SlideShare uma empresa Scribd logo

Encryption: It's For More Than Just Password - tek13

John Congdon
John Congdon

This presentation was given at php|tek13. It covers today's best practices for password hashing, and encryption techniques.

TecnologiaEducação
1 de 93
Baixar para ler offline
ENCRYPTION It’s For MoreThan Just Passwords 1Thursday, May 16, 13
JOHN CONGDON 2Thursday, May 16, 13
JOHN CONGDON •PHP Developer Since 2003 2Thursday, May 16, 13
JOHN CONGDON •PHP Developer Since 2003 •SDPHP User Group Organizer 2Thursday, May 16, 13
JOHN CONGDON •PHP Developer Since 2003 •SDPHP User Group Organizer •Sr PHP Developer for Networx Online 2Thursday, May 16, 13
JOHN CONGDON •PHP Developer Since 2003 •SDPHP User Group Organizer •Sr PHP Developer for Networx Online •PhoneBurner.com 2Thursday, May 16, 13
JOHN CONGDON •PHP Developer Since 2003 •SDPHP User Group Organizer •Sr PHP Developer for Networx Online •PhoneBurner.com •MeetingBurner.com 2Thursday, May 16, 13
JOHN CONGDON •PHP Developer Since 2003 •SDPHP User Group Organizer •Sr PHP Developer for Networx Online •PhoneBurner.com •MeetingBurner.com •FaxBurner.com 2Thursday, May 16, 13
JOHN CONGDON •PHP Developer Since 2003 •SDPHP User Group Organizer •Sr PHP Developer for Networx Online •PhoneBurner.com •MeetingBurner.com •FaxBurner.com •I Am Not A Cryptographer 2Thursday, May 16, 13
Hashing Encryption Today’s Discussion Points 3Thursday, May 16, 13
Plain Text $username = $_POST[‘username’]; $password = $_POST[‘password’]; $user = getUserByUserName($username); if ($user->password == $password) { $valid = true; } else { $valid = false; } 4Thursday, May 16, 13
Plain Text: Vulnerabilities SQL-Injection gives you every users password 5Thursday, May 16, 13
Cryptographic Hashing 6Thursday, May 16, 13
Cryptographic Hashing Wikipedia Definition: A cryptographic hash function is a hash function; that is, an algorithm that takes an arbitrary block of data and returns a fixed-size bitstring, the (cryptographic) hash value, such that any (accidental or intentional) change to the data will (with very high probability) change the hash value. The data to be encoded are often called the "message," and the hash value is sometimes called the message digest or simply digest. 6Thursday, May 16, 13
Cryptographic Hashing Wikipedia Definition: A cryptographic hash function is a hash function; that is, an algorithm that takes an arbitrary block of data and returns a fixed-size bitstring, the (cryptographic) hash value, such that any (accidental or intentional) change to the data will (with very high probability) change the hash value. The data to be encoded are often called the "message," and the hash value is sometimes called the message digest or simply digest. H A S H “message” “digest” 6Thursday, May 16, 13
Cryptographic Hashing Wikipedia Definition: A cryptographic hash function is a hash function; that is, an algorithm that takes an arbitrary block of data and returns a fixed-size bitstring, the (cryptographic) hash value, such that any (accidental or intentional) change to the data will (with very high probability) change the hash value. The data to be encoded are often called the "message," and the hash value is sometimes called the message digest or simply digest. H A S H “message” “digest” “unicorn” “1abcb33beeb811dca15f0ac3e47b88d9” 6Thursday, May 16, 13
Cryptographic Hashing: One Way 7Thursday, May 16, 13
Cryptographic Hashing: One Way H A S H “message” “digest” “unicorn” “1abcb33beeb811dca15f0ac3e47b88d9” 7Thursday, May 16, 13
Cryptographic Hashing: One Way H A S H “message” “digest” “unicorn” “1abcb33beeb811dca15f0ac3e47b88d9” 7Thursday, May 16, 13
Cryptographic Hashing: Algorithms <?php print_r(hash_algos()); ?> Array ( [0] => md2 [1] => md4 [2] => md5 [3] => sha1 [4] => sha224 [5] => sha256 [6] => sha384 [7] => sha512 [8] => ripemd128 [9] => ripemd160 [10] => ripemd256 [11] => ripemd320 [12] => whirlpool [13] => tiger128,3 [14] => tiger160,3 [15] => tiger192,3 [16] => tiger128,4 [17] => tiger160,4 [18] => tiger192,4 [19] => snefru [20] => snefru256 [21] => gost [22] => adler32 [23] => crc32 [24] => crc32b [25] => salsa10 [26] => salsa20 [27] => haval128,3 [28] => haval160,3 [29] => haval192,3 [30] => haval224,3 [31] => haval256,3 [32] => haval128,4 [33] => haval160,4 [34] => haval192,4 [35] => haval224,4 [36] => haval256,4 [37] => haval128,5 [38] => haval160,5 [39] => haval192,5 [40] => haval224,5 [41] => haval256,5 ) 8Thursday, May 16, 13
Cryptographic Hashing: Vulnerabilities SQL-Injection gives you every users hashed password 9Thursday, May 16, 13
Cryptographic Hashing: Vulnerabilities 10Thursday, May 16, 13
Rainbow Table Example: Searched for a Hash 11Thursday, May 16, 13
Rainbow Table Example: Searched for a Hash 11Thursday, May 16, 13
Cryptographic Hashing: Vulnerabilities 12Thursday, May 16, 13
Salting Cryptographic Hashes 13Thursday, May 16, 13
Salting Cryptographic Hashes Wikipedia Definition: In cryptography, a salt is random data that are used as an additional input to a one-way function that hashes a password or passphrase. A new salt is randomly generated for each password. In a typical setting, the salt and the password are concatenated and processed with a cryptographic hash function, and the resulting output (but not the original password) is stored with the salt in a database. 13Thursday, May 16, 13
Salting Cryptographic Hashes Wikipedia Definition: In cryptography, a salt is random data that are used as an additional input to a one-way function that hashes a password or passphrase. A new salt is randomly generated for each password. In a typical setting, the salt and the password are concatenated and processed with a cryptographic hash function, and the resulting output (but not the original password) is stored with the salt in a database. $hash = md5(‘RAND_SALT’ . $_POST[‘password’]); 13Thursday, May 16, 13
Salting Cryptographic Hashes Wikipedia Definition: In cryptography, a salt is random data that are used as an additional input to a one-way function that hashes a password or passphrase. A new salt is randomly generated for each password. In a typical setting, the salt and the password are concatenated and processed with a cryptographic hash function, and the resulting output (but not the original password) is stored with the salt in a database. $hash = md5(‘RAND_SALT’ . $_POST[‘password’]); RAND_SALT must come from a cryptographically secure source. Not From (rand, mt_rand, or uniqid) Use (/dev/urandom, mcrypt, openssl) 13Thursday, May 16, 13
Today’s Best Practice: BCrypt 14Thursday, May 16, 13
Today’s Best Practice: BCrypt •Slower by design 14Thursday, May 16, 13
Today’s Best Practice: BCrypt •Slower by design •Configurable to help withstand the test of time (cost param) 14Thursday, May 16, 13
Today’s Best Practice: BCrypt •Slower by design •Configurable to help withstand the test of time (cost param) •Should be configured to take 0.25 to 0.50 a second 14Thursday, May 16, 13
