SlideShare uma empresa Scribd logo

Aes jul-upload

S
Setia Juli Irzal Ismail

Guest Lecture at Universitat Autonoma Barcelona about Symmetric Key Cryptography

Educação
1 de 31
Baixar para ler offline
Symmetric Key Cryptography Setia Juli Irzal Ismail ID-CERT – Telkom University
1. Introduction 2. Introduction about AES 3. Attack in Symmetric Cryptography 4. Cryptography in Malware 5. Discussion
Introduction • Setia Juli Irzal Ismail • Jul Ismail • Malware Analyst – ID-CERT • Lecturer – Telkom University www.cert.or.id/
ID-CERT • Indonesia Computer Emergency Response Team • 1998 – Dr. Budi Rahardjo • Community based • Incident Handling • Malware Lab • Research & Training about Malware • Tools: Malware Scanner • Founder AP-CERT: JP-CERT & AusCERT www.cert.or.id/
Indonesia • South East Asia • 7th largest Country – • 1,904,569 square km2 • Archipelago • 13000 Islands • 4th: Population; 261 million • 700 local language
AES
AES • Advanced Encryption Standard (AES) was published by the National Institute of Standards and Technology (NIST) in 2001. • NIST is a Agency in USA; measurement standard Laboratory • replace DES (Data Encryption Standard) – 1977 (IBM) • have theoretical attacks that can break it • have demonstrated exhaustive key search attacks • slow www.cert.or.id
Selection Process • US NIST issued call for ciphers in 1997 • Open Competition • 15 candidates accepted in Jun 98 • investigated by cryptographers; • Security, • performance in different PC architecture • Implementation in limited environment (smart cards limited memory, low gate count implementations, FPGAs)
Finalist • 1999: 5 Finalist • MARS, RC6, Rijndael, Serpent, and Twofish. • 2000: Rijndael • official standard by publishing an announcement in the Federal Document • Positive comment for opennes from the community • Bruce Schneier (Twofish) “I have nothing but good things to say about NIST and the AES process“ www.cert.or.id
Rijndael • developed by two Belgian cryptographers, • Vincent Rijmen and Joan Daemen, • all operations are performed on 8-bit • Finite Field Arithmetic • each with a block size of 128 bits, but three different key lengths: 128, 192 and 256 bits • Substitution & Permutation • Repetition 10 round for 128 bit keys, 12 à 192; 14 à256
Encryption process 1. Plaintext data to be encrypted 2. Static bytes that are part of the algorithm (lookup table) 3. The key used for encryption www.cert.or.id
Encryption process • Substitution & Permutation • Add key • Shift rows • Substituting bytes • Mix columns • Repetition 10 round for 128 bit keys, 12 à 192; 14 à256 www.cert.or.id
Implementation • RAR, Winzip, 7z • NTFS • Bitlocker, Truecrypt • IEEE 802.11 Wireless • Whatsapp, Facebook Messenger • IPSec à VPN • GPG à • Intel & AMD Processor • Grand Theft Auto
Security Concern
Bruteforce • Trying all possible combination • =exhaustive key search • Needs big computing power & energy • 128 bit key AES à1,02 x1018 years • 256-bit à 3,31 x 1056 years • billions of years to brute force • Supercomputer www.cert.or.id
Attack - Cryptanalyst • 2002; XSL attack; • Theoretical attack ; Courtois and Pieprzyk à unworkable • 2009: Alex Biryukov, Dmitry Khovratovich, and Ivica Nikolić, • 2011; Bogdanov, Khovratovich, and Rechberger, • Snowden; NSA doing research on attack based on TAU statistic • Without key à No success (if AES correctly implemented)
Side Channel Attack • Not on cipher text • find a weakness in the implementation • Hardware/software • measure power consumption, electromagnetic emissions, and heat generation • requires physical access to the target device. www.cert.or.id
Success story • 2005: Bernstein ; cache-timing attackà OpenSSL • number of machine cycles taken by the encryption operation • 2009: DFA (Differential Fault Analysis) à hardware (key recovery) • Smart Card à embedded processor ; • Overclocking, high temperature à false output
Key Exchange Problem www.cert.or.id
Malware
Crypto implementation in malware • Encrypt the source code à difficult to reverse • Encrypt the comunication to C&C server • Ransomware
Ransomware • Malware encrypt your data • Ask ransom (money) • Different crypto algorithm • Most common : asymmetric encryption www.cert.or.id
Ransomware-File obfuscation • move or hide targeted files; • show ransom message • Reverse the code à hide the file
Custom crypto • Algorithm to encrypt the file • XOR the file • Algorithm is the key • Reverse the steps www.cert.or.id
MBR rewriting • Master Boot Record • Rewrite MBR à require password or number • Force reboot a computer à before windows load à ransom message • reversing the serial or password validation algorithm: MBR • Keygen
Asymmetric – modern ransomware 1. dynamically generates the keys locally • Sends to C&C server à client ID • Keys are not identical 2. Keys are generated by author • Preloaded in the ransomware • Key are static • Someone get the key, • Share the key www.cert.or.id
Dynamic generated keys • Analyse memory dump for file recovery • cryptanalyst • Intercept the transfer and generation of the keys
Ransomware Algorithm • AES • RSA • Blowfish • etc www.cert.or.id
Shione Ransomware case • C# • Keys are embedded in the ransomware • RSA & AES • AES à encrypt victim files • AES Key à RSA • Public Key RSA embedded in the malware
Reference • William, S., & Stalling, C. (2006). Network Security, 4/E. • Malware analysis report, ID-CERT
Terima Kasih jul [at] tass.telkomuniversity.ac.id jul_ismail Blog: julismail.staff.telkomuniversity.ac.id www.cert.or.id/

