SlideShare une entreprise Scribd logo

JVM Encryption Boot Camp 0.4.3

Matthew McCullough
Matthew McCullough

Matthew McCullough's presentation to the Boulder Java Users Group on encryption on the Java Virtual Machine (JVM) platform.

Formation
1  sur  231
TI YP P ON C R AM EN T C B OOurity is th e mi ssion Sec © Matthew McCullough, Ambient Ideas, LLC Sunday, April 25, 2010
SECURITY What’s ON THE J your po VM sition? Sunday, April 25, 2010
HACK ATT EMPTS PE in R the bi llions D AY Sunday, April 25, 2010
G? ot TINbly n YP oba ENCR pr say st atis tics Sunday, April 25, 2010
delicious.com/matthew.mccullough/encryption Sunday, April 25, 2010
Sunday, April 25, 2010
ANCIENT HISTORY Everything old is new again Sunday, April 25, 2010
ANCIENT HISTORY Everything old is new again Sunday, April 25, 2010
Sunday, April 25, 2010
new this oss” over uff b all n st “I’m yptio encr Sunday, April 25, 2010
44 B.C. Sunday, April 25, 2010
44 B.C. That’s 2,054 years ago... Sunday, April 25, 2010
Sunday, April 25, 2010
Sunday, April 25, 2010
Julius Caesar Sunday, April 25, 2010
Sunday, April 25, 2010
Sunday, April 25, 2010
Caesar Cipher a.k.a. ROT(2) Shift Cipher A B C D E F G A B C D E F G Sunday, April 25, 2010
Caesar Cipher a.k.a. ROT(2) Shift Cipher A B C D E F G A B C D E F G Sunday, April 25, 2010
Caesar Cipher a.k.a. ROT(2) Shift Cipher A B C D E F G A B C D E F G Sunday, April 25, 2010
Caesar Cipher a.k.a. ROT(2) Shift Cipher Sunday, April 25, 2010
Caesar Cipher Sunday, April 25, 2010
Caesar Cipher Z M S R Sunday, April 25, 2010
Caesar Cipher Z M S R 30s 25s 20s 15s 10s 5s Stop Sunday, April 25, 2010
Caesar Cipher Z M S R Sunday, April 25, 2010
Caesar Cipher Z M S R A N T S if encrypted with ROT(-1) Sunday, April 25, 2010
Caesar Cipher Z M S R A N T S if encrypted with ROT(-1) B O U T if encrypted with ROT(-2) Sunday, April 25, 2010
/** * A naively simple rotation cipher implementation. * USAGE: groovy RotateWord.groovy <yourword> */ public class RotateWord { /** * Rotate one character by the specified amount */ private static char rotateChar(char c, int rotationAmount) { //a == 97, z == 122 int num = (int)c int rotated = num + rotationAmount int adjusted //Handle roll-around wrapping Sunday, April 25, 2010
/** * A naively simple rotation cipher implementation. * USAGE: groovy RotateWord.groovy <yourword> */ public class RotateWord { /** * Rotate one character by the specified amount */ private static char rotateChar(char c, int rotationAmount) { //a == 97, z == 122 int num = (int)c int rotated = num + rotationAmount int adjusted //Handle roll-around wrapping if (rotated > 122) adjusted = rotated - 26 else if (rotated < 97) adjusted = rotated + 26 else adjusted = rotated Sunday, April 25, 2010
public class RotateWord { /** * Rotate one character by the specified amount */ private static char rotateChar(char c, int rotationAmount) { //a == 97, z == 122 int num = (int)c int rotated = num + rotationAmount int adjusted //Handle roll-around wrapping if (rotated > 122) adjusted = rotated - 26 else if (rotated < 97) adjusted = rotated + 26 else adjusted = rotated char adjustedChar = (char)adjusted return adjustedChar } /** Sunday, April 25, 2010
private static char rotateChar(char c, int rotationAmount) { //a == 97, z == 122 int num = (int)c int rotated = num + rotationAmount int adjusted //Handle roll-around wrapping if (rotated > 122) adjusted = rotated - 26 else if (rotated < 97) adjusted = rotated + 26 else adjusted = rotated char adjustedChar = (char)adjusted return adjustedChar } /** * Rotate the entire String by the specified rotation amount. */ public static String rotateAllChars(String plainText, int rotationAmount) { String encodedMessage = "" Sunday, April 25, 2010
adjusted = rotated + 26 else adjusted = rotated char adjustedChar = (char)adjusted return adjustedChar } /** * Rotate the entire String by the specified rotation amount. */ public static String rotateAllChars(String plainText, int rotationAmount) { String encodedMessage = "" //Loop through each character in the plaintext for (int i = 0; i < plainText.length(); i++) { //TODO: Improve to handle upper and lower case letters char c = plainText.toLowerCase().charAt(i) encodedMessage += rotateChar(c, rotationAmount) } return encodedMessage } Sunday, April 25, 2010
return adjustedChar } /** * Rotate the entire String by the specified rotation amount. */ public static String rotateAllChars(String plainText, int rotationAmount) { String encodedMessage = "" //Loop through each character in the plaintext for (int i = 0; i < plainText.length(); i++) { //TODO: Improve to handle upper and lower case letters char c = plainText.toLowerCase().charAt(i) encodedMessage += rotateChar(c, rotationAmount) } return encodedMessage } public static void main (String[] args) { String originalword = args[0] println "Rot(-3) Word: " + rotateAllChars(originalword, -3) Sunday, April 25, 2010
public static void main (String[] args) { String originalword = args[0] println "Rot(-3) Word: " + rotateAllChars(originalword, -3) println "Rot(-2) Word: " + rotateAllChars(originalword, -2) println "Rot(-1) Word: " + rotateAllChars(originalword, -1) println "Original Word: ${originalword}" println "Rot(1) Word: " + rotateAllChars(originalword, 1) println "Rot(2) Word: " + rotateAllChars(originalword, 2) } } Sunday, April 25, 2010
BROKEN Perfectly safe data is a myth Sunday, April 25, 2010
BROKEN Perfectly safe data is a myth Sunday, April 25, 2010
Compromised Sunday, April 25, 2010
Compromised ! Every algorithm is vulnerable Sunday, April 25, 2010
Compromised ! Every algorithm is vulnerable ! Crack by brute force Sunday, April 25, 2010
Compromised ! Every algorithm is vulnerable ! Crack by brute force ! Crack by rainbow tables Sunday, April 25, 2010
Compromised ! Every algorithm is vulnerable ! Crack by brute force ! Crack by rainbow tables ! Function of time + money + hardware Sunday, April 25, 2010
Sunday, April 25, 2010
$2000 $ 50 Sunday, April 25, 2010
$2000 Whic h wo uld y ou hit $ 50 ? Sunday, April 25, 2010
JCE PRIMER The world of Java crypto Sunday, April 25, 2010
JCE PRIMER The world of Java crypto Sunday, April 25, 2010
Java Cryptography Extension Known as JCE Included in all JREs Since Java 1.2 Pluggable provider architecture JCE extends Java Cryptography Architecture (JCA) Sunday, April 25, 2010
JCE Providers Default Sun JRE Providers SUN SunJCE SunJSSE SunRsaSign BouncyCastle Provider Adds AES capabilities Sunday, April 25, 2010
Registering a Provider Static <java-home>/lib/security/java.security security.provider.n=masterClassName Sunday, April 25, 2010
Registering a Provider Dynamic ! java.security.Security class addProvider() insertProviderAt() ! Not persistent across VM instances Sunday, April 25, 2010
Encryption & the Law country borders stop bits Sunday, April 25, 2010
JCE Strength ! Jurisdiction Policy Files ! Two variants ! Algorithm strength differences Sunday, April 25, 2010
Unlimite d Sunday, April 25, 2010
Unlimite d Sunday, April 25, 2010
Strong Sunday, April 25, 2010
Strong Sunday, April 25, 2010
JCE Strength Sunday, April 25, 2010
JCE Strength Strong strength included in all JREs Sunday, April 25, 2010
JCE Strength Strong strength included in all JREs Unlimited strength is a separate download available based on US export rules Sunday, April 25, 2010
Sunday, April 25, 2010
Sunday, April 25, 2010
Sunday, April 25, 2010
Worldwide Policy // File: default_local.policy // Some countries have import limits on crypto strength. // This policy file is worldwide importable. grant { permission javax.crypto.CryptoPermission "DES", 64; permission javax.crypto.CryptoPermission "DESede", *; permission javax.crypto.CryptoPermission "RC2", 128, "javax.crypto.spec.RC2ParameterSpec", 128; permission javax.crypto.CryptoPermission "RC4", 128; permission javax.crypto.CryptoPermission "RC5", 128, "javax.crypto.spec.RC5ParameterSpec", *, 12, *; permission javax.crypto.CryptoPermission "RSA", 2048; permission javax.crypto.CryptoPermission *, 128; }; Sunday, April 25, 2010
Max Key Sizes Algorithm Max Key Size DES 64 DESede 168 3des RC2 128 RC4 128 RC5 128 RSA 2048 Others 128 Sunday, April 25, 2010
Digests & Hashes One way functions Sunday, April 25, 2010
What is a Digest? Small set of bytes representing a large message Small change in message = large change in digest Integrity check for large data Password storage mechanism Sunday, April 25, 2010
MessageDigest Sunday, April 25, 2010
MessageDigest ! java.security.MessageDigest Sunday, April 25, 2010
MessageDigest ! java.security.MessageDigest ! Multiple algorithms available Sunday, April 25, 2010
MessageDigest ! java.security.MessageDigest ! Multiple algorithms available ! MD5 (128 bit) Sunday, April 25, 2010
MessageDigest ! java.security.MessageDigest ! Multiple algorithms available ! MD5 (128 bit) ! SHA-1 (160 bit) Sunday, April 25, 2010
MessageDigest Sunday, April 25, 2010
MessageDigest Sunday, April 25, 2010
MessageDigest ! MD5 ! U. S. Department of Homeland Security said MD5 "considered cryptographically broken and unsuitable for further use" Sunday, April 25, 2010
System.out.println("Message1 SHA1 digest: " + shaAndBase64Encode(message1)); System.out.println("Message2 SHA1 digest: " + shaAndBase64Encode(message2)); } /** * Helper function to both SHA-1 hash and * base64 encode the resulting bytes to a String */ public static String shaAndBase64Encode(String message) throws NoSuchAlgorithmException { MessageDigest sha = MessageDigest.getInstance("SHA-1"); //Salt could be applied here //Integer salt = <some random number generator> //sha.update(salt.getBytes()); byte[] digest = sha.digest(message.getBytes()); return new sun.misc.BASE64Encoder().encode(digest); } } Sunday, April 25, 2010
* * Demonstrate that very similar messages * have radically different hashes. */ public class MessageDigestSHA { public static void main( String[] args ) throws NoSuchAlgorithmException { //Set up the message to be encoded String message1 = "Four score and seven years ago"; String message2 = "Four score and seven tears ago"; System.out.println("Message1 SHA1 digest: " + shaAndBase64Encode(message1)); System.out.println("Message2 SHA1 digest: " + shaAndBase64Encode(message2)); } /** * Helper function to both SHA-1 hash and * base64 encode the resulting bytes to a String */ public static String shaAndBase64Encode(String message) throws NoSuchAlgorithmException { MessageDigest sha = MessageDigest.getInstance("SHA-1"); Sunday, April 25, 2010
Input String message1 = "Four score and seven years ago"; String message2 = "Four score and seven tears ago"; Result Message1 SHA1 digest: DmCJIg4Bq/xpGIxVXxo3IB0vo38= Message2 SHA1 digest: oaLHt8tr31ttngCDjyYuWowF5Mc= Sunday, April 25, 2010
SYMMETRIC My key is your key Sunday, April 25, 2010
SYMMETRIC My key is your key Sunday, April 25, 2010
Sunday, April 25, 2010
Sensitive Data Sunday, April 25, 2010
ht Sig ain Pl Sensitive Data Sunday, April 25, 2010
Recipient or Storage ht Sig ain Pl Sensitive Data Sunday, April 25, 2010
Recipient or Storage ht Sig r ed cu ain ts O b s Pl C on te n Sensitive Data Sunday, April 25, 2010
Why Symmetric? Sunday, April 25, 2010