Today’s Best Practice: BCrypt •Slower by design •Configurable to help withstand the test of time (cost param) •Should be configured to take 0.25 to 0.50 a second •Start with a cost of 10, use higher if possible 14Thursday, May 16, 13
PHP 5.5 Password Hashing API http://www.php.net/manual/en/ref.password.php 15Thursday, May 16, 13
PHP 5.5 Password Hashing API http://www.php.net/manual/en/ref.password.php 16Thursday, May 16, 13
PHP 5.5 Password Hashing API http://www.php.net/manual/en/ref.password.php array password_get_info(string $hash) Returns 3 elements algorithm: Constant value algoName: bcrypt options: the options provided to password_hash Array ( [algo] => 1 [algoName] => bcrypt [options] => Array ( [cost] => 11 ) ) 17Thursday, May 16, 13
PHP 5.5 Password Hashing API http://www.php.net/manual/en/ref.password.php boolean password_needs_rehash ( string $hash , string $algo [, string $options ] ) Assuming password_verify was successful above: if (password_needs_rehash($hash, PASSWORD_DEFAULT, $options)) { $user->password = password_hash($password....); $user->update(); } 18Thursday, May 16, 13
I Lied: PHP >= 5.3.7 Password Hashing API https://github.com/ircmaxell/password_compat A forward compatible password API implementation that will work until you are ready to upgrade to 5.5. This will work for all versions of PHP that has the $2y fix. Upgrading to 5.5 will not break your current code if you use this library. 19Thursday, May 16, 13
Example: Creating a user <?php require 'password.php'; $hash = password_hash($_POST[‘password’], PASSWORD_DEFAULT); if ($hash === false) { //handle this error case somehow... } $user = Model_User::createNewUser($_POST[‘username’]); $user->setPassword($hash); $user->update(); 20Thursday, May 16, 13
Example: Logging a user in <?php require 'password.php'; $user = Model_User::getUserByUserName($_POST[‘username’]); if (password_verify($_POST[‘password’], $user->password)) { return true; } else { die(“Invalid credentials”); } 21Thursday, May 16, 13
Example: Logging a user in and checking for rehash ... $user = Model_User::getUserByUserName($_POST[‘username’]); if (password_verify($_POST[‘password’], $user->password)) { if (password_needs_rehash($user->password, $algo, $options)) { $hash = password_hash($_POST[‘password’], PASSWORD_DEFAULT, $options); $user->setPassword($hash); $user->update(); } ... 22Thursday, May 16, 13
http://blog.ircmaxell.com/2013/01/password-storage-talk-at-php-benelux-13.html Want More? Get Statistics Here One of my favorite data points from Anthony’s slides 23Thursday, May 16, 13
Questions on Password Hashing? 24Thursday, May 16, 13
More Than Just Passwords 25Thursday, May 16, 13
More Than Just Passwords We may store more sensitive data than just passwords. 25Thursday, May 16, 13
More Than Just Passwords We may store more sensitive data than just passwords. Passwords are easy, we don’t care about the original value. 25Thursday, May 16, 13
More Than Just Passwords We may store more sensitive data than just passwords. Passwords are easy, we don’t care about the original value. Decryption makes original value usable by us. 25Thursday, May 16, 13
More Than Just Passwords We may store more sensitive data than just passwords. Passwords are easy, we don’t care about the original value. Decryption makes original value usable by us. •Credit Card Info •Social Security Numbers •Date of Birth •Personally Identifiable Information 25Thursday, May 16, 13
AVOID ENCRYPTION AT ALL COSTS! 26Thursday, May 16, 13
AVOID ENCRYPTION AT ALL COSTS! Clarification:Avoid keeping any data that you need to encrypt. 26Thursday, May 16, 13
AVOID ENCRYPTION AT ALL COSTS! Clarification:Avoid keeping any data that you need to encrypt. Before deciding to keep any of this information, ask yourself why you need it. 26Thursday, May 16, 13
AVOID ENCRYPTION AT ALL COSTS! Clarification:Avoid keeping any data that you need to encrypt. Before deciding to keep any of this information, ask yourself why you need it. Is the risk of potentially leaking this information worth the reward? 26Thursday, May 16, 13
AVOID ENCRYPTION AT ALL COSTS! Clarification:Avoid keeping any data that you need to encrypt. Before deciding to keep any of this information, ask yourself why you need it. Is the risk of potentially leaking this information worth the reward? Are there alternative solutions? 26Thursday, May 16, 13
AVOID ENCRYPTION AT ALL COSTS! Clarification:Avoid keeping any data that you need to encrypt. Before deciding to keep any of this information, ask yourself why you need it. Is the risk of potentially leaking this information worth the reward? Are there alternative solutions? Example: Credit card companies usually offer a token solution. 26Thursday, May 16, 13
Symmetric vs Asymmetric 27Thursday, May 16, 13
Symmetric vs Asymmetric Symmetric Only one shared key Same key encrypts and decrypts Easiest to understand 27Thursday, May 16, 13
Symmetric vs Asymmetric Symmetric Only one shared key Same key encrypts and decrypts Easiest to understand Asymmetric Two keys (Public & Private) Encryption/Decryption Public key encrypts Private key decrypts Signing/Verifying Private key signs Public key verifies 27Thursday, May 16, 13
Common Asymmetric Uses SSH Keys HTTPS / SSL PGP: Pretty Good Privacy Email Files Really any message 28Thursday, May 16, 13
Keys, Ciphers, Modes, and Initialization Vectors Oh My! 29Thursday, May 16, 13
Keys, Ciphers, Modes, and Initialization Vectors Oh My! • Keys, should be easy to understand (KEEP IT SECRET) 29Thursday, May 16, 13
Keys, Ciphers, Modes, and Initialization Vectors Oh My! • Keys, should be easy to understand (KEEP IT SECRET) • Ciphers 29Thursday, May 16, 13
Keys, Ciphers, Modes, and Initialization Vectors Oh My! • Keys, should be easy to understand (KEEP IT SECRET) • Ciphers • Deterministic algorithm (Ex: 3DES, Blowfish,TwoFish) 29Thursday, May 16, 13
Keys, Ciphers, Modes, and Initialization Vectors Oh My! • Keys, should be easy to understand (KEEP IT SECRET) • Ciphers • Deterministic algorithm (Ex: 3DES, Blowfish,TwoFish) • Modes 29Thursday, May 16, 13
Keys, Ciphers, Modes, and Initialization Vectors Oh My! • Keys, should be easy to understand (KEEP IT SECRET) • Ciphers • Deterministic algorithm (Ex: 3DES, Blowfish,TwoFish) • Modes • Determines how the key stream is used (never cross them) 29Thursday, May 16, 13
Keys, Ciphers, Modes, and Initialization Vectors Oh My! • Keys, should be easy to understand (KEEP IT SECRET) • Ciphers • Deterministic algorithm (Ex: 3DES, Blowfish,TwoFish) • Modes • Determines how the key stream is used (never cross them) • Avoid ECB (Electronic Code Book) 29Thursday, May 16, 13
Keys, Ciphers, Modes, and Initialization Vectors Oh My! • Keys, should be easy to understand (KEEP IT SECRET) • Ciphers • Deterministic algorithm (Ex: 3DES, Blowfish,TwoFish) • Modes • Determines how the key stream is used (never cross them) • Avoid ECB (Electronic Code Book) • (Use CBC or CFB, Cipher Block Chaining / Cipher FeedBack) 29Thursday, May 16, 13