Recomendados

Malware cryptomining uploadv3
Malware cryptomining uploadv3Malware cryptomining uploadv3
Malware cryptomining uploadv3Setia Juli Irzal Ismail
 
Web security uploadv1
Web security uploadv1Web security uploadv1
Web security uploadv1Setia Juli Irzal Ismail
 
Pa or die
Pa or diePa or die
Pa or dieSetia Juli Irzal Ismail
 
iOS secure app development
iOS secure app developmentiOS secure app development
iOS secure app developmentDusan Klinec
 
Hunting on the cheap
Hunting on the cheapHunting on the cheap
Hunting on the cheapAnjum Ahuja
 
2014: Mid-Year Threat Review
2014: Mid-Year Threat Review2014: Mid-Year Threat Review
2014: Mid-Year Threat ReviewESET
 
Beginner’s Guide on How to Start Exploring IoT Security 1st Session
Beginner’s Guide on How to Start Exploring IoT Security 1st SessionBeginner’s Guide on How to Start Exploring IoT Security 1st Session
Beginner’s Guide on How to Start Exploring IoT Security 1st Sessionveerababu penugonda(Mr-IoT)
 
Path of Cyber Security
Path of Cyber SecurityPath of Cyber Security
Path of Cyber SecuritySatria Ady Pradana
 

Recomendados

Malware cryptomining uploadv3
Malware cryptomining uploadv3Malware cryptomining uploadv3
Malware cryptomining uploadv3Setia Juli Irzal Ismail
 
Web security uploadv1
Web security uploadv1Web security uploadv1
Web security uploadv1Setia Juli Irzal Ismail
 
Pa or die
Pa or diePa or die
Pa or dieSetia Juli Irzal Ismail
 
iOS secure app development
iOS secure app developmentiOS secure app development
iOS secure app developmentDusan Klinec
 
Hunting on the cheap
Hunting on the cheapHunting on the cheap
Hunting on the cheapAnjum Ahuja
 
2014: Mid-Year Threat Review
2014: Mid-Year Threat Review2014: Mid-Year Threat Review
2014: Mid-Year Threat ReviewESET
 
Beginner’s Guide on How to Start Exploring IoT Security 1st Session
Beginner’s Guide on How to Start Exploring IoT Security 1st SessionBeginner’s Guide on How to Start Exploring IoT Security 1st Session
Beginner’s Guide on How to Start Exploring IoT Security 1st Sessionveerababu penugonda(Mr-IoT)
 
