20. password!
Use a salt value in hash functions or bcrypt
hash( $salt . $password );
hash_hmac( ‘sha512’, $salt . $password
);
crypt($password , $salt );
27. bob and alice’s story
Bob Asks Alice For her public key
Bob signs msg with the public key of Alice
Alice gets encrypted msg
Alice decrypts msg with her secret private key
Alice reads It
29. RSA key-pair
ssh-keygen –t RSA –b <bit>
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/hasinhayder/.ssh/id_rsa): /tmp/pk_rsa
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /tmp/pk_rsa
Your public key has been saved in /tmp/pk_rsa.pub
30. RSA key to PEM format
openssl rsa -in pk_rsa
-outform pem
> pk_rsa.pem
31. generate RSA key in PEM format
openssl genrsa -des3
-out pk_rsa.pem 2048
32. public key out of PEM file
openssl rsa -pubout
-in pk_rsa.pem
-out pk_pub.pem
33. encrypt with public key
$pub_key=openssl_get_publickey(
file_get_contents("/tmp/pk_pub.pem"));
$enc= openssl_public_encrypt(
$source,
$crypttext,
$pub_key);
40. key space
Secret key space >= 128 bit
Public key space >= 2048 bit
41. thanks
M A Hossain Tonu
Sr. Software Engineer, somewherein…
http://mahtonu.wordpress.com
Hasin Hayder
Founder, Leevio
http://hasin.wordpress.com
Notes de l'éditeur
H
H
H
H
H
H
H
H
H
H
Plaintext The initial unencrypted (unscrambled) data to be communicated. CiphertextPlaintext is encrypted (scrambled) into something unintelligible – ciphertext for communication Example: “esqbsuibqsbujnebt” Encryption The process of converting ordinary information ( plaintext ) into ciphertext . Decryption The reverse process of moving from unintelligible ciphertext to plaintext . Cipher Pair of algorithms performing encryption & decryption. Key A secret parameter for the cipher algorithm. Key Management Management of generation, exchange, storage, safeguarding, use, vetting, and replacement of keys. Provisions in Cryptosystem design, Cryptographic protocols in that design, User procedures, and so on. Crypto Analysis / Code Breaking The study of how to circumvent the confidentiality sought by using encryption.
To check if a given $password string is valid, for a given hash, you can use the following condition:If($hash==crypt($password,$hash)) echo ‘valid’;
Advanced encryption standard
H
H
H
H
H
H
H
H
H
H
H
H
H
rand() predictablea cryptographically strong random number in PHP you have to use the function openssl_random_pseudo_bytes() of the OpenSSL library, available at PHP 5.3
DES cipher uses 56-bit key, that means the key space is 2^56.