Keys, Ciphers, Modes, and Initialization Vectors Oh My! • Keys, should be easy to understand (KEEP IT SECRET) • Ciphers • Deterministic algorithm (Ex: 3DES, Blowfish,TwoFish) • Modes • Determines how the key stream is used (never cross them) • Avoid ECB (Electronic Code Book) • (Use CBC or CFB, Cipher Block Chaining / Cipher FeedBack) • InitializationVectors 29Thursday, May 16, 13
Keys, Ciphers, Modes, and Initialization Vectors Oh My! • Keys, should be easy to understand (KEEP IT SECRET) • Ciphers • Deterministic algorithm (Ex: 3DES, Blowfish,TwoFish) • Modes • Determines how the key stream is used (never cross them) • Avoid ECB (Electronic Code Book) • (Use CBC or CFB, Cipher Block Chaining / Cipher FeedBack) • InitializationVectors • Similar to SALT in hashing (It’s not a secret) 29Thursday, May 16, 13
Keys, Ciphers, Modes, and Initialization Vectors Oh My! • Keys, should be easy to understand (KEEP IT SECRET) • Ciphers • Deterministic algorithm (Ex: 3DES, Blowfish,TwoFish) • Modes • Determines how the key stream is used (never cross them) • Avoid ECB (Electronic Code Book) • (Use CBC or CFB, Cipher Block Chaining / Cipher FeedBack) • InitializationVectors • Similar to SALT in hashing (It’s not a secret) • Must be random per encrypted text 29Thursday, May 16, 13
Example: Encrypt using crypt $crypt_key = ‘xxxxxxxxxxxxxxxxxxxxxxxxxxx’; $message = ‘My Credit Card Number is 4123123412341234’; $iv_size = mcrypt_get_iv_size(MCRYPT_BLOWFISH, MCRYPT_MODE_CBC); $iv = mcrypt_create_iv($iv_size, MCRYPT_DEV_URANDOM); $cipher = mcrypt_encrypt( MCRYPT_BLOWFISH, $crypt_key, $message, MCRYPT_MODE_CBC, $iv ); 30Thursday, May 16, 13
HMAC: Hash-based Message Authentication Code Using a separate key, this will give us a signature letting us know that the data has not been tampered with. When Encrypting: Always encrypt first, and then get signature of the CipherText. Store it with your InitializationVector and CipherText. When Decrypting: Always verify signature first, and then decrypt if matched. 31Thursday, May 16, 13
Example: Using HMAC $crypt_key = ‘xxxxxxxxxxxxxxxxxxxxxxxxxxx’; $hmac_key = ‘yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy’; $hmac = hash_hmac(‘sha512’, $cipher_text, $hmac_key); //Store it with your encrypted data $encrypted = base64_encode($iv . $cipher . $hmac); 32Thursday, May 16, 13
Example: Decrypt using HMAC and crypt $crypt_key = ‘xxxxxxxxxxxxxxxxxxxxxxxxxxx’; $hmac_key = ‘yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy’; $iv_size = mcrypt_get_iv_size(MCRYPT_BLOWFISH, MCRYPT_MODE_CBC); $encrypted = base64_decode($encrypted); $iv = substr($encrypted, 0, $iv_size); $hmac = substr($encrypted, -64); $cipher = substr($encrypted, $iv_size, -64); if ($hmac != hash_hmac(‘sha512’, $cipher, $hmac_key)) { return false; } $message = mcrypt_decrypt( MCRYPT_BLOWFISH, $crypt_key, $cipher, MCRYPT_MODE_CBC, $iv ); 33Thursday, May 16, 13
Use a Library http://phpseclib.sourceforge.net/ They’ve done the hard parts, save yourself the headache and just use it. It’s even PHP4+ compatible, so no excuses. 34Thursday, May 16, 13
Example: Using phpseclib 35Thursday, May 16, 13
Example: Using phpseclib $crypt_key = ‘xxxxxxxxxxxxxxxxxxxxxxxxxxx’; $hmac_key = ‘yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy’; $message = ‘My Credit Card Number is 4123123412341234’; require ‘Crypt/DES.php’; require ‘Crypt/Hash.php’; $des = new Crypt_DES(); $des->setKey($crypt_key); $cipher = $des->encrypt($message); $hash = new Crypt_Hash(‘sha512’); $hash->setKey($hmac_key); $hmac = bin2hex($hash->hash($cipher)); 35Thursday, May 16, 13
Example: Using phpseclib $crypt_key = ‘xxxxxxxxxxxxxxxxxxxxxxxxxxx’; $hmac_key = ‘yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy’; $message = ‘My Credit Card Number is 4123123412341234’; require ‘Crypt/DES.php’; require ‘Crypt/Hash.php’; $des = new Crypt_DES(); $des->setKey($crypt_key); $cipher = $des->encrypt($message); $hash = new Crypt_Hash(‘sha512’); $hash->setKey($hmac_key); $hmac = bin2hex($hash->hash($cipher)); require ‘Crypt/DES.php’; require ‘Crypt/Hash.php’; $hash = new Crypt_Hash(‘sha512’); $hash->setKey($hmac_key); $verify_hmac = bin2hex($hash->hash($ciph if ($verify_hmac == $hmac) { $des = new Crypt_DES(); $des->setKey($crypt_key); $message = $des->decrypt($cipher); } 35Thursday, May 16, 13
Encryption !== Protection Data obtained through SQL Injection attacks or other non system penetration attacks should be relatively secure. For us to encrypt/decrypt, we must have access to the key. Therefore, any breach of system security, will disclose the key to the attacker, leaving ALL encryption useless. Apache environment variable, memory, config files, password entered during system startup, do not keep the key private. 36Thursday, May 16, 13
AVOID ENCRYPTION AT ALL COSTS! There is no such thing as 100% secure. 37Thursday, May 16, 13
Other Things To Consider 38Thursday, May 16, 13
Other Things To Consider •Encrypt / decrypt on a separate server. 38Thursday, May 16, 13
Other Things To Consider •Encrypt / decrypt on a separate server. •More overhead and complexity. 38Thursday, May 16, 13
Other Things To Consider •Encrypt / decrypt on a separate server. •More overhead and complexity. •Any server breach can still decrypt data. 38Thursday, May 16, 13
Other Things To Consider •Encrypt / decrypt on a separate server. •More overhead and complexity. •Any server breach can still decrypt data. •With enough thought and monitoring, you can kill the decryption server to limit the damage done. 38Thursday, May 16, 13
Other Things To Consider •Encrypt / decrypt on a separate server. •More overhead and complexity. •Any server breach can still decrypt data. •With enough thought and monitoring, you can kill the decryption server to limit the damage done. •Think about restricting requests per second 38Thursday, May 16, 13
Other Things To Consider Paranoid about password safety? Consider encrypting the hash. Renders SQL-Injection and rainbow tables/brute force useless. •Encrypt / decrypt on a separate server. •More overhead and complexity. •Any server breach can still decrypt data. •With enough thought and monitoring, you can kill the decryption server to limit the damage done. •Think about restricting requests per second 38Thursday, May 16, 13
Credits I’ve learned a lot while preparing this presentation. Thanks especially to Anthony Ferrara (@ircmaxell) http://blog.ircmaxell.com 39Thursday, May 16, 13
Questions? 40Thursday, May 16, 13
JOHN CONGDON PLEASE RATE ON JOIND.IN https://joind.in/8179 41Thursday, May 16, 13
JOHN CONGDON •twitter: @johncongdon PLEASE RATE ON JOIND.IN https://joind.in/8179 41Thursday, May 16, 13
JOHN CONGDON •twitter: @johncongdon •email: john@johncongdon.com PLEASE RATE ON JOIND.IN https://joind.in/8179 41Thursday, May 16, 13
JOHN CONGDON •twitter: @johncongdon •email: john@johncongdon.com •irc: freednode.net (#sdphp) PLEASE RATE ON JOIND.IN https://joind.in/8179 41Thursday, May 16, 13