Path of Cyber Security
Path of Cyber SecurityPath of Cyber Security
Path of Cyber SecuritySatria Ady Pradana
 
Beginners guide on how to start exploring IoT 2nd session
Beginners guide on how to start exploring IoT 2nd sessionBeginners guide on how to start exploring IoT 2nd session
Beginners guide on how to start exploring IoT 2nd sessionveerababu penugonda(Mr-IoT)
 
Firmware analysis 101
Firmware analysis 101Firmware analysis 101
Firmware analysis 101veerababu penugonda(Mr-IoT)
 
IoT security zigbee -- Null Meet bangalore
IoT security zigbee -- Null Meet bangaloreIoT security zigbee -- Null Meet bangalore
IoT security zigbee -- Null Meet bangaloreveerababu penugonda(Mr-IoT)
 
Tracking Exploit Kits - Virus Bulletin 2016
Tracking Exploit Kits - Virus Bulletin 2016Tracking Exploit Kits - Virus Bulletin 2016
Tracking Exploit Kits - Virus Bulletin 2016John Bambenek
 
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoTCSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoTCanSecWest
 
A (not-so-quick) Primer on iOS Encryption David Schuetz - NCC Group
A (not-so-quick) Primer on iOS Encryption David Schuetz - NCC GroupA (not-so-quick) Primer on iOS Encryption David Schuetz - NCC Group
A (not-so-quick) Primer on iOS Encryption David Schuetz - NCC GroupEC-Council
 
Hunting on the Cheap
Hunting on the CheapHunting on the Cheap
Hunting on the CheapEndgameInc
 
Learn Ethical Hacking With Kali Linux | Ethical Hacking Tutorial | Kali Linux...
Learn Ethical Hacking With Kali Linux | Ethical Hacking Tutorial | Kali Linux...Learn Ethical Hacking With Kali Linux | Ethical Hacking Tutorial | Kali Linux...
Learn Ethical Hacking With Kali Linux | Ethical Hacking Tutorial | Kali Linux...Edureka!
 
Network Security Tools
Network Security ToolsNetwork Security Tools
Network Security ToolsEmanuela Boroș
 
Android Hacking + Pentesting
Android Hacking + Pentesting Android Hacking + Pentesting
Android Hacking + Pentesting Sina Manavi
 
IoT Security - Preparing for the Worst
IoT Security - Preparing for the WorstIoT Security - Preparing for the Worst
IoT Security - Preparing for the WorstSatria Ady Pradana
 
GreyNoise - Lowering Signal To Noise
GreyNoise - Lowering Signal To NoiseGreyNoise - Lowering Signal To Noise
GreyNoise - Lowering Signal To NoiseAndrew Morris
 
Hacking your Android (slides)
Hacking your Android (slides)Hacking your Android (slides)
Hacking your Android (slides)Justin Hoang
 
Advanced Persistent Threats
Advanced Persistent ThreatsAdvanced Persistent Threats
Advanced Persistent ThreatsESET
 
Is Anti-Virus Dead?
Is Anti-Virus Dead?Is Anti-Virus Dead?
Is Anti-Virus Dead?ESET
 
Dark Insight: the Basic of Security - Alexander Obozinskiy
Dark Insight: the Basic of Security - Alexander ObozinskiyDark Insight: the Basic of Security - Alexander Obozinskiy
Dark Insight: the Basic of Security - Alexander ObozinskiyRuby Meditation
 
Android system security
Android system securityAndroid system security
Android system securityChong-Kuan Chen
 
Let’s play the game. Yet another way to perform penetration test. Russian “re...
Let’s play the game. Yet another way to perform penetration test. Russian “re...Let’s play the game. Yet another way to perform penetration test. Russian “re...
Let’s play the game. Yet another way to perform penetration test. Russian “re...Kirill Ermakov
 
[Wroclaw #2] iOS Security - 101
[Wroclaw #2] iOS Security - 101[Wroclaw #2] iOS Security - 101
[Wroclaw #2] iOS Security - 101OWASP
 
iOS Forensics: Overcoming iPhone Data Protection
iOS Forensics: Overcoming iPhone Data ProtectioniOS Forensics: Overcoming iPhone Data Protection
iOS Forensics: Overcoming iPhone Data ProtectionAndrey Belenko
 
