![Page 1: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/1.jpg)
Practical SecurityRob Napier
github.com/rnapier/practical-security
![Page 2: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/2.jpg)
Encrypt Your Traffic
![Page 3: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/3.jpg)
HTTPS
• Payload Encryption • URL Encryption • Cookie Encryption • Server Authentication • Session Hijack Prevention • Replay Attack Prevention
![Page 4: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/4.jpg)
App Transport SecurityLeave it alone
![Page 5: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/5.jpg)
Certificate Pinning
![Page 6: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/6.jpg)
A Lot of Trust
You Expect... » Verisign » Network Solutions » Thawte » RSA » Digital Signature Trust
But Also... » AOL, Cisco, Apple, ... » US, Japan, Taiwan, ... » Camerfirma, Dhimyotis,
Echoworx, QuoVadis, Sertifitseerimiskeskus, Starfield, Vaestorekisterikeskus, ...
![Page 7: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/7.jpg)
It’s always riskier to trust yourself and someone else, than to just
trust yourself.
![Page 8: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/8.jpg)
Certificate Pinning
![Page 9: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/9.jpg)
try! validator = CertificateValidator( certificateURL: certificateURL)
session = URLSession(configuration: .default, delegate: validator, delegateQueue: nil)
task = session.dataTask(with: URLRequest(url: fetchURL)) { // ... }
https://github.com/rnapier/CertificateValidator
![Page 10: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/10.jpg)
https://github.com/rnapier/CertificateValidator
https://talk.objc.io/episodes/S01E57-certificate-pinning
https://github.com/datatheorem/TrustKit
![Page 11: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/11.jpg)
10 2 3 4 5Switch Switch
Certificate Rotation
…
![Page 12: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/12.jpg)
Encrypt Your Traffic
» Use HTTPS for all traffic » Pin your certs » Rotate certs regularly
https://github.com/rnapier/CertificateValidator
https://talk.objc.io/episodes/S01E57-certificate-pinning
https://github.com/datatheorem/TrustKit
![Page 13: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/13.jpg)
Data Protection
![Page 14: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/14.jpg)
iOS Encryption
Device Encryption
Data Protection
![Page 15: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/15.jpg)
Data Protection (Simplified)
NSFileProtectionComplete
• • • •I can see by my watch, without taking my hand from the left grip of the cycle,
SSBjYW4gc2VlIGJ5IG15IHdhdGNoLCB3aXRob3V0IHRha2luZyBteSBoYW5kIGZ
![Page 16: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/16.jpg)
Data Protection (Simplified)
NSFileProtectionComplete
• • • •I can see by my watch, without taking my hand from the left grip of the cycle,
SSBjYW4gc2VlIGJ5IG15IHdhdGNoLCB3aXRob3V0IHRha2luZyBteSBoYW5kIGZ
![Page 17: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/17.jpg)
Protection Levels
» Complete » Complete Unless Open » Complete Until First User Authentication
![Page 18: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/18.jpg)
How Easy?
![Page 19: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/19.jpg)
Data Protection In Code
extension FileManager { func protectFileAtPath(path: String) throws { try setAttributes([ .protectionKey: FileProtectionType.completeUnlessOpen ], ofItemAtPath: path) } }
try data.write(to: url, options: .completeFileProtectionUnlessOpen)
![Page 20: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/20.jpg)
applicationProtectedDataWillBecomeUnavailable(UIApplication) applicationProtectedDataDidBecomeAvailable(UIApplication)
UIApplicationProtectedDataWillBecomeUnavailable UIApplicationProtectedDataDidBecomeAvailable
var isProtectedDataAvailable: Bool { get }
UIApplicationDelegate Methods
UIApplication Notifications
UIApplication Methods
![Page 21: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/21.jpg)
https://www.apple.com/business/docs/iOS_Security_Guide.pdf
![Page 22: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/22.jpg)
Data Protection
» Turn it on automatically in Xcode » Use Complete by default » For background file access, try to use
CompleteUnlessOpen » Upgrade to Complete as soon as you can
https://www.apple.com/business/docs/iOS_Security_Guide.pdf
![Page 23: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/23.jpg)
Handling Passwords
![Page 24: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/24.jpg)
Hashing
S3kr3t! d39ee8e54a...Password Hash
![Page 25: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/25.jpg)
Choose Your Hash
SHA-2SHA-224 SHA-256 SHA-384 SHA-512
SHA-512/224 SHA-512/256
![Page 26: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/26.jpg)
Choose Your Hash
SHA-2SHA-224 SHA-256 SHA-384 SHA-512
SHA-512/224 SHA-512/256
![Page 27: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/27.jpg)
What went wrong At LinkedIn?
d39ee8e54ac7f65311676d0cb92ec248319f7d27
Passw0rd 2acf37c868c0dd80513a4efa9ab4b4444a4d5c94
MyPass b97698a2b0bf77a3e31e089ac5d43e96a8c34132
S3kr3t! d39ee8e54ac7f65311676d0cb92ec248319f7d27
... ...
![Page 28: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/28.jpg)
Salting
d39ee8e54ac7f65311676d0cb92ec248319f7d27S3kr3t!
Site 1
d39ee8e54ac7f65311676d0cb92ec248319f7d27S3kr3t!
Site 2
![Page 29: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/29.jpg)
Salting
48fc6c1a82882c0084185c3e6f317d6cdabfbc88XXX:S3kr3t!
Site 1
7802cd6060f13349da21652e4bc8cd31e3058842YYY:S3kr3t!
