sunshinephp 2017: tales from the crypt - a cryptography primer
TRANSCRIPT
![Page 1: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/1.jpg)
Tales From the CryptA Cryptography Primer
Adam Englander, iovation@adam_englander
![Page 2: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/2.jpg)
@adam_englander
I am a Virtual Crime Fighter
![Page 3: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/3.jpg)
@adam_englander
I am a lover of PHP
![Page 4: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/4.jpg)
@adam_englander
I Am Not…
• … a security researcher
• … a cryptographer
• … a mathematician
![Page 5: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/5.jpg)
@adam_englander
What To Expect• Gain a working understanding of common
terms used in cryptography.
• Understand the key drivers for choosing cryptography methodologies, algorithms and strengths.
• Know which PHP modules to use.
![Page 6: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/6.jpg)
@adam_englander
What Is Cryptography?
Cryptography…isthepracticeandstudyoftechniquesforsecurecommunicationinthepresenceofthirdpartiescalledadversaries.
Wikipedia
![Page 7: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/7.jpg)
@adam_englander
My Definition of Cryptography
Cryptographyobscuresdatainsuchawaythatitisdifficultandthereforecostlyforanadversarytoduplicateorreverse.
![Page 8: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/8.jpg)
@adam_englander
Who Are Your Adversaries?• Lone Gunmen - The 400 lb. hacker on their bed.
• Hactivist Groups - Anonymous is most known.
• Competitors - Industrial espionage.
• Organized Crime - Identity theft, fraud, extortion.
• Nation State - Data farming, credential theft.
![Page 9: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/9.jpg)
@adam_englander
What Contributes to Cost?
Secrets
Computation
Entropy
![Page 10: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/10.jpg)
@adam_englander
How Secret is Secret?• Asymmetric Encryption is more secret than
Symmetric Encryption. No shared secrets.
• How predictable is your secret?
• Who has access to your secrets?
• Secrets encrypted at rest? Those secrets?
• Are your secrets encrypted in transit?
![Page 11: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/11.jpg)
@adam_englander
Computational Cost
• Complexity of algorithm increases cost.
• Key length increases cost.
• Some algorithms specifically target memory and thread utilization to increase cost.
• Feedback loops increase cost.
![Page 12: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/12.jpg)
@adam_englander
Thedegreeofdisorderoruncertaintyinasystem
What is Entropy?
Merriam-Webster
![Page 13: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/13.jpg)
@adam_englander
Good Cryptographic Entropy
![Page 14: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/14.jpg)
@adam_englander
Poor Cryptographic Entropy
![Page 15: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/15.jpg)
@adam_englander
Achieving Maximum Entropy• Use Cryptographically Secure Pseudo-Random Number
Generators (CSPRNG).
• Salts add global randomness to hashing.
• Feedback loops add local randomness to block ciphers.
• Initialization Vectors add global randomness to block ciphers.
• Some ciphers introduce randomness with padding.
![Page 16: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/16.jpg)
@adam_englander
Local vs Global Entropy
Local entropy is entropy with a singular pice of data within a larger system.
Global entropy is entropy of the same or similar data across the entirety of a larger system.
![Page 17: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/17.jpg)
@adam_englander
How Random Is Random?• It turns out it can be quite random as long as you
use the correct tools.
• Since PHP7, CSPRNG extension provides platform independent cryptographically secure pseudo-random data.
• Until you move to PHP7, paragonie/random_compat package will give you the same functionality.
![Page 18: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/18.jpg)
@adam_englander
Cryptography Systems
• Symmetric Key Cryptography uses shared secrets
• Asymmetric Key Cryptography uses private/public key pairs
![Page 19: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/19.jpg)
@adam_englander
Cryptography Applications
• Encryption
• Digital Signatures
• Key Derivation
![Page 20: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/20.jpg)
@adam_englander
Encryption
• Protecting data that needs to be recalled
• Can be reversed via decryption
![Page 21: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/21.jpg)
@adam_englander
Digital Signature
• Used to verify integrity of data
• Used mostly for data transfer
• Can be used for verifying data at rest
• Can not be reversed but can be reproduced for verification
![Page 22: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/22.jpg)
@adam_englander
Key Derivation
• A.K.A. password hashing
• Cannot be reversed
• Computationally expensive by design
![Page 23: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/23.jpg)
@adam_englander
Symmetric Key Cryptography
![Page 24: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/24.jpg)
@adam_englander
Symmetric Key Cryptography• Shared secrets
• Lower computation costs than most asymmetric algorithms for same key size
• Uses algorithms against blocks or streams of data
• Most implementations will use block as stream ciphers use less resources making them less secure
![Page 25: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/25.jpg)
@adam_englander
Stream vs. Block CiphersStream ciphers very quickly encrypt streams of data as they pass. One portion of the stream does not affect the other. They are not terribly secure.
Block ciphers deal with the data one block at a time. Block ciphers are very secure. They allow for feedback loops that create greater entropy of the entire package.
![Page 26: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/26.jpg)
@adam_englander
Block Algorithms
• Use AES
• Camellia can be used if it is required. It has restricted use due to a patent. Make sure you are not infringing on the patent.
• DES should not be used
![Page 27: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/27.jpg)
Block Cipher ModesDO NOT USE Electronic Cookbook (ECB)!!!
![Page 28: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/28.jpg)
@adam_englander
Blockciphermodesdeterminehowtheblocksofcleartextaretranslatedintociphertext.
What are Block Cipher Modes?