Why Symmetric? ! Fast Sunday, April 25, 2010
Why Symmetric? ! Fast ! Well suited for bulk data Sunday, April 25, 2010
Using Symmetric Sunday, April 25, 2010
Using Symmetric Secure network for passing keys or Sunday, April 25, 2010
Using Symmetric Secure network for passing keys or Never decrypted at remote end Sunday, April 25, 2010
Symmetric Problems Sunday, April 25, 2010
Symmetric Problems Keys vulnerable to capture Sunday, April 25, 2010
Symmetric Problems Keys vulnerable to capture Eavesdropping on future communications after key compromise Sunday, April 25, 2010
Symmetric Problems Keys vulnerable to capture Eavesdropping on future communications after key compromise Key distribution challenges Sunday, April 25, 2010
Symmetric Problems Keys vulnerable to capture Eavesdropping on future communications after key compromise Key distribution challenges Triangular number key growth Sunday, April 25, 2010
Symmetric Problems ! Triangular number key growth Sunday, April 25, 2010
Symmetric A B Sunday, April 25, 2010
Symmetric A Message/File B Sunday, April 25, 2010
Symmetric A’s 256 bit symmetric key A Message/File B Sunday, April 25, 2010
Symmetric Encrypted with 256 bit symmetric key A’s 256 bit symmetric key A Message/File B Sunday, April 25, 2010
Symmetric Encrypted with 256 bit symmetric key A’s 256 bit symmetric key A Message/File B Sunday, April 25, 2010
Symmetric A’s 256 bit symmetric key A Message/File B Sunday, April 25, 2010
Symmetric A’s 256 bit symmetric key A Message/File B Sunday, April 25, 2010
SYMMETRIC Block versus Stream Algorithms Sunday, April 25, 2010
Stream vs. Block Sunday, April 25, 2010
Stream vs. Block Specific algorithms for each Sunday, April 25, 2010
SYMMETRIC (BLOCK) Sunday, April 25, 2010
Block Sunday, April 25, 2010
Block Predefined content length Sunday, April 25, 2010
Block Predefined content length Well-known end to the content Sunday, April 25, 2010
Block Predefined content length Well-known end to the content Files on disk Sunday, April 25, 2010
Block Predefined content length Well-known end to the content Files on disk Inefficient when padding Sunday, April 25, 2010
DES Data Encryption Standard Block cipher Banking industry DES is known to be broken Sunday, April 25, 2010
3DES Data Encryption Standard Block cipher a.k.a DESede Basically three passes of DES Reasonably strong Sunday, April 25, 2010
Blowfish Block cipher Unpatented (intentionally) Secure replacement for DES Faster than DES 32 to 448 bit keys Overshadowed by AES Sunday, April 25, 2010
AES Advanced Encryption Standard Block cipher Government standard Rijndael algorithm (Joan Daemen, Vincent Rijmen) 4 years of evaluation Final in December 2000 Very Secure Sunday, April 25, 2010
SYMMETRIC (STREAM) Sunday, April 25, 2010
Stream Sunday, April 25, 2010
Stream Unknown content length Sunday, April 25, 2010
Stream Unknown content length Streaming video Sunday, April 25, 2010
Stream Unknown content length Streaming video Streaming voice Sunday, April 25, 2010
Stream Unknown content length Streaming video Streaming voice Similar to One-Time Pads Sunday, April 25, 2010
RC4 Sunday, April 25, 2010
RC4 Rivest’s Code 4 Sunday, April 25, 2010
RC4 Rivest’s Code 4 Stream cipher Sunday, April 25, 2010
RC4 Rivest’s Code 4 Stream cipher Trademarked (name, but not algorithm) Sunday, April 25, 2010
RC4 Rivest’s Code 4 Stream cipher Trademarked (name, but not algorithm) Used by Sunday, April 25, 2010
RC4 Rivest’s Code 4 Stream cipher Trademarked (name, but not algorithm) Used by Browsers in SSL, TLS Sunday, April 25, 2010
RC4 Rivest’s Code 4 Stream cipher Trademarked (name, but not algorithm) Used by Browsers in SSL, TLS WiFi in WEP WPA , Sunday, April 25, 2010
RC4 Rivest’s Code 4 Stream cipher Trademarked (name, but not algorithm) Used by Browsers in SSL, TLS WiFi in WEP WPA , BitTorrent Sunday, April 25, 2010
RC4 Rivest’s Code 4 Stream cipher Trademarked (name, but not algorithm) Used by Browsers in SSL, TLS WiFi in WEP WPA , BitTorrent ssh Sunday, April 25, 2010
RC4 Rivest’s Code 4 Stream cipher Trademarked (name, but not algorithm) Used by Browsers in SSL, TLS WiFi in WEP WPA , BitTorrent ssh Microsoft RDP Sunday, April 25, 2010
RC4 Rivest’s Code 4 Stream cipher Trademarked (name, but not algorithm) Used by Browsers in SSL, TLS WiFi in WEP WPA , BitTorrent ssh Microsoft RDP PDF Sunday, April 25, 2010
A5/1 Sunday, April 25, 2010
A5/1 A5/1 Sunday, April 25, 2010
A5/1 A5/1 Secret, unpublished Sunday, April 25, 2010
A5/1 A5/1 Secret, unpublished Reverse engineered Sunday, April 25, 2010
A5/1 A5/1 Secret, unpublished Reverse engineered Used by GSM phones Sunday, April 25, 2010
import java.security.InvalidKeyException; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; import javax.crypto.BadPaddingException; import javax.crypto.Cipher; import javax.crypto.IllegalBlockSizeException; import javax.crypto.KeyGenerator; import javax.crypto.NoSuchPaddingException; import javax.crypto.SecretKey; import sun.misc.BASE64Encoder; /** * Use the SecureRandom java security class to generate * a more expensive, but cryptographically secure random number. */ public class SymmetricEncrypt { public static void main( String[] args ) throws NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException { final String message1 = "Four score and seven years ago"; Sunday, April 25, 2010
import sun.misc.BASE64Encoder; /** * Use the SecureRandom java security class to generate * a more expensive, but cryptographically secure random number. */ public class SymmetricEncrypt { public static void main( String[] args ) throws NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException { final String message1 = "Four score and seven years ago"; //Build a new encryption key final KeyGenerator keyGen = KeyGenerator.getInstance("DESede"); keyGen.init(168); final SecretKey desKey = keyGen.generateKey(); //Set up the cipher final Cipher desCipher = Cipher.getInstance("DESede/ECB/PKCS5Padding"); ////////////////////////////////////// //Put the cipher in encryption mode desCipher.init(Cipher.ENCRYPT_MODE, desKey); //Encrypt and output the base64 data byte[] clearText = message1.getBytes(); byte[] encryptedBytes = desCipher.doFinal(clearText); BASE64Encoder b64e = new sun.misc.BASE64Encoder(); Sunday, April 25, 2010
final String message1 = "Four score and seven years ago"; //Build a new encryption key final KeyGenerator keyGen = KeyGenerator.getInstance("DESede"); keyGen.init(168); final SecretKey desKey = keyGen.generateKey(); //Set up the cipher final Cipher desCipher = Cipher.getInstance("DESede/ECB/PKCS5Padding"); ////////////////////////////////////// //Put the cipher in encryption mode desCipher.init(Cipher.ENCRYPT_MODE, desKey); //Encrypt and output the base64 data byte[] clearText = message1.getBytes(); byte[] encryptedBytes = desCipher.doFinal(clearText); BASE64Encoder b64e = new sun.misc.BASE64Encoder(); String base64Encrypted = b64e.encode(encryptedBytes); System.out.println("Encrypted text: " + base64Encrypted); ////////////////////////////////////// //Put the cipher in decryption mode desCipher.init(Cipher.DECRYPT_MODE, desKey); //Decrypt and output the original string byte[] decryptedBytes = desCipher.doFinal(encryptedBytes); String decryptedText = new String(decryptedBytes); System.out.println("Decrypted text: " + decryptedText); } } Sunday, April 25, 2010
//Set up the cipher final Cipher desCipher = Cipher.getInstance("DESede/ECB/PKCS5Padding"); ////////////////////////////////////// //Put the cipher in encryption mode desCipher.init(Cipher.ENCRYPT_MODE, desKey); //Encrypt and output the base64 data byte[] clearText = message1.getBytes(); byte[] encryptedBytes = desCipher.doFinal(clearText); BASE64Encoder b64e = new sun.misc.BASE64Encoder(); String base64Encrypted = b64e.encode(encryptedBytes); System.out.println("Encrypted text: " + base64Encrypted); ////////////////////////////////////// //Put the cipher in decryption mode desCipher.init(Cipher.DECRYPT_MODE, desKey); //Decrypt and output the original string byte[] decryptedBytes = desCipher.doFinal(encryptedBytes); String decryptedText = new String(decryptedBytes); System.out.println("Decrypted text: " + decryptedText); } } Sunday, April 25, 2010
Input String message1 = "Four score and seven years ago"; Result Encrypted text: P0FT6N3XXrohtsz7OLh3FGYY0wErkPIur1DP6Csbj4g= Decrypted text: Four score and seven years ago Sunday, April 25, 2010
ENCRYPTED = SAFE, RIGHT? information leakage from encrypted data Sunday, April 25, 2010
ENCRYPTED = SAFE, RIGHT? information leakage from encrypted data Sunday, April 25, 2010
Encrypted isn’t enough? http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation Sunday, April 25, 2010
SECURE KEY EXCHANGE securely swapping symmetric keys Sunday, April 25, 2010
SECURE KEY EXCHANGE securely swapping symmetric keys Sunday, April 25, 2010
Sunday, April 25, 2010
Sunday, April 25, 2010
Diffie-Hellman Sunday, April 25, 2010
Diffie-Hellman Key Agreement Protocol Sunday, April 25, 2010
Diffie-Hellman Key Agreement Protocol Alice & Bob independently generate the shared (session) key Sunday, April 25, 2010
Diffie-Hellman Key Agreement Protocol Alice & Bob independently generate the shared (session) key Published 1976, but invented earlier Sunday, April 25, 2010
Diffie-Hellman Key Agreement Protocol Alice & Bob independently generate the shared (session) key Published 1976, but invented earlier Vulnerable to MITM attack Sunday, April 25, 2010
Diffie-Hellman Key Agreement Protocol Alice & Bob independently generate the shared (session) key Published 1976, but invented earlier Vulnerable to MITM attack Fixed by PKI Sunday, April 25, 2010
Diffie-Hellman Key Agreement Protocol Alice & Bob independently generate the shared (session) key Published 1976, but invented earlier Vulnerable to MITM attack Fixed by PKI and signing the agreed key Sunday, April 25, 2010
DH Diagrammed A B Sunday, April 25, 2010
DH Diagrammed predetermined and openly shared A B Sunday, April 25, 2010
DH Diagrammed predetermined and openly shared g = random g = 11 A B Sunday, April 25, 2010
DH Diagrammed predetermined and openly shared g = random p = prime g = 11 p = 23 A B Sunday, April 25, 2010
DH Diagrammed predetermined and openly shared g = random p = prime g = 11 p = 23 picks a = 6 picks b = 4 A B Sunday, April 25, 2010
DH Diagrammed predetermined and openly shared g = random p = prime g = 11 p = 23 picks a = 6 picks b = 4 A A= ga mod p B B= gb mod p Sunday, April 25, 2010
DH Diagrammed predetermined and openly shared g = random p = prime g = 11 p = 23 picks a = 6 picks b = 4 A A= ga mod p B B= gb mod p 9=116 mod 23 13=114 mod 23 Sunday, April 25, 2010
DH Diagrammed predetermined and openly shared g = random p = prime g = 11 p = 23 picks a = 6 picks b = 4 A A= ga mod p B B= gb mod p 9=116 mod 23 13=114 mod 23 B=13 A=9 Sunday, April 25, 2010
DH Diagrammed predetermined and openly shared g = random p = prime g = 11 p = 23 picks a = 6 picks b = 4 A A= ga mod p B B= gb mod p 9=116 mod 23 13=114 mod 23 B=13 A=9 K= Ba mod p K= Ab mod p Sunday, April 25, 2010