Site 2
![Page 31: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/31.jpg)
Stretching
» Real passwords are easy to guess » To protect against that, make guessing
expensive
![Page 32: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/32.jpg)
Time To Crack
Guesses per second
Crack 8-char password
Native 1 billion 2 months
+80ms/guess 12.5 15 million years
![Page 33: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/33.jpg)
PBKDF2import CryptoSwift
let password = Array(“s33krit".utf8)
let salt = Array( "com.example.MyGreatSite:[email protected]".utf8)
let bytes = try PKCS5.PBKDF2(password: password, salt: salt, iterations: 10000, variant: .sha256).calculate()
let data = Data(bytes: bytes)
https://github.com/krzyzanowskim/CryptoSwift
![Page 34: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/34.jpg)
Store a Hash
» Before storing the key in the database, hash it one more time with SHA-2
![Page 35: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/35.jpg)
Good Password Handling
» Hash to hide the password » Salt to make your hashes unique » Stretch to make guessing slow » Hash once more before storing
![Page 36: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/36.jpg)
Correct AES Encryption
![Page 38: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/38.jpg)
Using RNCryptor
// Encryption let data: NSData = ... let password = "Secret password" let ciphertext = RNCryptor.encryptData(data, password: password)
// Decryption do { let originalData = try RNCryptor.decryptData(ciphertext, password: password) // ... } catch { . . . }
![Page 39: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/39.jpg)
RNCryptor Ports
» Swift » Objective-C » ANSI C » C++ » C# » Erlang » Go
» Haskell » Java » PHP » Python » JavaScript » Ruby
![Page 40: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/40.jpg)
What is Correct AES?
Hold that thought…
![Page 41: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/41.jpg)
P1 P2 P3 P4
P5 P6 P7 P8
P9 P10
P11
P12P1
3P14
P15
P16
C1 C2 C3 C4
C5 C6 C7 C8
C9 C10 C11 C12
C13 C14 C15 C16
Key
Encrypt
P1 P2 P3 P4
P5 P6 P7 P8
P9 P10
P11
P12P1
3P14
P15
P16
C1 C2 C3 C4
C5 C6 C7 C8
C9 C10 C11 C12
C13 C14 C15 C16
Key
Decrypt
![Page 42: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/42.jpg)
The Helpers
» Key Generation » Block Cipher Modes » Authentication
![Page 43: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/43.jpg)
Incorrect Key Generation// This is broken NSString *password = @"P4ssW0rd!";
char key[kCCKeySizeAES256+1]; bzero(key, sizeof(key)); [key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding]; // This is broken
» Truncates long passwords » Uses only a tiny part of the key space » Best case is ~ 0.00001% of a 128-bit key.
![Page 44: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/44.jpg)
Use a PBKDF (scrypt, bcrypt, PBKDF2)
![Page 45: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/45.jpg)
To be a secure password-based format, we need a salt for
PBKDF2. Ideally it should be totally random.
![Page 46: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/46.jpg)
Initialization VectorAnd Modes of Operation
![Page 47: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/47.jpg)
Insecure
![Page 49: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/49.jpg)
![Page 50: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/50.jpg)
So much confusion from one comment
CCCryptorStatus CCCryptorCreate( CCOperation op, /* kCCEncrypt, etc. */ CCAlgorithm alg, /* kCCAlgorithmDES, etc. */ CCOptions options, /* kCCOptionPKCS7Padding, etc. */ const void *key, /* raw key material */ size_t keyLength, const void *iv, /* optional initialization vector */ CCCryptorRef *cryptorRef) /* RETURNED */ __OSX_AVAILABLE_STARTING(__MAC_10_4, __IPHONE_2_0);
Use an unpredictable IV, not NULL.
![Page 51: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/51.jpg)
To be a secure format with CBC, we need a random IV.
![Page 52: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/52.jpg)
Unauthenticated Encryption
![Page 53: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/53.jpg)
Hash Based Message Authentication Code
![Page 54: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/54.jpg)
To be a secure format using CBC, we need an HMAC.
![Page 55: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/55.jpg)
Encryption Pitfalls
» Poor KDF choice » Truncating multi-byte
passwords » Insufficiently random salt » Key truncation » Poor block cipher mode
choice » Predictable IV » No HMAC » Failure to HMAC entire
message
» Poor cipher choice » Key/IV reuse » Failure to validate
padding » Failure to validate HMAC » Length-extension attacks » Timing attacks » Side-channel attacks » Ciphertext truncation
attacks
![Page 56: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/56.jpg)
Encryption Pitfalls
» Poor KDF choice » Truncating multi-byte
passwords » Insufficiently random salt » Key truncation » Poor block cipher mode
choice » Predictable IV » No HMAC » Failure to HMAC entire
message
» Poor cipher choice » Key/IV reuse » Failure to validate
padding » Failure to validate HMAC » Length-extension attacks » Timing attacks » Side-channel attacks » Ciphertext truncation
attacks
![Page 57: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/57.jpg)
Don’t build your own AES format
![Page 58: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/58.jpg)
» Key-Derivation Function (PBKDF2) » Proper Mode (usually CBC) » Random Initialization Vector » Authentication (HMAC or authenticated
mode)
AES Best Practice
![Page 59: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/59.jpg)
Practical Security
» Encrypt your traffic with SSL » Pin and verify your certs (CertificateValidator) » Encrypt your files with ProtectionComplete » Salt and stretch your passwords » Use AES securely
![Page 60: Practical Security - Developer Summit...PBKDF2 import CryptoSwift let password = Array(“s33krit".utf8) let salt = Array("com.example.MyGreatSite:robnapier@gmail.com".utf8) let bytes](https://reader035.vdocument.in/reader035/viewer/2022062219/5fb404403d54db70af3b5f2a/html5/thumbnails/60.jpg)
github.com/rnapier/practical-security
@cocoaphony
robnapier.net