Recomendados

Ashley E. Beal - Resume 2016
Ashley E. Beal - Resume 2016Ashley E. Beal - Resume 2016
Ashley E. Beal - Resume 2016Ashley Beal, PHR
 
WAF Year in Review FNL A4
WAF Year in Review FNL A4WAF Year in Review FNL A4
WAF Year in Review FNL A4Deanna Titzler
 
AllBits presentation - Security in Theory
AllBits presentation - Security in TheoryAllBits presentation - Security in Theory
AllBits presentation - Security in TheoryAllBits BVBA (freelancer)
 
Secure passwords-theory-and-practice
Secure passwords-theory-and-practiceSecure passwords-theory-and-practice
Secure passwords-theory-and-practiceAkash Mahajan
 
Key management
Key managementKey management
Key managementSujata Regoti
 
Hashing
HashingHashing
HashingBitcoin Association of Australia
 
Release with confidence
Release with confidenceRelease with confidence
Release with confidenceJohn Congdon
 
Encryption: It's For More Than Just Passwords
Encryption: It's For More Than Just PasswordsEncryption: It's For More Than Just Passwords
Encryption: It's For More Than Just PasswordsJohn Congdon
 

Mais conteúdo relacionado

Último

How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Digital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentDigital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentMahmoud Rabie
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...itnewsafrica
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Karmanjay Verma
 
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...BookNet Canada
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integrationmarketing932765
 
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...Karmanjay Verma
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024TopCSSGallery
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 

Último (20)

How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Digital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentDigital Tools & AI in Career Development
Digital Tools & AI in Career Development
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#
 