DH Diagrammed predetermined and openly shared g = random p = prime g = 11 p = 23 picks a = 6 picks b = 4 A A= ga mod p B B= gb mod p 9=116 mod 23 13=114 mod 23 B=13 A=9 K= Ba mod p K= Ab mod p 6= 136 mod 23 6= 94 mod 23 Sunday, April 25, 2010
DH Diagrammed predetermined and openly shared g = random p = prime g = 11 p = 23 picks a = 6 picks b = 4 A A= ga mod p B B= gb mod p 9=116 mod 23 13=114 mod 23 B=13 A=9 K= Ba mod p K= Ab mod p 6= 136 mod 23 6= 94 mod 23 Encryption can begin Sunday, April 25, 2010
RANDOM NUMBERS Seed the machine Sunday, April 25, 2010
RANDOM NUMBERS Seed the machine Sunday, April 25, 2010
SecureRandom java.security.SecureRandom Cryptographically strong random number generator (RNG) “Unable to distinguish from a true random source” Used in combination with many ciphers Sunday, April 25, 2010
package com.ambientideas; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; /** * Use the SecureRandom java security class to generate * a more expensive, but cryptographically secure random number. */ public class SecureRandomNumber { public static void main( String[] args ) throws NoSuchAlgorithmException { //Do the expensive one time setup of the Sunday, April 25, 2010 // random number generator instance
import java.security.SecureRandom; /** * Use the SecureRandom java security class to generate * a more expensive, but cryptographically secure random number. */ public class SecureRandomNumber { public static void main( String[] args ) throws NoSuchAlgorithmException { //Do the expensive one time setup of the // random number generator instance SecureRandom prng = SecureRandom.getInstance("SHA1PRNG"); //Get the next random number String randomNum = new Integer( prng.nextInt() ).toString(); System.out.println("Random number: " + randomNum); } } Sunday, April 25, 2010
* a more expensive, but cryptographically secure random number. */ public class SecureRandomNumber { public static void main( String[] args ) throws NoSuchAlgorithmException { //Do the expensive one time setup of the // random number generator instance SecureRandom prng = SecureRandom.getInstance("SHA1PRNG"); //Get the next random number String randomNum = new Integer( prng.nextInt() ).toString(); System.out.println("Random number: " + randomNum); } } Sunday, April 25, 2010
Result Random number: 1633471380 Sunday, April 25, 2010
ASYMMETRIC Throwing away keys faster than an intern locksmith Sunday, April 25, 2010
ASYMMETRIC Throwing away keys faster than an intern locksmith Sunday, April 25, 2010
Sunday, April 25, 2010
Sunday, April 25, 2010
RSA Ron Rivest, Adi Shamir, Leonard Adleman Published in 1978 M.I.T. Patented in 1983 Patent Expired in 2000 Sunday, April 25, 2010
http://xkcd.com/538/ Sunday, April 25, 2010
http://xkcd.com/538/ Sunday, April 25, 2010
RSA A B Sunday, April 25, 2010
RSA A Message/File B Sunday, April 25, 2010
RSA B’s 2048 bit public key A Message/File B Sunday, April 25, 2010
RSA Encrypted with 2048 bit RSA key A Message/File B Sunday, April 25, 2010
RSA Encrypted with 2048 bit RSA key B’s 2048 bit private key A Message/File B Sunday, April 25, 2010
RSA A Message/File B Sunday, April 25, 2010
RSA A Message/File B Sunday, April 25, 2010
import java.io.IOException; import java.security.InvalidKeyException; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; import java.security.PrivateKey; import java.security.PublicKey; import java.security.SecureRandom; import javax.crypto.BadPaddingException; import javax.crypto.Cipher; import javax.crypto.IllegalBlockSizeException; import javax.crypto.NoSuchPaddingException; import sun.misc.BASE64Encoder; /** * Use the SecureRandom java security class to generate * a more expensive, but cryptographically secure random number. Sunday, April 25, 2010
public static void main( String[] args ) throws NoSuchAlgorithmException, NoSuchProviderException, IOException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException { final String message1 = "Four score and seven years ago"; // Generate the Key Pair final KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA"); final SecureRandom random = SecureRandom.getInstance("SHA1PRNG", "SUN"); keyGen.initialize(1024, random); KeyPair pair = keyGen.generateKeyPair(); final PrivateKey privKey = pair.getPrivate(); final PublicKey pubKey = pair.getPublic(); //Encrypt using the private key Cipher rsa = Cipher.getInstance("RSA/ECB/PKCS1Padding"); rsa.init(Cipher.ENCRYPT_MODE, privKey); byte[] encryptedBytes = rsa.doFinal(message1.getBytes()); BASE64Encoder b64e = new sun.misc.BASE64Encoder(); Sunday, April 25, 2010
KeyPair pair = keyGen.generateKeyPair(); final PrivateKey privKey = pair.getPrivate(); final PublicKey pubKey = pair.getPublic(); //Encrypt using the private key Cipher rsa = Cipher.getInstance("RSA/ECB/PKCS1Padding"); rsa.init(Cipher.ENCRYPT_MODE, privKey); byte[] encryptedBytes = rsa.doFinal(message1.getBytes()); BASE64Encoder b64e = new sun.misc.BASE64Encoder(); String base64Encrypted = b64e.encode(encryptedBytes); System.out.println("Encrypted text: " + base64Encrypted); //Decrypt using the private key rsa.init(Cipher.DECRYPT_MODE, pubKey); byte[] decryptedBytes = rsa.doFinal(encryptedBytes); String decryptedText = new String(decryptedBytes); System.out.println("Decrypted text: " + decryptedText); } } Sunday, April 25, 2010
final PublicKey pubKey = pair.getPublic(); //Encrypt using the private key Cipher rsa = Cipher.getInstance("RSA/ECB/PKCS1Padding"); rsa.init(Cipher.ENCRYPT_MODE, privKey); byte[] encryptedBytes = rsa.doFinal(message1.getBytes()); BASE64Encoder b64e = new sun.misc.BASE64Encoder(); String base64Encrypted = b64e.encode(encryptedBytes); System.out.println("Encrypted text: " + base64Encrypted); //Decrypt using the private key rsa.init(Cipher.DECRYPT_MODE, pubKey); byte[] decryptedBytes = rsa.doFinal(encryptedBytes); String decryptedText = new String(decryptedBytes); System.out.println("Decrypted text: " + decryptedText); } } Sunday, April 25, 2010
Input String message1 = "Four score and seven years ago"; Result Encrypted text: A8Is+4r7sDn28fD6IQvZiR5JxPs/vh7UnXrF38acJt6R/ ARisj/zLtC7Xn6iJgNQPhc16wkVZhCF em7oNoim+ooTUDDZQ+E3qP6y/ DZJGkLBoZuZVLeLAW1LUtHSzduRUOg1uMynJz14wxzwfV8wfRwf atpySkOhGqWS63bPNRs= Decrypted text: Four score and seven years ago Sunday, April 25, 2010
BLENDED symmetric with a twist of asymmetric Sunday, April 25, 2010
BLENDED symmetric with a twist of asymmetric Sunday, April 25, 2010
Key Size & Security Sunday, April 25, 2010
Key Size & Security 160 bit DES Symmetric Key Size Sunday, April 25, 2010
Key Size & Security 1024 bit RSA Asymmetric Key Size 160 bit DES Symmetric Key Size Sunday, April 25, 2010
Key Size & Security 1024 bit RSA Asymmetric Key Size 160 bit DES Symmetric Key Size 112 bits Security Sunday, April 25, 2010
Key Size & Security 1024 bit RSA Asymmetric Key Size 160 bit DES Symmetric Key Size 112 bits 128 bits Security Security Sunday, April 25, 2010
Encryption Speed asymmetric can be 1000x slower than symmetric Sunday, April 25, 2010
PGP A B Sunday, April 25, 2010
PGP A B Message/File Sunday, April 25, 2010
PGP Random generated 256 bit symmetric key A B Message/File Sunday, April 25, 2010
PGP Random generated 256 bit symmetric key Encrypted with 256 bit symmetric key A B Message/File Sunday, April 25, 2010
PGP B’s 2048 bit public key Random generated 256 bit symmetric key Encrypted with 256 bit symmetric key A B Message/File Sunday, April 25, 2010
PGP Encrypted with 2048 bit RSA key Random generated 256 bit symmetric key Encrypted with 256 bit symmetric key A B Message/File Sunday, April 25, 2010
PGP Encrypted with 2048 bit RSA key Random generated 256 bit symmetric key Encrypted with 256 bit symmetric key A B Message/File Sunday, April 25, 2010
PGP Encrypted with 2048 bit RSA key B’s 2048 bit Random generated private key 256 bit symmetric key Encrypted with 256 bit symmetric key A B Message/File Sunday, April 25, 2010
PGP Random generated 256 bit symmetric key Encrypted with 256 bit symmetric key A B Message/File Sunday, April 25, 2010
PGP A B Message/File Sunday, April 25, 2010
PGP A B Message/File Sunday, April 25, 2010
OTHER FRAMEWORKS and alternative JCE providers Sunday, April 25, 2010
OTHER FRAMEWORKS and alternative JCE providers Sunday, April 25, 2010
Bouncy Castle JCE Provider Many more encryption and digest algorithms than the Sun provider (AES) Sunday, April 25, 2010
Jasypt Frictionless Java encryption Sunday, April 25, 2010
Gnu Open source library Sunday, April 25, 2010
In Summary Encrypted does not guarantee security ECB can be leaky Hash vs. Encrypt Know when to apply each Know your algorithm Key strength Symmetric versus asymmetric High Level Libraries More productive than pure JCE Sunday, April 25, 2010
Th anks in advanc e for yo ur com pleted evals! Sunday, April 25, 2010
OT CA MP TI ON BOission RYPrity is the M ENC cu Se Matthew McCullough Email matthewm@ambientideas.com Twitter @matthewmccull Blog http://ambientideas.com/blog Sunday, April 25, 2010
REFERENCES Sunday, April 25, 2010
References Sun docs http://java.sun.com/javase/6/docs/technotes/ guides/security/crypto/CryptoSpec.html http://java.sun.com/javase/technologies/security/ http://java.sun.com/javase/6/docs/technotes/ guides/security/jsse/JSSERefGuide.html http://java.sun.com/javase/6/docs/api/java/ security/Security.html BouncyCastle JCE Provider http://www.bouncycastle.org/documentation.html Sunday, April 25, 2010
References Sample Code http://github.com/matthewmccullough/ encryption-jvm-bootcamp Miscellaneous http://www.ietf.org/rfc/rfc3852.txt http://en.wikipedia.org/wiki/ Abstract_Syntax_Notation_One Sunday, April 25, 2010
Acronyms CMS Cryptographic Message Syntax (CMS) objects RFC 3852 PKCS#7 (formerly RFC 2630, 3369) http://www.ietf.org/rfc/rfc3852.txt ASN.1 Abstract Syntax Notation One 1984 X.409, 1988 X.208, 1995 X.680, 2002 http://www.asn1.org/ Sunday, April 25, 2010
CREDITS Sunday, April 25, 2010
http://www.ambientideasphotography.com http://stockfootageforfree.com/ http://xkcd.com/538/ http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation http://matdonline.free.fr/RSA-Diffie-Hellman-explained-in-5-minutes.htm http://www.isg.rhul.ac.uk/node/329 http://www.isg.rhul.ac.uk/files/IMG_9819.JPG http://www.usc.edu/dept/molecular-science/pictures/RSA-2003.jpg All others, iStockPhoto.com Sunday, April 25, 2010
STUDY NOTES Sunday, April 25, 2010
Major Encryption Types Pre-agreed Phrases (Concept) Simplest form of symmetric encryption. Have to meet in person to pass keys around DHM Key Exchange (Concept, Algorithm) Requires both parties to be online This is a drawback RSA (Algorithm) Added asynchronous behavior with pub priv keys Keys are permanent (not generated each time) PGP (Concept, Algorithm) Added speed to RSA by encrypting the payload Sunday, April 25, 2010
Data Integrity Checksums needed Harder to maintain with encryption? Block versus stream cipher Block: XOR all previous nodes Stream: XOR some “forward” packets Recovery once one packet is lost? Sunday, April 25, 2010
Replay Attacks Consider vulnerability to replay Problem: ECB (block) mode Same packet encrypted next time looks the same Hardening: XOR to protect Still vulnerable to entire stream replay Entire stream hard to capture Sunday, April 25, 2010