Ch 12: Cryptography
Ch 12: CryptographyCh 12: Cryptography
Ch 12: CryptographySam Bowne
 
CISSP Prep: Ch 4. Security Engineering (Part 2)
CISSP Prep: Ch 4. Security Engineering (Part 2)CISSP Prep: Ch 4. Security Engineering (Part 2)
CISSP Prep: Ch 4. Security Engineering (Part 2)Sam Bowne
 

Mais conteúdo relacionado

Mais procurados

Beginners guide on how to start exploring IoT 2nd session
Beginners guide on how to start exploring IoT 2nd sessionBeginners guide on how to start exploring IoT 2nd session
Beginners guide on how to start exploring IoT 2nd sessionveerababu penugonda(Mr-IoT)
 
Tracking Exploit Kits - Virus Bulletin 2016
Tracking Exploit Kits - Virus Bulletin 2016Tracking Exploit Kits - Virus Bulletin 2016
Tracking Exploit Kits - Virus Bulletin 2016John Bambenek
 
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoTCSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoTCanSecWest
 
A (not-so-quick) Primer on iOS Encryption David Schuetz - NCC Group
A (not-so-quick) Primer on iOS Encryption David Schuetz - NCC GroupA (not-so-quick) Primer on iOS Encryption David Schuetz - NCC Group
A (not-so-quick) Primer on iOS Encryption David Schuetz - NCC GroupEC-Council
 
Hunting on the Cheap
Hunting on the CheapHunting on the Cheap
Hunting on the CheapEndgameInc
 
Learn Ethical Hacking With Kali Linux | Ethical Hacking Tutorial | Kali Linux...
Learn Ethical Hacking With Kali Linux | Ethical Hacking Tutorial | Kali Linux...Learn Ethical Hacking With Kali Linux | Ethical Hacking Tutorial | Kali Linux...
Learn Ethical Hacking With Kali Linux | Ethical Hacking Tutorial | Kali Linux...Edureka!
 
Android Hacking + Pentesting
Android Hacking + Pentesting Android Hacking + Pentesting
Android Hacking + Pentesting Sina Manavi
 
IoT Security - Preparing for the Worst
IoT Security - Preparing for the WorstIoT Security - Preparing for the Worst
IoT Security - Preparing for the WorstSatria Ady Pradana
 
GreyNoise - Lowering Signal To Noise
GreyNoise - Lowering Signal To NoiseGreyNoise - Lowering Signal To Noise
GreyNoise - Lowering Signal To NoiseAndrew Morris
 
Hacking your Android (slides)
Hacking your Android (slides)Hacking your Android (slides)
Hacking your Android (slides)Justin Hoang
 
Advanced Persistent Threats
Advanced Persistent ThreatsAdvanced Persistent Threats
Advanced Persistent ThreatsESET
 
Is Anti-Virus Dead?
Is Anti-Virus Dead?Is Anti-Virus Dead?
Is Anti-Virus Dead?ESET
 
Dark Insight: the Basic of Security - Alexander Obozinskiy
Dark Insight: the Basic of Security - Alexander ObozinskiyDark Insight: the Basic of Security - Alexander Obozinskiy
Dark Insight: the Basic of Security - Alexander ObozinskiyRuby Meditation
 
Let’s play the game. Yet another way to perform penetration test. Russian “re...
Let’s play the game. Yet another way to perform penetration test. Russian “re...Let’s play the game. Yet another way to perform penetration test. Russian “re...
Let’s play the game. Yet another way to perform penetration test. Russian “re...Kirill Ermakov
 
[Wroclaw #2] iOS Security - 101
[Wroclaw #2] iOS Security - 101[Wroclaw #2] iOS Security - 101
[Wroclaw #2] iOS Security - 101OWASP
 
iOS Forensics: Overcoming iPhone Data Protection
iOS Forensics: Overcoming iPhone Data ProtectioniOS Forensics: Overcoming iPhone Data Protection
iOS Forensics: Overcoming iPhone Data ProtectionAndrey Belenko
 

