 33: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/33.jpg)
NSA,CIA,OTHERTLASThatcapability[oftheNSAandUSintelligencecommunity]atany$mecouldbeturnedaroundontheAmericanpeopleandnoAmericanwouldhaveanyprivacyleV.Therewouldbenoplacetohide.
Ifthisgovernmenteverbecameatyranny,thetechnologicalcapacitythattheintelligencecommunityhasgiventhegovernmentcouldenableittoimposetotaltyranny.Therewouldbenowaytofightback,becausethemostcarefulefforttocombinetogetherinresistancetothegovernment,nomaAerhowprivatelyitwasdone,iswithinthereachofthegovernmenttoknow.Suchisthecapacityofthistechnology.
Idon’twanttoseethiscountryevergoacrossthebridge.IknowthecapacitythatistheretomaketyrannytotalinAmerica,andwemustseetoitthatthisagencyandallagenciesthatpossessthistechnologyoperatewithinthelawandunderpropersupervisionsothatwenevercrossoverthatabyss.Thatistheabyssfromwhichthereisnoreturn
Sen.FrankChurch,1975,aquoteIknowfromDecryp$ngthePuzzlePalaceIusedtocallthisthe“scaryquote”.Nowit’scurrentevents.
![Page 34: CYBER SECURITY: ESSENTIALS · • openssl command-line tools for almost all ciphers, hashes, and combinaeons • Small exercise with openssl encrypeon modes • SSL Labs provides](https://reader031.vdocument.in/reader031/viewer/2022040304/5e9b5d0eabb5c769b16bb279/html5/thumbnails/34.jpg)