Recommandé

PaaSing a Java EE 6 Application at Geecon 2012
PaaSing a Java EE 6 Application at Geecon 2012PaaSing a Java EE 6 Application at Geecon 2012
PaaSing a Java EE 6 Application at Geecon 2012Arun Gupta
 
Developing With JAAS
Developing With JAASDeveloping With JAAS
Developing With JAASrahmed_sct
 
Using Git and GitHub Effectively at Emerge Interactive
Using Git and GitHub Effectively at Emerge InteractiveUsing Git and GitHub Effectively at Emerge Interactive
Using Git and GitHub Effectively at Emerge InteractiveMatthew McCullough
 
All About GitHub Pull Requests
All About GitHub Pull RequestsAll About GitHub Pull Requests
All About GitHub Pull RequestsMatthew McCullough
 
Adam Smith Builds an App
Adam Smith Builds an AppAdam Smith Builds an App
Adam Smith Builds an AppMatthew McCullough
 
Git's Filter Branch Command
Git's Filter Branch CommandGit's Filter Branch Command
Git's Filter Branch CommandMatthew McCullough
 
Git Graphs, Hashes, and Compression, Oh My
Git Graphs, Hashes, and Compression, Oh MyGit Graphs, Hashes, and Compression, Oh My
Git Graphs, Hashes, and Compression, Oh MyMatthew McCullough
 
Git and GitHub at the San Francisco JUG
Git and GitHub at the San Francisco JUG Git and GitHub at the San Francisco JUG
Git and GitHub at the San Francisco JUGMatthew McCullough
 

Recommandé

PaaSing a Java EE 6 Application at Geecon 2012
PaaSing a Java EE 6 Application at Geecon 2012PaaSing a Java EE 6 Application at Geecon 2012
PaaSing a Java EE 6 Application at Geecon 2012Arun Gupta
 
Developing With JAAS
Developing With JAASDeveloping With JAAS
Developing With JAASrahmed_sct
 
Using Git and GitHub Effectively at Emerge Interactive
Using Git and GitHub Effectively at Emerge InteractiveUsing Git and GitHub Effectively at Emerge Interactive
Using Git and GitHub Effectively at Emerge InteractiveMatthew McCullough
 
All About GitHub Pull Requests
All About GitHub Pull RequestsAll About GitHub Pull Requests
All About GitHub Pull RequestsMatthew McCullough
 
Adam Smith Builds an App
Adam Smith Builds an AppAdam Smith Builds an App
Adam Smith Builds an AppMatthew McCullough
 
Git's Filter Branch Command
Git's Filter Branch CommandGit's Filter Branch Command
Git's Filter Branch CommandMatthew McCullough
 
Git Graphs, Hashes, and Compression, Oh My
Git Graphs, Hashes, and Compression, Oh MyGit Graphs, Hashes, and Compression, Oh My
Git Graphs, Hashes, and Compression, Oh MyMatthew McCullough
 
Git and GitHub at the San Francisco JUG
Git and GitHub at the San Francisco JUG Git and GitHub at the San Francisco JUG
Git and GitHub at the San Francisco JUGMatthew McCullough
 
Finding Things in Git
Finding Things in GitFinding Things in Git
Finding Things in GitMatthew McCullough
 
Git and GitHub for RallyOn
Git and GitHub for RallyOnGit and GitHub for RallyOn
Git and GitHub for RallyOnMatthew McCullough
 
Migrating from Subversion to Git and GitHub
Migrating from Subversion to Git and GitHubMigrating from Subversion to Git and GitHub
Migrating from Subversion to Git and GitHubMatthew McCullough
 
Git Notes and GitHub
Git Notes and GitHubGit Notes and GitHub
Git Notes and GitHubMatthew McCullough
 
Intro to Git and GitHub
Intro to Git and GitHubIntro to Git and GitHub
Intro to Git and GitHubMatthew McCullough
 
Build Lifecycle Craftsmanship for the Transylvania JUG
Build Lifecycle Craftsmanship for the Transylvania JUGBuild Lifecycle Craftsmanship for the Transylvania JUG
Build Lifecycle Craftsmanship for the Transylvania JUGMatthew McCullough
 
Git Going for the Transylvania JUG
Git Going for the Transylvania JUGGit Going for the Transylvania JUG
Git Going for the Transylvania JUGMatthew McCullough
 
Transylvania JUG Pre-Meeting Announcements
Transylvania JUG Pre-Meeting AnnouncementsTransylvania JUG Pre-Meeting Announcements
Transylvania JUG Pre-Meeting AnnouncementsMatthew McCullough
 
Game Theory for Software Developers at the Boulder JUG
Game Theory for Software Developers at the Boulder JUGGame Theory for Software Developers at the Boulder JUG
Game Theory for Software Developers at the Boulder JUGMatthew McCullough
 
Cascading Through Hadoop for the Boulder JUG
Cascading Through Hadoop for the Boulder JUGCascading Through Hadoop for the Boulder JUG
Cascading Through Hadoop for the Boulder JUGMatthew McCullough
 
JQuery Mobile
JQuery MobileJQuery Mobile
JQuery MobileMatthew McCullough
 
R Data Analysis Software
R Data Analysis SoftwareR Data Analysis Software
R Data Analysis SoftwareMatthew McCullough
 
Please, Stop Using Git
Please, Stop Using GitPlease, Stop Using Git
Please, Stop Using GitMatthew McCullough
 
Dr. Strangedev
Dr. StrangedevDr. Strangedev
Dr. StrangedevMatthew McCullough
 
Jenkins for One
Jenkins for OneJenkins for One
Jenkins for OneMatthew McCullough
 
Lean Fluffy Startups
Lean Fluffy StartupsLean Fluffy Startups
Lean Fluffy StartupsMatthew McCullough
 
Finding Clojure
Finding ClojureFinding Clojure
Finding ClojureMatthew McCullough
 
Groovy-er Desktop Applications With Griffon
Groovy-er Desktop Applications With GriffonGroovy-er Desktop Applications With Griffon
Groovy-er Desktop Applications With GriffonMatthew McCullough
 
Semantic Rubrication
Semantic RubricationSemantic Rubrication
Semantic RubricationMatthew McCullough
 
How a Cupsfilter Made a Hard Web Conversion Easier
How a Cupsfilter Made a Hard Web Conversion EasierHow a Cupsfilter Made a Hard Web Conversion Easier
How a Cupsfilter Made a Hard Web Conversion EasierMatthew McCullough
 
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxAnupkumar Sharma
 
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptxFINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptxConquiztadors- the Quiz Society of Sri Venkateswara College
 

Contenu connexe

Plus de Matthew McCullough

Migrating from Subversion to Git and GitHub
Migrating from Subversion to Git and GitHubMigrating from Subversion to Git and GitHub
Migrating from Subversion to Git and GitHubMatthew McCullough
 