Mais procurados (20)

Beginners guide on how to start exploring IoT 2nd session
Beginners guide on how to start exploring IoT 2nd sessionBeginners guide on how to start exploring IoT 2nd session
Beginners guide on how to start exploring IoT 2nd session
 
Firmware analysis 101
Firmware analysis 101Firmware analysis 101
Firmware analysis 101
 
IoT security zigbee -- Null Meet bangalore
IoT security zigbee -- Null Meet bangaloreIoT security zigbee -- Null Meet bangalore
IoT security zigbee -- Null Meet bangalore
 
Tracking Exploit Kits - Virus Bulletin 2016
Tracking Exploit Kits - Virus Bulletin 2016Tracking Exploit Kits - Virus Bulletin 2016
Tracking Exploit Kits - Virus Bulletin 2016
 
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoTCSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
 
A (not-so-quick) Primer on iOS Encryption David Schuetz - NCC Group
A (not-so-quick) Primer on iOS Encryption David Schuetz - NCC GroupA (not-so-quick) Primer on iOS Encryption David Schuetz - NCC Group
A (not-so-quick) Primer on iOS Encryption David Schuetz - NCC Group
 
Hunting on the Cheap
Hunting on the CheapHunting on the Cheap
Hunting on the Cheap
 
Learn Ethical Hacking With Kali Linux | Ethical Hacking Tutorial | Kali Linux...
Learn Ethical Hacking With Kali Linux | Ethical Hacking Tutorial | Kali Linux...Learn Ethical Hacking With Kali Linux | Ethical Hacking Tutorial | Kali Linux...
Learn Ethical Hacking With Kali Linux | Ethical Hacking Tutorial | Kali Linux...
 
Network Security Tools
Network Security ToolsNetwork Security Tools
Network Security Tools
 
Android Hacking + Pentesting
Android Hacking + Pentesting Android Hacking + Pentesting
Android Hacking + Pentesting
 
IoT Security - Preparing for the Worst
IoT Security - Preparing for the WorstIoT Security - Preparing for the Worst
IoT Security - Preparing for the Worst
 
GreyNoise - Lowering Signal To Noise
GreyNoise - Lowering Signal To NoiseGreyNoise - Lowering Signal To Noise
GreyNoise - Lowering Signal To Noise
 
Hacking your Android (slides)
Hacking your Android (slides)Hacking your Android (slides)
Hacking your Android (slides)
 
Advanced Persistent Threats
Advanced Persistent ThreatsAdvanced Persistent Threats
Advanced Persistent Threats
 
Is Anti-Virus Dead?
Is Anti-Virus Dead?Is Anti-Virus Dead?
Is Anti-Virus Dead?
 
Dark Insight: the Basic of Security - Alexander Obozinskiy
Dark Insight: the Basic of Security - Alexander ObozinskiyDark Insight: the Basic of Security - Alexander Obozinskiy
Dark Insight: the Basic of Security - Alexander Obozinskiy
 
Android system security
Android system securityAndroid system security
Android system security
 
Let’s play the game. Yet another way to perform penetration test. Russian “re...
Let’s play the game. Yet another way to perform penetration test. Russian “re...Let’s play the game. Yet another way to perform penetration test. Russian “re...
Let’s play the game. Yet another way to perform penetration test. Russian “re...
 
[Wroclaw #2] iOS Security - 101
[Wroclaw #2] iOS Security - 101[Wroclaw #2] iOS Security - 101
[Wroclaw #2] iOS Security - 101
 
iOS Forensics: Overcoming iPhone Data Protection
iOS Forensics: Overcoming iPhone Data ProtectioniOS Forensics: Overcoming iPhone Data Protection
iOS Forensics: Overcoming iPhone Data Protection
 

Semelhante a Aes jul-upload

Ch 12: Cryptography
Ch 12: CryptographyCh 12: Cryptography
Ch 12: CryptographySam Bowne
 