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
 
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 

Encryption: It's For More Than Just Password - tek13

  • 1. ENCRYPTION It’s For MoreThan Just Passwords 1Thursday, May 16, 13
  • 3. JOHN CONGDON •PHP Developer Since 2003 2Thursday, May 16, 13
  • 4. JOHN CONGDON •PHP Developer Since 2003 •SDPHP User Group Organizer 2Thursday, May 16, 13
  • 5. JOHN CONGDON •PHP Developer Since 2003 •SDPHP User Group Organizer •Sr PHP Developer for Networx Online 2Thursday, May 16, 13
  • 6. JOHN CONGDON •PHP Developer Since 2003 •SDPHP User Group Organizer •Sr PHP Developer for Networx Online •PhoneBurner.com 2Thursday, May 16, 13
  • 7. JOHN CONGDON •PHP Developer Since 2003 •SDPHP User Group Organizer •Sr PHP Developer for Networx Online •PhoneBurner.com •MeetingBurner.com 2Thursday, May 16, 13
  • 8. JOHN CONGDON •PHP Developer Since 2003 •SDPHP User Group Organizer •Sr PHP Developer for Networx Online •PhoneBurner.com •MeetingBurner.com •FaxBurner.com 2Thursday, May 16, 13
  • 9. JOHN CONGDON •PHP Developer Since 2003 •SDPHP User Group Organizer •Sr PHP Developer for Networx Online •PhoneBurner.com •MeetingBurner.com •FaxBurner.com •I Am Not A Cryptographer 2Thursday, May 16, 13
  • 11. Plain Text $username = $_POST[‘username’]; $password = $_POST[‘password’]; $user = getUserByUserName($username); if ($user->password == $password) { $valid = true; } else { $valid = false; } 4Thursday, May 16, 13
  • 12. Plain Text: Vulnerabilities SQL-Injection gives you every users password 5Thursday, May 16, 13
  • 14. Cryptographic Hashing Wikipedia Definition: A cryptographic hash function is a hash function; that is, an algorithm that takes an arbitrary block of data and returns a fixed-size bitstring, the (cryptographic) hash value, such that any (accidental or intentional) change to the data will (with very high probability) change the hash value. The data to be encoded are often called the "message," and the hash value is sometimes called the message digest or simply digest. 6Thursday, May 16, 13
  • 15. Cryptographic Hashing Wikipedia Definition: A cryptographic hash function is a hash function; that is, an algorithm that takes an arbitrary block of data and returns a fixed-size bitstring, the (cryptographic) hash value, such that any (accidental or intentional) change to the data will (with very high probability) change the hash value. The data to be encoded are often called the "message," and the hash value is sometimes called the message digest or simply digest. H A S H “message” “digest” 6Thursday, May 16, 13
  • 16. Cryptographic Hashing Wikipedia Definition: A cryptographic hash function is a hash function; that is, an algorithm that takes an arbitrary block of data and returns a fixed-size bitstring, the (cryptographic) hash value, such that any (accidental or intentional) change to the data will (with very high probability) change the hash value. The data to be encoded are often called the "message," and the hash value is sometimes called the message digest or simply digest. H A S H “message” “digest” “unicorn” “1abcb33beeb811dca15f0ac3e47b88d9” 6Thursday, May 16, 13
  • 17. Cryptographic Hashing: One Way 7Thursday, May 16, 13
  • 18. Cryptographic Hashing: One Way H A S H “message” “digest” “unicorn” “1abcb33beeb811dca15f0ac3e47b88d9” 7Thursday, May 16, 13
  • 19. Cryptographic Hashing: One Way H A S H “message” “digest” “unicorn” “1abcb33beeb811dca15f0ac3e47b88d9” 7Thursday, May 16, 13
  • 20. Cryptographic Hashing: Algorithms <?php print_r(hash_algos()); ?> Array ( [0] => md2 [1] => md4 [2] => md5 [3] => sha1 [4] => sha224 [5] => sha256 [6] => sha384 [7] => sha512 [8] => ripemd128 [9] => ripemd160 [10] => ripemd256 [11] => ripemd320 [12] => whirlpool [13] => tiger128,3 [14] => tiger160,3 [15] => tiger192,3 [16] => tiger128,4 [17] => tiger160,4 [18] => tiger192,4 [19] => snefru [20] => snefru256 [21] => gost [22] => adler32 [23] => crc32 [24] => crc32b [25] => salsa10 [26] => salsa20 [27] => haval128,3 [28] => haval160,3 [29] => haval192,3 [30] => haval224,3 [31] => haval256,3 [32] => haval128,4 [33] => haval160,4 [34] => haval192,4 [35] => haval224,4 [36] => haval256,4 [37] => haval128,5 [38] => haval160,5 [39] => haval192,5 [40] => haval224,5 [41] => haval256,5 ) 8Thursday, May 16, 13
  • 21. Cryptographic Hashing: Vulnerabilities SQL-Injection gives you every users hashed password 9Thursday, May 16, 13
  • 23. Rainbow Table Example: Searched for a Hash 11Thursday, May 16, 13
  • 24. Rainbow Table Example: Searched for a Hash 11Thursday, May 16, 13
  • 27. Salting Cryptographic Hashes Wikipedia Definition: In cryptography, a salt is random data that are used as an additional input to a one-way function that hashes a password or passphrase. A new salt is randomly generated for each password. In a typical setting, the salt and the password are concatenated and processed with a cryptographic hash function, and the resulting output (but not the original password) is stored with the salt in a database. 13Thursday, May 16, 13