Build Lifecycle Craftsmanship for the Transylvania JUG
Build Lifecycle Craftsmanship for the Transylvania JUGBuild Lifecycle Craftsmanship for the Transylvania JUG
Build Lifecycle Craftsmanship for the Transylvania JUGMatthew McCullough
 
Git Going for the Transylvania JUG
Git Going for the Transylvania JUGGit Going for the Transylvania JUG
Git Going for the Transylvania JUGMatthew McCullough
 
Transylvania JUG Pre-Meeting Announcements
Transylvania JUG Pre-Meeting AnnouncementsTransylvania JUG Pre-Meeting Announcements
Transylvania JUG Pre-Meeting AnnouncementsMatthew McCullough
 
Game Theory for Software Developers at the Boulder JUG
Game Theory for Software Developers at the Boulder JUGGame Theory for Software Developers at the Boulder JUG
Game Theory for Software Developers at the Boulder JUGMatthew McCullough
 
Cascading Through Hadoop for the Boulder JUG
Cascading Through Hadoop for the Boulder JUGCascading Through Hadoop for the Boulder JUG
Cascading Through Hadoop for the Boulder JUGMatthew McCullough
 
Groovy-er Desktop Applications With Griffon
Groovy-er Desktop Applications With GriffonGroovy-er Desktop Applications With Griffon
Groovy-er Desktop Applications With GriffonMatthew McCullough
 
How a Cupsfilter Made a Hard Web Conversion Easier
How a Cupsfilter Made a Hard Web Conversion EasierHow a Cupsfilter Made a Hard Web Conversion Easier
How a Cupsfilter Made a Hard Web Conversion EasierMatthew McCullough
 

Plus de Matthew McCullough (20)

Finding Things in Git
Finding Things in GitFinding Things in Git
Finding Things in Git
 
Git and GitHub for RallyOn
Git and GitHub for RallyOnGit and GitHub for RallyOn
Git and GitHub for RallyOn
 
Migrating from Subversion to Git and GitHub
Migrating from Subversion to Git and GitHubMigrating from Subversion to Git and GitHub
Migrating from Subversion to Git and GitHub
 
Git Notes and GitHub
Git Notes and GitHubGit Notes and GitHub
Git Notes and GitHub
 
Intro to Git and GitHub
Intro to Git and GitHubIntro to Git and GitHub
Intro to Git and GitHub
 
Build Lifecycle Craftsmanship for the Transylvania JUG
Build Lifecycle Craftsmanship for the Transylvania JUGBuild Lifecycle Craftsmanship for the Transylvania JUG
Build Lifecycle Craftsmanship for the Transylvania JUG
 
Git Going for the Transylvania JUG
Git Going for the Transylvania JUGGit Going for the Transylvania JUG
Git Going for the Transylvania JUG
 
Transylvania JUG Pre-Meeting Announcements
Transylvania JUG Pre-Meeting AnnouncementsTransylvania JUG Pre-Meeting Announcements
Transylvania JUG Pre-Meeting Announcements
 
Game Theory for Software Developers at the Boulder JUG
Game Theory for Software Developers at the Boulder JUGGame Theory for Software Developers at the Boulder JUG
Game Theory for Software Developers at the Boulder JUG
 
Cascading Through Hadoop for the Boulder JUG
Cascading Through Hadoop for the Boulder JUGCascading Through Hadoop for the Boulder JUG
Cascading Through Hadoop for the Boulder JUG
 
JQuery Mobile
JQuery MobileJQuery Mobile
JQuery Mobile
 
R Data Analysis Software
R Data Analysis SoftwareR Data Analysis Software
R Data Analysis Software
 
Please, Stop Using Git
Please, Stop Using GitPlease, Stop Using Git
Please, Stop Using Git
 
Dr. Strangedev
Dr. StrangedevDr. Strangedev
Dr. Strangedev
 
Jenkins for One
Jenkins for OneJenkins for One
Jenkins for One
 
Lean Fluffy Startups
Lean Fluffy StartupsLean Fluffy Startups
Lean Fluffy Startups
 
Finding Clojure
Finding ClojureFinding Clojure
Finding Clojure
 
Groovy-er Desktop Applications With Griffon
Groovy-er Desktop Applications With GriffonGroovy-er Desktop Applications With Griffon
Groovy-er Desktop Applications With Griffon
 
Semantic Rubrication
Semantic RubricationSemantic Rubrication
Semantic Rubrication
 
How a Cupsfilter Made a Hard Web Conversion Easier
How a Cupsfilter Made a Hard Web Conversion EasierHow a Cupsfilter Made a Hard Web Conversion Easier
How a Cupsfilter Made a Hard Web Conversion Easier
 

Dernier

MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxAnupkumar Sharma
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfTechSoup
 
Science 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxScience 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxMaryGraceBautista27
 
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYKayeClaireEstoconing
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxthorishapillay1
 
Gas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxGas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxDr.Ibrahim Hassaan
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Celine George
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4MiaBumagat1
 
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designKeynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designMIPLM
 
Grade 9 Q4-MELC1-Active and Passive Voice.pptx
Grade 9 Q4-MELC1-Active and Passive Voice.pptxGrade 9 Q4-MELC1-Active and Passive Voice.pptx
Grade 9 Q4-MELC1-Active and Passive Voice.pptxChelloAnnAsuncion2
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Jisc
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptxmary850239
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfMr Bounab Samir
 
Q4 English4 Week3 PPT Melcnmg-based.pptx
Q4 English4 Week3 PPT Melcnmg-based.pptxQ4 English4 Week3 PPT Melcnmg-based.pptx
Q4 English4 Week3 PPT Melcnmg-based.pptxnelietumpap1
 

Dernier (20)

MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
 
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptxFINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
 
Science 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxScience 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptx
 
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptx
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Gas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxGas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptx
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4
 
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designKeynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-design
 
Raw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptxRaw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptx
 
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptxYOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
 
Grade 9 Q4-MELC1-Active and Passive Voice.pptx
Grade 9 Q4-MELC1-Active and Passive Voice.pptxGrade 9 Q4-MELC1-Active and Passive Voice.pptx
Grade 9 Q4-MELC1-Active and Passive Voice.pptx
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
 
Q4 English4 Week3 PPT Melcnmg-based.pptx
Q4 English4 Week3 PPT Melcnmg-based.pptxQ4 English4 Week3 PPT Melcnmg-based.pptx
Q4 English4 Week3 PPT Melcnmg-based.pptx
 