CISSP Prep: Ch 4. Security Engineering (Part 2)
CISSP Prep: Ch 4. Security Engineering (Part 2)CISSP Prep: Ch 4. Security Engineering (Part 2)
CISSP Prep: Ch 4. Security Engineering (Part 2)Sam Bowne
 
How to do Cryptography right in Android Part One
How to do Cryptography right in Android Part OneHow to do Cryptography right in Android Part One
How to do Cryptography right in Android Part OneArash Ramez
 
CNIT 141: 3. Cryptographic Security
CNIT 141: 3. Cryptographic SecurityCNIT 141: 3. Cryptographic Security
CNIT 141: 3. Cryptographic SecuritySam Bowne
 
3. Cryptographic Security
3. Cryptographic Security3. Cryptographic Security
3. Cryptographic SecuritySam Bowne
 
CNIT 125 Ch 4. Security Engineering (Part 2)
CNIT 125 Ch 4. Security Engineering (Part 2)CNIT 125 Ch 4. Security Engineering (Part 2)
CNIT 125 Ch 4. Security Engineering (Part 2)Sam Bowne
 
CompTIASecPLUS-Part6 - UnlimitedEdited.pptx
CompTIASecPLUS-Part6 - UnlimitedEdited.pptxCompTIASecPLUS-Part6 - UnlimitedEdited.pptx
CompTIASecPLUS-Part6 - UnlimitedEdited.pptxmohedkhadar60
 
Normalizing Empire's Traffic to Evade Anomaly-Based IDS
Normalizing Empire's Traffic to Evade Anomaly-Based IDSNormalizing Empire's Traffic to Evade Anomaly-Based IDS
Normalizing Empire's Traffic to Evade Anomaly-Based IDSUtku Sen
 
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptxUNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptxssuserd5e356
 
CNIT 123 12: Cryptography
CNIT 123 12: CryptographyCNIT 123 12: Cryptography
CNIT 123 12: CryptographySam Bowne
 
Track 5 session 2 - st dev con 2016 - security iot best practices
Track 5 session 2 - st dev con 2016 - security iot best practicesTrack 5 session 2 - st dev con 2016 - security iot best practices
Track 5 session 2 - st dev con 2016 - security iot best practicesST_World
 
Information Security Lesson 8 - Cryptography - Eric Vanderburg
Information Security Lesson 8 - Cryptography - Eric VanderburgInformation Security Lesson 8 - Cryptography - Eric Vanderburg
Information Security Lesson 8 - Cryptography - Eric VanderburgEric Vanderburg
 
Chapter 8 cryptography lanjutan
Chapter 8 cryptography lanjutanChapter 8 cryptography lanjutan
Chapter 8 cryptography lanjutannewbie2019
 
CNIT 141: 1. Encryption
CNIT 141: 1. EncryptionCNIT 141: 1. Encryption
CNIT 141: 1. EncryptionSam Bowne
 

Semelhante a Aes jul-upload (20)

Ch 12: Cryptography
Ch 12: CryptographyCh 12: Cryptography
Ch 12: Cryptography
 
CISSP Prep: Ch 4. Security Engineering (Part 2)
CISSP Prep: Ch 4. Security Engineering (Part 2)CISSP Prep: Ch 4. Security Engineering (Part 2)
CISSP Prep: Ch 4. Security Engineering (Part 2)
 
How to do Cryptography right in Android Part One
How to do Cryptography right in Android Part OneHow to do Cryptography right in Android Part One
How to do Cryptography right in Android Part One
 
CNIT 141: 3. Cryptographic Security
CNIT 141: 3. Cryptographic SecurityCNIT 141: 3. Cryptographic Security
CNIT 141: 3. Cryptographic Security
 
3. Cryptographic Security
3. Cryptographic Security3. Cryptographic Security
3. Cryptographic Security
 
CNIT 125 Ch 4. Security Engineering (Part 2)
CNIT 125 Ch 4. Security Engineering (Part 2)CNIT 125 Ch 4. Security Engineering (Part 2)
CNIT 125 Ch 4. Security Engineering (Part 2)
 