  • 28. Salting Cryptographic Hashes Wikipedia Definition: In cryptography, a salt is random data that are used as an additional input to a one-way function that hashes a password or passphrase. A new salt is randomly generated for each password. In a typical setting, the salt and the password are concatenated and processed with a cryptographic hash function, and the resulting output (but not the original password) is stored with the salt in a database. $hash = md5(‘RAND_SALT’ . $_POST[‘password’]); 13Thursday, May 16, 13
  • 29. Salting Cryptographic Hashes Wikipedia Definition: In cryptography, a salt is random data that are used as an additional input to a one-way function that hashes a password or passphrase. A new salt is randomly generated for each password. In a typical setting, the salt and the password are concatenated and processed with a cryptographic hash function, and the resulting output (but not the original password) is stored with the salt in a database. $hash = md5(‘RAND_SALT’ . $_POST[‘password’]); RAND_SALT must come from a cryptographically secure source. Not From (rand, mt_rand, or uniqid) Use (/dev/urandom, mcrypt, openssl) 13Thursday, May 16, 13
  • 30. Today’s Best Practice: BCrypt 14Thursday, May 16, 13
  • 31. Today’s Best Practice: BCrypt •Slower by design 14Thursday, May 16, 13
  • 32. Today’s Best Practice: BCrypt •Slower by design •Configurable to help withstand the test of time (cost param) 14Thursday, May 16, 13
  • 33. Today’s Best Practice: BCrypt •Slower by design •Configurable to help withstand the test of time (cost param) •Should be configured to take 0.25 to 0.50 a second 14Thursday, May 16, 13
  • 34. Today’s Best Practice: BCrypt •Slower by design •Configurable to help withstand the test of time (cost param) •Should be configured to take 0.25 to 0.50 a second •Start with a cost of 10, use higher if possible 14Thursday, May 16, 13
  • 35. PHP 5.5 Password Hashing API http://www.php.net/manual/en/ref.password.php 15Thursday, May 16, 13
  • 36. PHP 5.5 Password Hashing API http://www.php.net/manual/en/ref.password.php 16Thursday, May 16, 13
  • 37. PHP 5.5 Password Hashing API http://www.php.net/manual/en/ref.password.php array password_get_info(string $hash) Returns 3 elements algorithm: Constant value algoName: bcrypt options: the options provided to password_hash Array ( [algo] => 1 [algoName] => bcrypt [options] => Array ( [cost] => 11 ) ) 17Thursday, May 16, 13
  • 38. PHP 5.5 Password Hashing API http://www.php.net/manual/en/ref.password.php boolean password_needs_rehash ( string $hash , string $algo [, string $options ] ) Assuming password_verify was successful above: if (password_needs_rehash($hash, PASSWORD_DEFAULT, $options)) { $user->password = password_hash($password....); $user->update(); } 18Thursday, May 16, 13
  • 39. I Lied: PHP >= 5.3.7 Password Hashing API https://github.com/ircmaxell/password_compat A forward compatible password API implementation that will work until you are ready to upgrade to 5.5. This will work for all versions of PHP that has the $2y fix. Upgrading to 5.5 will not break your current code if you use this library. 19Thursday, May 16, 13
  • 40. Example: Creating a user <?php require 'password.php'; $hash = password_hash($_POST[‘password’], PASSWORD_DEFAULT); if ($hash === false) { //handle this error case somehow... } $user = Model_User::createNewUser($_POST[‘username’]); $user->setPassword($hash); $user->update(); 20Thursday, May 16, 13
  • 41. Example: Logging a user in <?php require 'password.php'; $user = Model_User::getUserByUserName($_POST[‘username’]); if (password_verify($_POST[‘password’], $user->password)) { return true; } else { die(“Invalid credentials”); } 21Thursday, May 16, 13
  • 42. Example: Logging a user in and checking for rehash ... $user = Model_User::getUserByUserName($_POST[‘username’]); if (password_verify($_POST[‘password’], $user->password)) { if (password_needs_rehash($user->password, $algo, $options)) { $hash = password_hash($_POST[‘password’], PASSWORD_DEFAULT, $options); $user->setPassword($hash); $user->update(); } ... 22Thursday, May 16, 13
  • 43. http://blog.ircmaxell.com/2013/01/password-storage-talk-at-php-benelux-13.html Want More? Get Statistics Here One of my favorite data points from Anthony’s slides 23Thursday, May 16, 13
  • 45. More Than Just Passwords 25Thursday, May 16, 13
  • 46. More Than Just Passwords We may store more sensitive data than just passwords. 25Thursday, May 16, 13
  • 47. More Than Just Passwords We may store more sensitive data than just passwords. Passwords are easy, we don’t care about the original value. 25Thursday, May 16, 13
  • 48. More Than Just Passwords We may store more sensitive data than just passwords. Passwords are easy, we don’t care about the original value. Decryption makes original value usable by us. 25Thursday, May 16, 13
  • 49. More Than Just Passwords We may store more sensitive data than just passwords. Passwords are easy, we don’t care about the original value. Decryption makes original value usable by us. •Credit Card Info •Social Security Numbers •Date of Birth •Personally Identifiable Information 25Thursday, May 16, 13
  • 50. AVOID ENCRYPTION AT ALL COSTS! 26Thursday, May 16, 13
  • 51. AVOID ENCRYPTION AT ALL COSTS! Clarification:Avoid keeping any data that you need to encrypt. 26Thursday, May 16, 13