JVM Encryption Boot Camp 0.4.3

  • 1. TI YP P ON C R AM EN T C B OOurity is th e mi ssion Sec © Matthew McCullough, Ambient Ideas, LLC Sunday, April 25, 2010
  • 2. SECURITY What’s ON THE J your po VM sition? Sunday, April 25, 2010
  • 3. HACK ATT EMPTS PE in R the bi llions D AY Sunday, April 25, 2010
  • 4. G? ot TINbly n YP oba ENCR pr say st atis tics Sunday, April 25, 2010
  • 7. ANCIENT HISTORY Everything old is new again Sunday, April 25, 2010
  • 8. ANCIENT HISTORY Everything old is new again Sunday, April 25, 2010
  • 10. new this oss” over uff b all n st “I’m yptio encr Sunday, April 25, 2010
  • 12. 44 B.C. That’s 2,054 years ago... Sunday, April 25, 2010
  • 18. Caesar Cipher a.k.a. ROT(2) Shift Cipher A B C D E F G A B C D E F G Sunday, April 25, 2010
  • 19. Caesar Cipher a.k.a. ROT(2) Shift Cipher A B C D E F G A B C D E F G Sunday, April 25, 2010
  • 20. Caesar Cipher a.k.a. ROT(2) Shift Cipher A B C D E F G A B C D E F G Sunday, April 25, 2010
  • 21. Caesar Cipher a.k.a. ROT(2) Shift Cipher Sunday, April 25, 2010
  • 23. Caesar Cipher Z M S R Sunday, April 25, 2010
  • 24. Caesar Cipher Z M S R 30s 25s 20s 15s 10s 5s Stop Sunday, April 25, 2010
  • 25. Caesar Cipher Z M S R Sunday, April 25, 2010
  • 26. Caesar Cipher Z M S R A N T S if encrypted with ROT(-1) Sunday, April 25, 2010
  • 27. Caesar Cipher Z M S R A N T S if encrypted with ROT(-1) B O U T if encrypted with ROT(-2) Sunday, April 25, 2010
  • 28. /** * A naively simple rotation cipher implementation. * USAGE: groovy RotateWord.groovy <yourword> */ public class RotateWord { /** * Rotate one character by the specified amount */ private static char rotateChar(char c, int rotationAmount) { //a == 97, z == 122 int num = (int)c int rotated = num + rotationAmount int adjusted //Handle roll-around wrapping Sunday, April 25, 2010
  • 29. /** * A naively simple rotation cipher implementation. * USAGE: groovy RotateWord.groovy <yourword> */ public class RotateWord { /** * Rotate one character by the specified amount */ private static char rotateChar(char c, int rotationAmount) { //a == 97, z == 122 int num = (int)c int rotated = num + rotationAmount int adjusted //Handle roll-around wrapping if (rotated > 122) adjusted = rotated - 26 else if (rotated < 97) adjusted = rotated + 26 else adjusted = rotated Sunday, April 25, 2010
  • 30. public class RotateWord { /** * Rotate one character by the specified amount */ private static char rotateChar(char c, int rotationAmount) { //a == 97, z == 122 int num = (int)c int rotated = num + rotationAmount int adjusted //Handle roll-around wrapping if (rotated > 122) adjusted = rotated - 26 else if (rotated < 97) adjusted = rotated + 26 else adjusted = rotated char adjustedChar = (char)adjusted return adjustedChar } /** Sunday, April 25, 2010
  • 31. private static char rotateChar(char c, int rotationAmount) { //a == 97, z == 122 int num = (int)c int rotated = num + rotationAmount int adjusted //Handle roll-around wrapping if (rotated > 122) adjusted = rotated - 26 else if (rotated < 97) adjusted = rotated + 26 else adjusted = rotated char adjustedChar = (char)adjusted return adjustedChar } /** * Rotate the entire String by the specified rotation amount. */ public static String rotateAllChars(String plainText, int rotationAmount) { String encodedMessage = "" Sunday, April 25, 2010
  • 32. adjusted = rotated + 26 else adjusted = rotated char adjustedChar = (char)adjusted return adjustedChar } /** * Rotate the entire String by the specified rotation amount. */ public static String rotateAllChars(String plainText, int rotationAmount) { String encodedMessage = "" //Loop through each character in the plaintext for (int i = 0; i < plainText.length(); i++) { //TODO: Improve to handle upper and lower case letters char c = plainText.toLowerCase().charAt(i) encodedMessage += rotateChar(c, rotationAmount) } return encodedMessage } Sunday, April 25, 2010
  • 33. return adjustedChar } /** * Rotate the entire String by the specified rotation amount. */ public static String rotateAllChars(String plainText, int rotationAmount) { String encodedMessage = "" //Loop through each character in the plaintext for (int i = 0; i < plainText.length(); i++) { //TODO: Improve to handle upper and lower case letters char c = plainText.toLowerCase().charAt(i) encodedMessage += rotateChar(c, rotationAmount) } return encodedMessage } public static void main (String[] args) { String originalword = args[0] println "Rot(-3) Word: " + rotateAllChars(originalword, -3) Sunday, April 25, 2010
  • 34. public static void main (String[] args) { String originalword = args[0] println "Rot(-3) Word: " + rotateAllChars(originalword, -3) println "Rot(-2) Word: " + rotateAllChars(originalword, -2) println "Rot(-1) Word: " + rotateAllChars(originalword, -1) println "Original Word: ${originalword}" println "Rot(1) Word: " + rotateAllChars(originalword, 1) println "Rot(2) Word: " + rotateAllChars(originalword, 2) } } Sunday, April 25, 2010
  • 35. BROKEN Perfectly safe data is a myth Sunday, April 25, 2010
  • 36. BROKEN Perfectly safe data is a myth Sunday, April 25, 2010
  • 38. Compromised ! Every algorithm is vulnerable Sunday, April 25, 2010
  • 39. Compromised ! Every algorithm is vulnerable ! Crack by brute force Sunday, April 25, 2010
  • 40. Compromised ! Every algorithm is vulnerable ! Crack by brute force ! Crack by rainbow tables Sunday, April 25, 2010
  • 41. Compromised ! Every algorithm is vulnerable ! Crack by brute force ! Crack by rainbow tables ! Function of time + money + hardware Sunday, April 25, 2010
  • 43. $2000 $ 50 Sunday, April 25, 2010
  • 44. $2000 Whic h wo uld y ou hit $ 50 ? Sunday, April 25, 2010
  • 45. JCE PRIMER The world of Java crypto Sunday, April 25, 2010
  • 46. JCE PRIMER The world of Java crypto Sunday, April 25, 2010
  • 47. Java Cryptography Extension Known as JCE Included in all JREs Since Java 1.2 Pluggable provider architecture JCE extends Java Cryptography Architecture (JCA) Sunday, April 25, 2010
  • 48. JCE Providers Default Sun JRE Providers SUN SunJCE SunJSSE SunRsaSign BouncyCastle Provider Adds AES capabilities Sunday, April 25, 2010
  • 49. Registering a Provider Static <java-home>/lib/security/java.security security.provider.n=masterClassName Sunday, April 25, 2010
  • 50. Registering a Provider Dynamic ! java.security.Security class addProvider() insertProviderAt() ! Not persistent across VM instances Sunday, April 25, 2010
  • 51. Encryption & the Law country borders stop bits Sunday, April 25, 2010
  • 52. JCE Strength ! Jurisdiction Policy Files ! Two variants ! Algorithm strength differences Sunday, April 25, 2010
  • 53. Unlimite d Sunday, April 25, 2010
  • 54. Unlimite d Sunday, April 25, 2010
  • 58. JCE Strength Strong strength included in all JREs Sunday, April 25, 2010
  • 59. JCE Strength Strong strength included in all JREs Unlimited strength is a separate download available based on US export rules Sunday, April 25, 2010
  • 63. Worldwide Policy // File: default_local.policy // Some countries have import limits on crypto strength. // This policy file is worldwide importable. grant { permission javax.crypto.CryptoPermission "DES", 64; permission javax.crypto.CryptoPermission "DESede", *; permission javax.crypto.CryptoPermission "RC2", 128, "javax.crypto.spec.RC2ParameterSpec", 128; permission javax.crypto.CryptoPermission "RC4", 128; permission javax.crypto.CryptoPermission "RC5", 128, "javax.crypto.spec.RC5ParameterSpec", *, 12, *; permission javax.crypto.CryptoPermission "RSA", 2048; permission javax.crypto.CryptoPermission *, 128; }; Sunday, April 25, 2010
  • 64. Max Key Sizes Algorithm Max Key Size DES 64 DESede 168 3des RC2 128 RC4 128 RC5 128 RSA 2048 Others 128 Sunday, April 25, 2010
  • 65. Digests & Hashes One way functions Sunday, April 25, 2010
  • 66. What is a Digest? Small set of bytes representing a large message Small change in message = large change in digest Integrity check for large data Password storage mechanism Sunday, April 25, 2010
  • 68. MessageDigest ! java.security.MessageDigest Sunday, April 25, 2010
  • 69. MessageDigest ! java.security.MessageDigest ! Multiple algorithms available Sunday, April 25, 2010
  • 70. MessageDigest ! java.security.MessageDigest ! Multiple algorithms available ! MD5 (128 bit) Sunday, April 25, 2010
  • 71. MessageDigest ! java.security.MessageDigest ! Multiple algorithms available ! MD5 (128 bit) ! SHA-1 (160 bit) Sunday, April 25, 2010
  • 74. MessageDigest ! MD5 ! U. S. Department of Homeland Security said MD5 "considered cryptographically broken and unsuitable for further use" Sunday, April 25, 2010
  • 75. System.out.println("Message1 SHA1 digest: " + shaAndBase64Encode(message1)); System.out.println("Message2 SHA1 digest: " + shaAndBase64Encode(message2)); } /** * Helper function to both SHA-1 hash and * base64 encode the resulting bytes to a String */ public static String shaAndBase64Encode(String message) throws NoSuchAlgorithmException { MessageDigest sha = MessageDigest.getInstance("SHA-1"); //Salt could be applied here //Integer salt = <some random number generator> //sha.update(salt.getBytes()); byte[] digest = sha.digest(message.getBytes()); return new sun.misc.BASE64Encoder().encode(digest); } } Sunday, April 25, 2010
  • 76. * * Demonstrate that very similar messages * have radically different hashes. */ public class MessageDigestSHA { public static void main( String[] args ) throws NoSuchAlgorithmException { //Set up the message to be encoded String message1 = "Four score and seven years ago"; String message2 = "Four score and seven tears ago"; System.out.println("Message1 SHA1 digest: " + shaAndBase64Encode(message1)); System.out.println("Message2 SHA1 digest: " + shaAndBase64Encode(message2)); } /** * Helper function to both SHA-1 hash and * base64 encode the resulting bytes to a String */ public static String shaAndBase64Encode(String message) throws NoSuchAlgorithmException { MessageDigest sha = MessageDigest.getInstance("SHA-1"); Sunday, April 25, 2010
  • 77. Input String message1 = "Four score and seven years ago"; String message2 = "Four score and seven tears ago"; Result Message1 SHA1 digest: DmCJIg4Bq/xpGIxVXxo3IB0vo38= Message2 SHA1 digest: oaLHt8tr31ttngCDjyYuWowF5Mc= Sunday, April 25, 2010
  • 78. SYMMETRIC My key is your key Sunday, April 25, 2010
  • 79. SYMMETRIC My key is your key Sunday, April 25, 2010
  • 82. ht Sig ain Pl Sensitive Data Sunday, April 25, 2010
  • 83. Recipient or Storage ht Sig ain Pl Sensitive Data Sunday, April 25, 2010
  • 84. Recipient or Storage ht Sig r ed cu ain ts O b s Pl C on te n Sensitive Data Sunday, April 25, 2010
  • 86. Why Symmetric? ! Fast Sunday, April 25, 2010
  • 87. Why Symmetric? ! Fast ! Well suited for bulk data Sunday, April 25, 2010
  • 89. Using Symmetric Secure network for passing keys or Sunday, April 25, 2010
  • 90. Using Symmetric Secure network for passing keys or Never decrypted at remote end Sunday, April 25, 2010
  • 92. Symmetric Problems Keys vulnerable to capture Sunday, April 25, 2010
  • 93. Symmetric Problems Keys vulnerable to capture Eavesdropping on future communications after key compromise Sunday, April 25, 2010