CompTIASecPLUS-Part6 - UnlimitedEdited.pptx
CompTIASecPLUS-Part6 - UnlimitedEdited.pptxCompTIASecPLUS-Part6 - UnlimitedEdited.pptx
CompTIASecPLUS-Part6 - UnlimitedEdited.pptx
 
Cryptology - The practice and study of hiding information
Cryptology - The practice and study of hiding informationCryptology - The practice and study of hiding information
Cryptology - The practice and study of hiding information
 
Crypto academy
Crypto academyCrypto academy
Crypto academy
 
Normalizing Empire's Traffic to Evade Anomaly-Based IDS
Normalizing Empire's Traffic to Evade Anomaly-Based IDSNormalizing Empire's Traffic to Evade Anomaly-Based IDS
Normalizing Empire's Traffic to Evade Anomaly-Based IDS
 
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptxUNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
 
Security.ppt
Security.pptSecurity.ppt
Security.ppt
 
CNIT 123 12: Cryptography
CNIT 123 12: CryptographyCNIT 123 12: Cryptography
CNIT 123 12: Cryptography
 
Track 5 session 2 - st dev con 2016 - security iot best practices
Track 5 session 2 - st dev con 2016 - security iot best practicesTrack 5 session 2 - st dev con 2016 - security iot best practices
Track 5 session 2 - st dev con 2016 - security iot best practices
 
Symmetric encryption
Symmetric encryptionSymmetric encryption
Symmetric encryption
 
nabdullin_brcrdu_dark
nabdullin_brcrdu_darknabdullin_brcrdu_dark
nabdullin_brcrdu_dark
 
Information Security Lesson 8 - Cryptography - Eric Vanderburg
Information Security Lesson 8 - Cryptography - Eric VanderburgInformation Security Lesson 8 - Cryptography - Eric Vanderburg
Information Security Lesson 8 - Cryptography - Eric Vanderburg
 
Chapter 8 cryptography lanjutan
Chapter 8 cryptography lanjutanChapter 8 cryptography lanjutan
Chapter 8 cryptography lanjutan
 
CNIT 141: 1. Encryption
CNIT 141: 1. EncryptionCNIT 141: 1. Encryption
CNIT 141: 1. Encryption
 
Slidecast - Workshop
Slidecast - WorkshopSlidecast - Workshop
Slidecast - Workshop
 

Mais de Setia Juli Irzal Ismail

Panduan Proyek Akhir D3 Teknologi Komputer Telkom University
Panduan Proyek Akhir D3 Teknologi Komputer Telkom UniversityPanduan Proyek Akhir D3 Teknologi Komputer Telkom University
Panduan Proyek Akhir D3 Teknologi Komputer Telkom UniversitySetia Juli Irzal Ismail
 

Mais de Setia Juli Irzal Ismail (20)

slide-share.pdf
slide-share.pdfslide-share.pdf
slide-share.pdf
 
slide-lp3i-final.pdf
slide-lp3i-final.pdfslide-lp3i-final.pdf
slide-lp3i-final.pdf
 
society50-jul-share.pdf
society50-jul-share.pdfsociety50-jul-share.pdf
society50-jul-share.pdf
 
57 slide presentation
57 slide presentation57 slide presentation
57 slide presentation
 
Panduan Proyek Akhir D3 Teknologi Komputer Telkom University
Panduan Proyek Akhir D3 Teknologi Komputer Telkom UniversityPanduan Proyek Akhir D3 Teknologi Komputer Telkom University
Panduan Proyek Akhir D3 Teknologi Komputer Telkom University
 
Sosialisasi kurikulum2020
Sosialisasi kurikulum2020Sosialisasi kurikulum2020
Sosialisasi kurikulum2020
 
Welcoming maba 2020
Welcoming maba 2020Welcoming maba 2020
Welcoming maba 2020
 
Slide jul apcert agm 2016
Slide jul apcert agm 2016Slide jul apcert agm 2016
Slide jul apcert agm 2016
 
Tugas besar MK Keamanan Jaringan
Tugas besar MK Keamanan Jaringan Tugas besar MK Keamanan Jaringan
Tugas besar MK Keamanan Jaringan
 