  • 52. AVOID ENCRYPTION AT ALL COSTS! Clarification:Avoid keeping any data that you need to encrypt. Before deciding to keep any of this information, ask yourself why you need it. 26Thursday, May 16, 13
  • 53. AVOID ENCRYPTION AT ALL COSTS! Clarification:Avoid keeping any data that you need to encrypt. Before deciding to keep any of this information, ask yourself why you need it. Is the risk of potentially leaking this information worth the reward? 26Thursday, May 16, 13
  • 54. AVOID ENCRYPTION AT ALL COSTS! Clarification:Avoid keeping any data that you need to encrypt. Before deciding to keep any of this information, ask yourself why you need it. Is the risk of potentially leaking this information worth the reward? Are there alternative solutions? 26Thursday, May 16, 13
  • 55. AVOID ENCRYPTION AT ALL COSTS! Clarification:Avoid keeping any data that you need to encrypt. Before deciding to keep any of this information, ask yourself why you need it. Is the risk of potentially leaking this information worth the reward? Are there alternative solutions? Example: Credit card companies usually offer a token solution. 26Thursday, May 16, 13
  • 57. Symmetric vs Asymmetric Symmetric Only one shared key Same key encrypts and decrypts Easiest to understand 27Thursday, May 16, 13
  • 58. Symmetric vs Asymmetric Symmetric Only one shared key Same key encrypts and decrypts Easiest to understand Asymmetric Two keys (Public & Private) Encryption/Decryption Public key encrypts Private key decrypts Signing/Verifying Private key signs Public key verifies 27Thursday, May 16, 13
  • 59. Common Asymmetric Uses SSH Keys HTTPS / SSL PGP: Pretty Good Privacy Email Files Really any message 28Thursday, May 16, 13
  • 60. Keys, Ciphers, Modes, and Initialization Vectors Oh My! 29Thursday, May 16, 13
  • 61. Keys, Ciphers, Modes, and Initialization Vectors Oh My! • Keys, should be easy to understand (KEEP IT SECRET) 29Thursday, May 16, 13
  • 62. Keys, Ciphers, Modes, and Initialization Vectors Oh My! • Keys, should be easy to understand (KEEP IT SECRET) • Ciphers 29Thursday, May 16, 13
  • 63. Keys, Ciphers, Modes, and Initialization Vectors Oh My! • Keys, should be easy to understand (KEEP IT SECRET) • Ciphers • Deterministic algorithm (Ex: 3DES, Blowfish,TwoFish) 29Thursday, May 16, 13
  • 64. Keys, Ciphers, Modes, and Initialization Vectors Oh My! • Keys, should be easy to understand (KEEP IT SECRET) • Ciphers • Deterministic algorithm (Ex: 3DES, Blowfish,TwoFish) • Modes 29Thursday, May 16, 13
  • 65. Keys, Ciphers, Modes, and Initialization Vectors Oh My! • Keys, should be easy to understand (KEEP IT SECRET) • Ciphers • Deterministic algorithm (Ex: 3DES, Blowfish,TwoFish) • Modes • Determines how the key stream is used (never cross them) 29Thursday, May 16, 13
  • 66. Keys, Ciphers, Modes, and Initialization Vectors Oh My! • Keys, should be easy to understand (KEEP IT SECRET) • Ciphers • Deterministic algorithm (Ex: 3DES, Blowfish,TwoFish) • Modes • Determines how the key stream is used (never cross them) • Avoid ECB (Electronic Code Book) 29Thursday, May 16, 13
  • 67. Keys, Ciphers, Modes, and Initialization Vectors Oh My! • Keys, should be easy to understand (KEEP IT SECRET) • Ciphers • Deterministic algorithm (Ex: 3DES, Blowfish,TwoFish) • Modes • Determines how the key stream is used (never cross them) • Avoid ECB (Electronic Code Book) • (Use CBC or CFB, Cipher Block Chaining / Cipher FeedBack) 29Thursday, May 16, 13
  • 68. Keys, Ciphers, Modes, and Initialization Vectors Oh My! • Keys, should be easy to understand (KEEP IT SECRET) • Ciphers • Deterministic algorithm (Ex: 3DES, Blowfish,TwoFish) • Modes • Determines how the key stream is used (never cross them) • Avoid ECB (Electronic Code Book) • (Use CBC or CFB, Cipher Block Chaining / Cipher FeedBack) • InitializationVectors 29Thursday, May 16, 13
  • 69. Keys, Ciphers, Modes, and Initialization Vectors Oh My! • Keys, should be easy to understand (KEEP IT SECRET) • Ciphers • Deterministic algorithm (Ex: 3DES, Blowfish,TwoFish) • Modes • Determines how the key stream is used (never cross them) • Avoid ECB (Electronic Code Book) • (Use CBC or CFB, Cipher Block Chaining / Cipher FeedBack) • InitializationVectors • Similar to SALT in hashing (It’s not a secret) 29Thursday, May 16, 13
  • 70. Keys, Ciphers, Modes, and Initialization Vectors Oh My! • Keys, should be easy to understand (KEEP IT SECRET) • Ciphers • Deterministic algorithm (Ex: 3DES, Blowfish,TwoFish) • Modes • Determines how the key stream is used (never cross them) • Avoid ECB (Electronic Code Book) • (Use CBC or CFB, Cipher Block Chaining / Cipher FeedBack) • InitializationVectors • Similar to SALT in hashing (It’s not a secret) • Must be random per encrypted text 29Thursday, May 16, 13
  • 71. Example: Encrypt using crypt $crypt_key = ‘xxxxxxxxxxxxxxxxxxxxxxxxxxx’; $message = ‘My Credit Card Number is 4123123412341234’; $iv_size = mcrypt_get_iv_size(MCRYPT_BLOWFISH, MCRYPT_MODE_CBC); $iv = mcrypt_create_iv($iv_size, MCRYPT_DEV_URANDOM); $cipher = mcrypt_encrypt( MCRYPT_BLOWFISH, $crypt_key, $message, MCRYPT_MODE_CBC, $iv ); 30Thursday, May 16, 13