  • 94. Symmetric Problems Keys vulnerable to capture Eavesdropping on future communications after key compromise Key distribution challenges Sunday, April 25, 2010
  • 95. Symmetric Problems Keys vulnerable to capture Eavesdropping on future communications after key compromise Key distribution challenges Triangular number key growth Sunday, April 25, 2010
  • 96. Symmetric Problems ! Triangular number key growth Sunday, April 25, 2010
  • 97. Symmetric A B Sunday, April 25, 2010
  • 98. Symmetric A Message/File B Sunday, April 25, 2010
  • 99. Symmetric A’s 256 bit symmetric key A Message/File B Sunday, April 25, 2010
  • 100. Symmetric Encrypted with 256 bit symmetric key A’s 256 bit symmetric key A Message/File B Sunday, April 25, 2010
  • 101. Symmetric Encrypted with 256 bit symmetric key A’s 256 bit symmetric key A Message/File B Sunday, April 25, 2010
  • 102. Symmetric A’s 256 bit symmetric key A Message/File B Sunday, April 25, 2010
  • 103. Symmetric A’s 256 bit symmetric key A Message/File B Sunday, April 25, 2010
  • 104. SYMMETRIC Block versus Stream Algorithms Sunday, April 25, 2010
  • 105. Stream vs. Block Sunday, April 25, 2010
  • 106. Stream vs. Block Specific algorithms for each Sunday, April 25, 2010
  • 109. Block Predefined content length Sunday, April 25, 2010
  • 110. Block Predefined content length Well-known end to the content Sunday, April 25, 2010
  • 111. Block Predefined content length Well-known end to the content Files on disk Sunday, April 25, 2010
  • 112. Block Predefined content length Well-known end to the content Files on disk Inefficient when padding Sunday, April 25, 2010
  • 113. DES Data Encryption Standard Block cipher Banking industry DES is known to be broken Sunday, April 25, 2010
  • 114. 3DES Data Encryption Standard Block cipher a.k.a DESede Basically three passes of DES Reasonably strong Sunday, April 25, 2010
  • 115. Blowfish Block cipher Unpatented (intentionally) Secure replacement for DES Faster than DES 32 to 448 bit keys Overshadowed by AES Sunday, April 25, 2010
  • 116. AES Advanced Encryption Standard Block cipher Government standard Rijndael algorithm (Joan Daemen, Vincent Rijmen) 4 years of evaluation Final in December 2000 Very Secure Sunday, April 25, 2010
  • 119. Stream Unknown content length Sunday, April 25, 2010
  • 120. Stream Unknown content length Streaming video Sunday, April 25, 2010
  • 121. Stream Unknown content length Streaming video Streaming voice Sunday, April 25, 2010
  • 122. Stream Unknown content length Streaming video Streaming voice Similar to One-Time Pads Sunday, April 25, 2010
  • 124. RC4 Rivest’s Code 4 Sunday, April 25, 2010
  • 125. RC4 Rivest’s Code 4 Stream cipher Sunday, April 25, 2010
  • 126. RC4 Rivest’s Code 4 Stream cipher Trademarked (name, but not algorithm) Sunday, April 25, 2010
  • 127. RC4 Rivest’s Code 4 Stream cipher Trademarked (name, but not algorithm) Used by Sunday, April 25, 2010
  • 128. RC4 Rivest’s Code 4 Stream cipher Trademarked (name, but not algorithm) Used by Browsers in SSL, TLS Sunday, April 25, 2010
  • 129. RC4 Rivest’s Code 4 Stream cipher Trademarked (name, but not algorithm) Used by Browsers in SSL, TLS WiFi in WEP WPA , Sunday, April 25, 2010
  • 130. RC4 Rivest’s Code 4 Stream cipher Trademarked (name, but not algorithm) Used by Browsers in SSL, TLS WiFi in WEP WPA , BitTorrent Sunday, April 25, 2010
  • 131. RC4 Rivest’s Code 4 Stream cipher Trademarked (name, but not algorithm) Used by Browsers in SSL, TLS WiFi in WEP WPA , BitTorrent ssh Sunday, April 25, 2010
  • 132. RC4 Rivest’s Code 4 Stream cipher Trademarked (name, but not algorithm) Used by Browsers in SSL, TLS WiFi in WEP WPA , BitTorrent ssh Microsoft RDP Sunday, April 25, 2010
  • 133. RC4 Rivest’s Code 4 Stream cipher Trademarked (name, but not algorithm) Used by Browsers in SSL, TLS WiFi in WEP WPA , BitTorrent ssh Microsoft RDP PDF Sunday, April 25, 2010
  • 135. A5/1 A5/1 Sunday, April 25, 2010
  • 136. A5/1 A5/1 Secret, unpublished Sunday, April 25, 2010
  • 137. A5/1 A5/1 Secret, unpublished Reverse engineered Sunday, April 25, 2010
  • 138. A5/1 A5/1 Secret, unpublished Reverse engineered Used by GSM phones Sunday, April 25, 2010
  • 139. import java.security.InvalidKeyException; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; import javax.crypto.BadPaddingException; import javax.crypto.Cipher; import javax.crypto.IllegalBlockSizeException; import javax.crypto.KeyGenerator; import javax.crypto.NoSuchPaddingException; import javax.crypto.SecretKey; import sun.misc.BASE64Encoder; /** * Use the SecureRandom java security class to generate * a more expensive, but cryptographically secure random number. */ public class SymmetricEncrypt { public static void main( String[] args ) throws NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException { final String message1 = "Four score and seven years ago"; Sunday, April 25, 2010
  • 140. import sun.misc.BASE64Encoder; /** * Use the SecureRandom java security class to generate * a more expensive, but cryptographically secure random number. */ public class SymmetricEncrypt { public static void main( String[] args ) throws NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException { final String message1 = "Four score and seven years ago"; //Build a new encryption key final KeyGenerator keyGen = KeyGenerator.getInstance("DESede"); keyGen.init(168); final SecretKey desKey = keyGen.generateKey(); //Set up the cipher final Cipher desCipher = Cipher.getInstance("DESede/ECB/PKCS5Padding"); ////////////////////////////////////// //Put the cipher in encryption mode desCipher.init(Cipher.ENCRYPT_MODE, desKey); //Encrypt and output the base64 data byte[] clearText = message1.getBytes(); byte[] encryptedBytes = desCipher.doFinal(clearText); BASE64Encoder b64e = new sun.misc.BASE64Encoder(); Sunday, April 25, 2010
  • 141. final String message1 = "Four score and seven years ago"; //Build a new encryption key final KeyGenerator keyGen = KeyGenerator.getInstance("DESede"); keyGen.init(168); final SecretKey desKey = keyGen.generateKey(); //Set up the cipher final Cipher desCipher = Cipher.getInstance("DESede/ECB/PKCS5Padding"); ////////////////////////////////////// //Put the cipher in encryption mode desCipher.init(Cipher.ENCRYPT_MODE, desKey); //Encrypt and output the base64 data byte[] clearText = message1.getBytes(); byte[] encryptedBytes = desCipher.doFinal(clearText); BASE64Encoder b64e = new sun.misc.BASE64Encoder(); String base64Encrypted = b64e.encode(encryptedBytes); System.out.println("Encrypted text: " + base64Encrypted); ////////////////////////////////////// //Put the cipher in decryption mode desCipher.init(Cipher.DECRYPT_MODE, desKey); //Decrypt and output the original string byte[] decryptedBytes = desCipher.doFinal(encryptedBytes); String decryptedText = new String(decryptedBytes); System.out.println("Decrypted text: " + decryptedText); } } Sunday, April 25, 2010
  • 142. //Set up the cipher final Cipher desCipher = Cipher.getInstance("DESede/ECB/PKCS5Padding"); ////////////////////////////////////// //Put the cipher in encryption mode desCipher.init(Cipher.ENCRYPT_MODE, desKey); //Encrypt and output the base64 data byte[] clearText = message1.getBytes(); byte[] encryptedBytes = desCipher.doFinal(clearText); BASE64Encoder b64e = new sun.misc.BASE64Encoder(); String base64Encrypted = b64e.encode(encryptedBytes); System.out.println("Encrypted text: " + base64Encrypted); ////////////////////////////////////// //Put the cipher in decryption mode desCipher.init(Cipher.DECRYPT_MODE, desKey); //Decrypt and output the original string byte[] decryptedBytes = desCipher.doFinal(encryptedBytes); String decryptedText = new String(decryptedBytes); System.out.println("Decrypted text: " + decryptedText); } } Sunday, April 25, 2010
  • 143. Input String message1 = "Four score and seven years ago"; Result Encrypted text: P0FT6N3XXrohtsz7OLh3FGYY0wErkPIur1DP6Csbj4g= Decrypted text: Four score and seven years ago Sunday, April 25, 2010
  • 144. ENCRYPTED = SAFE, RIGHT? information leakage from encrypted data Sunday, April 25, 2010
  • 145. ENCRYPTED = SAFE, RIGHT? information leakage from encrypted data Sunday, April 25, 2010
  • 146. Encrypted isn’t enough? http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation Sunday, April 25, 2010
  • 147. SECURE KEY EXCHANGE securely swapping symmetric keys Sunday, April 25, 2010
  • 148. SECURE KEY EXCHANGE securely swapping symmetric keys Sunday, April 25, 2010
  • 152. Diffie-Hellman Key Agreement Protocol Sunday, April 25, 2010
  • 153. Diffie-Hellman Key Agreement Protocol Alice & Bob independently generate the shared (session) key Sunday, April 25, 2010
  • 154. Diffie-Hellman Key Agreement Protocol Alice & Bob independently generate the shared (session) key Published 1976, but invented earlier Sunday, April 25, 2010
  • 155. Diffie-Hellman Key Agreement Protocol Alice & Bob independently generate the shared (session) key Published 1976, but invented earlier Vulnerable to MITM attack Sunday, April 25, 2010
  • 156. Diffie-Hellman Key Agreement Protocol Alice & Bob independently generate the shared (session) key Published 1976, but invented earlier Vulnerable to MITM attack Fixed by PKI Sunday, April 25, 2010
  • 157. Diffie-Hellman Key Agreement Protocol Alice & Bob independently generate the shared (session) key Published 1976, but invented earlier Vulnerable to MITM attack Fixed by PKI and signing the agreed key Sunday, April 25, 2010
  • 158. DH Diagrammed A B Sunday, April 25, 2010
  • 159. DH Diagrammed predetermined and openly shared A B Sunday, April 25, 2010
  • 160. DH Diagrammed predetermined and openly shared g = random g = 11 A B Sunday, April 25, 2010
  • 161. DH Diagrammed predetermined and openly shared g = random p = prime g = 11 p = 23 A B Sunday, April 25, 2010
  • 162. DH Diagrammed predetermined and openly shared g = random p = prime g = 11 p = 23 picks a = 6 picks b = 4 A B Sunday, April 25, 2010
  • 163. DH Diagrammed predetermined and openly shared g = random p = prime g = 11 p = 23 picks a = 6 picks b = 4 A A= ga mod p B B= gb mod p Sunday, April 25, 2010
  • 164. DH Diagrammed predetermined and openly shared g = random p = prime g = 11 p = 23 picks a = 6 picks b = 4 A A= ga mod p B B= gb mod p 9=116 mod 23 13=114 mod 23 Sunday, April 25, 2010
  • 165. DH Diagrammed predetermined and openly shared g = random p = prime g = 11 p = 23 picks a = 6 picks b = 4 A A= ga mod p B B= gb mod p 9=116 mod 23 13=114 mod 23 B=13 A=9 Sunday, April 25, 2010
  • 166. DH Diagrammed predetermined and openly shared g = random p = prime g = 11 p = 23 picks a = 6 picks b = 4 A A= ga mod p B B= gb mod p 9=116 mod 23 13=114 mod 23 B=13 A=9 K= Ba mod p K= Ab mod p Sunday, April 25, 2010
  • 167. DH Diagrammed predetermined and openly shared g = random p = prime g = 11 p = 23 picks a = 6 picks b = 4 A A= ga mod p B B= gb mod p 9=116 mod 23 13=114 mod 23 B=13 A=9 K= Ba mod p K= Ab mod p 6= 136 mod 23 6= 94 mod 23 Sunday, April 25, 2010