![Page 29: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/29.jpg)
@adam_englander
Cipher Block Chaining (CBC)
• Entire message is required for decryption
• Full cipher text block is used as the seed for the next block
![Page 30: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/30.jpg)
@adam_englander
Cipher Block Chaining (CBC)
![Page 31: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/31.jpg)
@adam_englander
Galois Counter Mode (GCM)• Counter based cipher stream
• Entire message is required for decryption
• Encrypts plain text and generates an authentication code similar to an HMAC simultaneously that is returned with the IV in the cipher text
![Page 32: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/32.jpg)
@adam_englander
Galois Counter Mode (GCM)
![Page 33: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/33.jpg)
@adam_englander
Cipher Feedback (CFB)
• Self-synchronizing cipher stream
• If one segment of the message is lost, you can pick up again with the remaining data
![Page 34: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/34.jpg)
@adam_englander
Cipher Feedback (CFB)
![Page 35: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/35.jpg)
@adam_englander
Output Feedback (OFB)
• Synchronous stream cipher
• Key stream blocks are merged with plain text
• Key stream blocks can be pre-generated on both sides reducing real time processing required.
![Page 36: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/36.jpg)
@adam_englander
Output Feedback
![Page 37: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/37.jpg)
@adam_englander
Digital Signatures (HMAC)
• Hash-based Message Authentication Code (HMAC)
• Hashing combined with key
• SHA-256 or better is preferred to ensure uniqueness
![Page 38: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/38.jpg)
@adam_englander
Asymmetric Key Cryptography
![Page 39: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/39.jpg)
@adam_englander
Asymmetric Key Cryptography
• RSA and DSA are available in PHP. Use RSA.
• Uses very large prime integers
• Very computationally expensive
• Uses key pairs to protect secret
![Page 40: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/40.jpg)
@adam_englander
Super Duper Secret
• Private key can do encrypt, decrypt, sign, and verify signature
• Public key does not have enough data to decrypt or sign. Can only encrypt and verify signature
![Page 41: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/41.jpg)
@adam_englander
Key Size and Hash Algorithm
• Current minimum recommend key size is 2048
• SHA1 is considered safe but SHA-256 is better
![Page 42: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/42.jpg)
@adam_englander
Data Limitations
• RSA can only encrypt or sign data up to the length of the key size
• Signatures use hashing
• Crypto often mixed with symmetric key cryptography
![Page 43: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/43.jpg)
@adam_englander
Padding• Padding is how RSA creates additional
entropy
• Use Optimal Asymmetric Encryption Padding (OAEP)
• Do not use PKCS1-V1_5 as it is no longer considered cryptographically secure
![Page 44: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/44.jpg)
Key Derivation Functionsa.k.a Password Hashing
![Page 45: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/45.jpg)
@adam_englander
Password Hashing
• Always use Key Derivation Functions like bcrypt and PBKDF2.
• If you are currently using MD5 or SHA for hashing, use a random salted with your hash now and a key derivation function soon.
![Page 46: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/46.jpg)
@adam_englander
Key Derivation
• Uses salt for entropy
• Iterates to increase cost
• Can create cost via threads and memory
• Bigger is better!
![Page 47: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/47.jpg)
@adam_englander
Which KDF Should I Use?
• argon2i is the new hotness
• scrypt is preferred
• bcrypt is acceptable
• PBKDF2 can be used in a pinch
![Page 48: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/48.jpg)
@adam_englander
How Can I Use KDFs?• PHP has the best package for managing that
PERIOD! Use the password extension. Just use it!
• For *cough* pre-5.5.0, you can use ircmaxell/password-compat
• Provides tools for hash upgrades. AWESOME!
![Page 49: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/49.jpg)
@adam_englander
Recommendations
![Page 50: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/50.jpg)
@adam_englander
Disclaimers• Although every app is different, commonalities
exist across most applications
• I am only recommending what I know and have vetted directly or indirectly via my work experience
• If you think you are different, ask yourself if the advantages outweigh the risks
![Page 51: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/51.jpg)
@adam_englander
Types• Use RSA asymmetric key cryptography when
transferring data
• Mix with AES and random keys/IVs per transfer
• Use CSPRNG extension/package for keys, salts and initialization vectors
• Use password extension/package for passwords
![Page 52: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/52.jpg)
@adam_englander
Strength
• Use the strongest cryptography you can afford
• AES: aes-256-cbc / sha256 minimum
• RSA: 2048+ PKCS1_OAEP / RSA-SHA256
• Hash until it hurts!
![Page 53: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/53.jpg)
@adam_englander
Packages/Libraries
• Use OpenSSL for encryption and digital signatures
• For extreme compatibility, use phpseclib/phpseclib
• Use CSPRNG extension/package for keys, salts and initialization vectors
• Use password extension/package for passwords
![Page 54: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/54.jpg)
@adam_englander
Resources• https://secure.php.net/manual/en/book.openssl.php
• https://secure.php.net/manual/en/book.csprng.php
• https://secure.php.net/manual/en/book.password.php
• https://packagist.org/packages/phpseclib/phpseclib
• https://en.wikipedia.org/wiki/Cryptography
![Page 55: SunshinePHP 2017: Tales From The Crypt - A Cryptography Primer](https://reader036.vdocument.in/reader036/viewer/2022062522/589a42661a28ab8c588b66c5/html5/thumbnails/55.jpg)
@adam_englander
More From Me• https://www.iovation.com/blog/author/aenglander
• https://www.linkedin.com/in/adamenglander
• https://twitter.com/adam_englander
• https://github.com/aenglander