  • 72. HMAC: Hash-based Message Authentication Code Using a separate key, this will give us a signature letting us know that the data has not been tampered with. When Encrypting: Always encrypt first, and then get signature of the CipherText. Store it with your InitializationVector and CipherText. When Decrypting: Always verify signature first, and then decrypt if matched. 31Thursday, May 16, 13
  • 73. Example: Using HMAC $crypt_key = ‘xxxxxxxxxxxxxxxxxxxxxxxxxxx’; $hmac_key = ‘yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy’; $hmac = hash_hmac(‘sha512’, $cipher_text, $hmac_key); //Store it with your encrypted data $encrypted = base64_encode($iv . $cipher . $hmac); 32Thursday, May 16, 13
  • 74. Example: Decrypt using HMAC and crypt $crypt_key = ‘xxxxxxxxxxxxxxxxxxxxxxxxxxx’; $hmac_key = ‘yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy’; $iv_size = mcrypt_get_iv_size(MCRYPT_BLOWFISH, MCRYPT_MODE_CBC); $encrypted = base64_decode($encrypted); $iv = substr($encrypted, 0, $iv_size); $hmac = substr($encrypted, -64); $cipher = substr($encrypted, $iv_size, -64); if ($hmac != hash_hmac(‘sha512’, $cipher, $hmac_key)) { return false; } $message = mcrypt_decrypt( MCRYPT_BLOWFISH, $crypt_key, $cipher, MCRYPT_MODE_CBC, $iv ); 33Thursday, May 16, 13
  • 75. Use a Library http://phpseclib.sourceforge.net/ They’ve done the hard parts, save yourself the headache and just use it. It’s even PHP4+ compatible, so no excuses. 34Thursday, May 16, 13
  • 77. Example: Using phpseclib $crypt_key = ‘xxxxxxxxxxxxxxxxxxxxxxxxxxx’; $hmac_key = ‘yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy’; $message = ‘My Credit Card Number is 4123123412341234’; require ‘Crypt/DES.php’; require ‘Crypt/Hash.php’; $des = new Crypt_DES(); $des->setKey($crypt_key); $cipher = $des->encrypt($message); $hash = new Crypt_Hash(‘sha512’); $hash->setKey($hmac_key); $hmac = bin2hex($hash->hash($cipher)); 35Thursday, May 16, 13
  • 78. Example: Using phpseclib $crypt_key = ‘xxxxxxxxxxxxxxxxxxxxxxxxxxx’; $hmac_key = ‘yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy’; $message = ‘My Credit Card Number is 4123123412341234’; require ‘Crypt/DES.php’; require ‘Crypt/Hash.php’; $des = new Crypt_DES(); $des->setKey($crypt_key); $cipher = $des->encrypt($message); $hash = new Crypt_Hash(‘sha512’); $hash->setKey($hmac_key); $hmac = bin2hex($hash->hash($cipher)); require ‘Crypt/DES.php’; require ‘Crypt/Hash.php’; $hash = new Crypt_Hash(‘sha512’); $hash->setKey($hmac_key); $verify_hmac = bin2hex($hash->hash($ciph if ($verify_hmac == $hmac) { $des = new Crypt_DES(); $des->setKey($crypt_key); $message = $des->decrypt($cipher); } 35Thursday, May 16, 13
  • 79. Encryption !== Protection Data obtained through SQL Injection attacks or other non system penetration attacks should be relatively secure. For us to encrypt/decrypt, we must have access to the key. Therefore, any breach of system security, will disclose the key to the attacker, leaving ALL encryption useless. Apache environment variable, memory, config files, password entered during system startup, do not keep the key private. 36Thursday, May 16, 13
  • 80. AVOID ENCRYPTION AT ALL COSTS! There is no such thing as 100% secure. 37Thursday, May 16, 13
  • 81. Other Things To Consider 38Thursday, May 16, 13
  • 82. Other Things To Consider •Encrypt / decrypt on a separate server. 38Thursday, May 16, 13
  • 83. Other Things To Consider •Encrypt / decrypt on a separate server. •More overhead and complexity. 38Thursday, May 16, 13
  • 84. Other Things To Consider •Encrypt / decrypt on a separate server. •More overhead and complexity. •Any server breach can still decrypt data. 38Thursday, May 16, 13
  • 85. Other Things To Consider •Encrypt / decrypt on a separate server. •More overhead and complexity. •Any server breach can still decrypt data. •With enough thought and monitoring, you can kill the decryption server to limit the damage done. 38Thursday, May 16, 13
  • 86. Other Things To Consider •Encrypt / decrypt on a separate server. •More overhead and complexity. •Any server breach can still decrypt data. •With enough thought and monitoring, you can kill the decryption server to limit the damage done. •Think about restricting requests per second 38Thursday, May 16, 13
  • 87. Other Things To Consider Paranoid about password safety? Consider encrypting the hash. Renders SQL-Injection and rainbow tables/brute force useless. •Encrypt / decrypt on a separate server. •More overhead and complexity. •Any server breach can still decrypt data. •With enough thought and monitoring, you can kill the decryption server to limit the damage done. •Think about restricting requests per second 38Thursday, May 16, 13
  • 88. Credits I’ve learned a lot while preparing this presentation. Thanks especially to Anthony Ferrara (@ircmaxell) http://blog.ircmaxell.com 39Thursday, May 16, 13
  • 90. JOHN CONGDON PLEASE RATE ON JOIND.IN https://joind.in/8179 41Thursday, May 16, 13
  • 91. JOHN CONGDON •twitter: @johncongdon PLEASE RATE ON JOIND.IN https://joind.in/8179 41Thursday, May 16, 13
  • 92. JOHN CONGDON •twitter: @johncongdon •email: john@johncongdon.com PLEASE RATE ON JOIND.IN https://joind.in/8179 41Thursday, May 16, 13
  • 93. JOHN CONGDON •twitter: @johncongdon •email: john@johncongdon.com •irc: freednode.net (#sdphp) PLEASE RATE ON JOIND.IN https://joind.in/8179 41Thursday, May 16, 13