  • 168. DH Diagrammed predetermined and openly shared g = random p = prime g = 11 p = 23 picks a = 6 picks b = 4 A A= ga mod p B B= gb mod p 9=116 mod 23 13=114 mod 23 B=13 A=9 K= Ba mod p K= Ab mod p 6= 136 mod 23 6= 94 mod 23 Encryption can begin Sunday, April 25, 2010
  • 169. RANDOM NUMBERS Seed the machine Sunday, April 25, 2010
  • 170. RANDOM NUMBERS Seed the machine Sunday, April 25, 2010
  • 171. SecureRandom java.security.SecureRandom Cryptographically strong random number generator (RNG) “Unable to distinguish from a true random source” Used in combination with many ciphers Sunday, April 25, 2010
  • 172. package com.ambientideas; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; /** * Use the SecureRandom java security class to generate * a more expensive, but cryptographically secure random number. */ public class SecureRandomNumber { public static void main( String[] args ) throws NoSuchAlgorithmException { //Do the expensive one time setup of the Sunday, April 25, 2010 // random number generator instance
  • 173. import java.security.SecureRandom; /** * Use the SecureRandom java security class to generate * a more expensive, but cryptographically secure random number. */ public class SecureRandomNumber { public static void main( String[] args ) throws NoSuchAlgorithmException { //Do the expensive one time setup of the // random number generator instance SecureRandom prng = SecureRandom.getInstance("SHA1PRNG"); //Get the next random number String randomNum = new Integer( prng.nextInt() ).toString(); System.out.println("Random number: " + randomNum); } } Sunday, April 25, 2010
  • 174. * a more expensive, but cryptographically secure random number. */ public class SecureRandomNumber { public static void main( String[] args ) throws NoSuchAlgorithmException { //Do the expensive one time setup of the // random number generator instance SecureRandom prng = SecureRandom.getInstance("SHA1PRNG"); //Get the next random number String randomNum = new Integer( prng.nextInt() ).toString(); System.out.println("Random number: " + randomNum); } } Sunday, April 25, 2010
  • 175. Result Random number: 1633471380 Sunday, April 25, 2010
  • 176. ASYMMETRIC Throwing away keys faster than an intern locksmith Sunday, April 25, 2010
  • 177. ASYMMETRIC Throwing away keys faster than an intern locksmith Sunday, April 25, 2010
  • 180. RSA Ron Rivest, Adi Shamir, Leonard Adleman Published in 1978 M.I.T. Patented in 1983 Patent Expired in 2000 Sunday, April 25, 2010
  • 183. RSA A B Sunday, April 25, 2010
  • 184. RSA A Message/File B Sunday, April 25, 2010
  • 185. RSA B’s 2048 bit public key A Message/File B Sunday, April 25, 2010
  • 186. RSA Encrypted with 2048 bit RSA key A Message/File B Sunday, April 25, 2010
  • 187. RSA Encrypted with 2048 bit RSA key B’s 2048 bit private key A Message/File B Sunday, April 25, 2010
  • 188. RSA A Message/File B Sunday, April 25, 2010
  • 189. RSA A Message/File B Sunday, April 25, 2010
  • 190. import java.io.IOException; import java.security.InvalidKeyException; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; import java.security.PrivateKey; import java.security.PublicKey; import java.security.SecureRandom; import javax.crypto.BadPaddingException; import javax.crypto.Cipher; import javax.crypto.IllegalBlockSizeException; import javax.crypto.NoSuchPaddingException; import sun.misc.BASE64Encoder; /** * Use the SecureRandom java security class to generate * a more expensive, but cryptographically secure random number. Sunday, April 25, 2010
  • 191. public static void main( String[] args ) throws NoSuchAlgorithmException, NoSuchProviderException, IOException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException { final String message1 = "Four score and seven years ago"; // Generate the Key Pair final KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA"); final SecureRandom random = SecureRandom.getInstance("SHA1PRNG", "SUN"); keyGen.initialize(1024, random); KeyPair pair = keyGen.generateKeyPair(); final PrivateKey privKey = pair.getPrivate(); final PublicKey pubKey = pair.getPublic(); //Encrypt using the private key Cipher rsa = Cipher.getInstance("RSA/ECB/PKCS1Padding"); rsa.init(Cipher.ENCRYPT_MODE, privKey); byte[] encryptedBytes = rsa.doFinal(message1.getBytes()); BASE64Encoder b64e = new sun.misc.BASE64Encoder(); Sunday, April 25, 2010
  • 192. KeyPair pair = keyGen.generateKeyPair(); final PrivateKey privKey = pair.getPrivate(); final PublicKey pubKey = pair.getPublic(); //Encrypt using the private key Cipher rsa = Cipher.getInstance("RSA/ECB/PKCS1Padding"); rsa.init(Cipher.ENCRYPT_MODE, privKey); byte[] encryptedBytes = rsa.doFinal(message1.getBytes()); BASE64Encoder b64e = new sun.misc.BASE64Encoder(); String base64Encrypted = b64e.encode(encryptedBytes); System.out.println("Encrypted text: " + base64Encrypted); //Decrypt using the private key rsa.init(Cipher.DECRYPT_MODE, pubKey); byte[] decryptedBytes = rsa.doFinal(encryptedBytes); String decryptedText = new String(decryptedBytes); System.out.println("Decrypted text: " + decryptedText); } } Sunday, April 25, 2010
  • 193. final PublicKey pubKey = pair.getPublic(); //Encrypt using the private key Cipher rsa = Cipher.getInstance("RSA/ECB/PKCS1Padding"); rsa.init(Cipher.ENCRYPT_MODE, privKey); byte[] encryptedBytes = rsa.doFinal(message1.getBytes()); BASE64Encoder b64e = new sun.misc.BASE64Encoder(); String base64Encrypted = b64e.encode(encryptedBytes); System.out.println("Encrypted text: " + base64Encrypted); //Decrypt using the private key rsa.init(Cipher.DECRYPT_MODE, pubKey); byte[] decryptedBytes = rsa.doFinal(encryptedBytes); String decryptedText = new String(decryptedBytes); System.out.println("Decrypted text: " + decryptedText); } } Sunday, April 25, 2010
  • 194. Input String message1 = "Four score and seven years ago"; Result Encrypted text: A8Is+4r7sDn28fD6IQvZiR5JxPs/vh7UnXrF38acJt6R/ ARisj/zLtC7Xn6iJgNQPhc16wkVZhCF em7oNoim+ooTUDDZQ+E3qP6y/ DZJGkLBoZuZVLeLAW1LUtHSzduRUOg1uMynJz14wxzwfV8wfRwf atpySkOhGqWS63bPNRs= Decrypted text: Four score and seven years ago Sunday, April 25, 2010
  • 195. BLENDED symmetric with a twist of asymmetric Sunday, April 25, 2010
  • 196. BLENDED symmetric with a twist of asymmetric Sunday, April 25, 2010
  • 197. Key Size & Security Sunday, April 25, 2010
  • 198. Key Size & Security 160 bit DES Symmetric Key Size Sunday, April 25, 2010
  • 199. Key Size & Security 1024 bit RSA Asymmetric Key Size 160 bit DES Symmetric Key Size Sunday, April 25, 2010
  • 200. Key Size & Security 1024 bit RSA Asymmetric Key Size 160 bit DES Symmetric Key Size 112 bits Security Sunday, April 25, 2010
  • 201. Key Size & Security 1024 bit RSA Asymmetric Key Size 160 bit DES Symmetric Key Size 112 bits 128 bits Security Security Sunday, April 25, 2010
  • 202. Encryption Speed asymmetric can be 1000x slower than symmetric Sunday, April 25, 2010
  • 203. PGP A B Sunday, April 25, 2010
  • 204. PGP A B Message/File Sunday, April 25, 2010
  • 205. PGP Random generated 256 bit symmetric key A B Message/File Sunday, April 25, 2010
  • 206. PGP Random generated 256 bit symmetric key Encrypted with 256 bit symmetric key A B Message/File Sunday, April 25, 2010
  • 207. PGP B’s 2048 bit public key Random generated 256 bit symmetric key Encrypted with 256 bit symmetric key A B Message/File Sunday, April 25, 2010
  • 208. PGP Encrypted with 2048 bit RSA key Random generated 256 bit symmetric key Encrypted with 256 bit symmetric key A B Message/File Sunday, April 25, 2010
  • 209. PGP Encrypted with 2048 bit RSA key Random generated 256 bit symmetric key Encrypted with 256 bit symmetric key A B Message/File Sunday, April 25, 2010
  • 210. PGP Encrypted with 2048 bit RSA key B’s 2048 bit Random generated private key 256 bit symmetric key Encrypted with 256 bit symmetric key A B Message/File Sunday, April 25, 2010
  • 211. PGP Random generated 256 bit symmetric key Encrypted with 256 bit symmetric key A B Message/File Sunday, April 25, 2010
  • 212. PGP A B Message/File Sunday, April 25, 2010
  • 213. PGP A B Message/File Sunday, April 25, 2010
  • 214. OTHER FRAMEWORKS and alternative JCE providers Sunday, April 25, 2010
  • 215. OTHER FRAMEWORKS and alternative JCE providers Sunday, April 25, 2010
  • 216. Bouncy Castle JCE Provider Many more encryption and digest algorithms than the Sun provider (AES) Sunday, April 25, 2010
  • 217. Jasypt Frictionless Java encryption Sunday, April 25, 2010
  • 218. Gnu Open source library Sunday, April 25, 2010
  • 219. In Summary Encrypted does not guarantee security ECB can be leaky Hash vs. Encrypt Know when to apply each Know your algorithm Key strength Symmetric versus asymmetric High Level Libraries More productive than pure JCE Sunday, April 25, 2010
  • 220. Th anks in advanc e for yo ur com pleted evals! Sunday, April 25, 2010
  • 221. OT CA MP TI ON BOission RYPrity is the M ENC cu Se Matthew McCullough Email matthewm@ambientideas.com Twitter @matthewmccull Blog http://ambientideas.com/blog Sunday, April 25, 2010
  • 223. References Sun docs http://java.sun.com/javase/6/docs/technotes/ guides/security/crypto/CryptoSpec.html http://java.sun.com/javase/technologies/security/ http://java.sun.com/javase/6/docs/technotes/ guides/security/jsse/JSSERefGuide.html http://java.sun.com/javase/6/docs/api/java/ security/Security.html BouncyCastle JCE Provider http://www.bouncycastle.org/documentation.html Sunday, April 25, 2010
  • 224. References Sample Code http://github.com/matthewmccullough/ encryption-jvm-bootcamp Miscellaneous http://www.ietf.org/rfc/rfc3852.txt http://en.wikipedia.org/wiki/ Abstract_Syntax_Notation_One Sunday, April 25, 2010
  • 225. Acronyms CMS Cryptographic Message Syntax (CMS) objects RFC 3852 PKCS#7 (formerly RFC 2630, 3369) http://www.ietf.org/rfc/rfc3852.txt ASN.1 Abstract Syntax Notation One 1984 X.409, 1988 X.208, 1995 X.680, 2002 http://www.asn1.org/ Sunday, April 25, 2010
  • 227. http://www.ambientideasphotography.com http://stockfootageforfree.com/ http://xkcd.com/538/ http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation http://matdonline.free.fr/RSA-Diffie-Hellman-explained-in-5-minutes.htm http://www.isg.rhul.ac.uk/node/329 http://www.isg.rhul.ac.uk/files/IMG_9819.JPG http://www.usc.edu/dept/molecular-science/pictures/RSA-2003.jpg All others, iStockPhoto.com Sunday, April 25, 2010
  • 229. Major Encryption Types Pre-agreed Phrases (Concept) Simplest form of symmetric encryption. Have to meet in person to pass keys around DHM Key Exchange (Concept, Algorithm) Requires both parties to be online This is a drawback RSA (Algorithm) Added asynchronous behavior with pub priv keys Keys are permanent (not generated each time) PGP (Concept, Algorithm) Added speed to RSA by encrypting the payload Sunday, April 25, 2010
  • 230. Data Integrity Checksums needed Harder to maintain with encryption? Block versus stream cipher Block: XOR all previous nodes Stream: XOR some “forward” packets Recovery once one packet is lost? Sunday, April 25, 2010
  • 231. Replay Attacks Consider vulnerability to replay Problem: ECB (block) mode Same packet encrypted next time looks the same Hardening: XOR to protect Still vulnerable to entire stream replay Entire stream hard to capture Sunday, April 25, 2010