05 wireless
05 wireless05 wireless
05 wireless
 
04 sniffing
04 sniffing04 sniffing
04 sniffing
 
03 keamanan password
03 keamanan password03 keamanan password
03 keamanan password
 
02 teknik penyerangan
02 teknik penyerangan02 teknik penyerangan
02 teknik penyerangan
 
01a pengenalan keamanan jaringan upload
01a pengenalan keamanan jaringan upload01a pengenalan keamanan jaringan upload
01a pengenalan keamanan jaringan upload
 
Kajian3 upload
Kajian3 uploadKajian3 upload
Kajian3 upload
 
1.pendahuluan sistem operasi
1.pendahuluan sistem operasi1.pendahuluan sistem operasi
1.pendahuluan sistem operasi
 
10 tk3193-ids
10 tk3193-ids10 tk3193-ids
10 tk3193-ids
 
09 vpn
09 vpn 09 vpn
09 vpn
 
17. representasi data 5 jul
17. representasi data 5 jul17. representasi data 5 jul
17. representasi data 5 jul
 
16. representasi data 4 jul
16. representasi data 4 jul16. representasi data 4 jul
16. representasi data 4 jul
 

Último

Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomFostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomPooky Knightsmith
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfNirmal Dwivedi
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxRamakrishna Reddy Bijjam
 
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...Pooja Bhuva
 
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...Nguyen Thanh Tu Collection
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxJisc
 
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...Nguyen Thanh Tu Collection
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
REMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptxREMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptxDr. Ravikiran H M Gowda
 
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Pooja Bhuva
 
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfUnit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfDr Vijay Vishwakarma
 
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptxSKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptxAmanpreet Kaur
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxheathfieldcps1
 
Food safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfFood safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfSherif Taha
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfagholdier
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsMebane Rash
 
Google Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptxGoogle Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptxDr. Sarita Anand
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...pradhanghanshyam7136
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.pptRamjanShidvankar
 
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxHMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxmarlenawright1
 

Último (20)

Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomFostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the Classroom
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
 
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptx
 
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
REMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptxREMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptx
 
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
 
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfUnit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
 
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptxSKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
 
Food safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfFood safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdf
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
Google Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptxGoogle Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptx
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxHMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
 

Aes jul-upload

  • 1. Symmetric Key Cryptography Setia Juli Irzal Ismail ID-CERT – Telkom University
  • 2. 1. Introduction 2. Introduction about AES 3. Attack in Symmetric Cryptography 4. Cryptography in Malware 5. Discussion
  • 3. Introduction • Setia Juli Irzal Ismail • Jul Ismail • Malware Analyst – ID-CERT • Lecturer – Telkom University www.cert.or.id/
  • 4. ID-CERT • Indonesia Computer Emergency Response Team • 1998 – Dr. Budi Rahardjo • Community based • Incident Handling • Malware Lab • Research & Training about Malware • Tools: Malware Scanner • Founder AP-CERT: JP-CERT & AusCERT www.cert.or.id/
  • 5. Indonesia • South East Asia • 7th largest Country – • 1,904,569 square km2 • Archipelago • 13000 Islands • 4th: Population; 261 million • 700 local language
  • 6. AES
  • 7. AES • Advanced Encryption Standard (AES) was published by the National Institute of Standards and Technology (NIST) in 2001. • NIST is a Agency in USA; measurement standard Laboratory • replace DES (Data Encryption Standard) – 1977 (IBM) • have theoretical attacks that can break it • have demonstrated exhaustive key search attacks • slow www.cert.or.id
  • 8. Selection Process • US NIST issued call for ciphers in 1997 • Open Competition • 15 candidates accepted in Jun 98 • investigated by cryptographers; • Security, • performance in different PC architecture • Implementation in limited environment (smart cards limited memory, low gate count implementations, FPGAs)
  • 9. Finalist • 1999: 5 Finalist • MARS, RC6, Rijndael, Serpent, and Twofish. • 2000: Rijndael • official standard by publishing an announcement in the Federal Document • Positive comment for opennes from the community • Bruce Schneier (Twofish) “I have nothing but good things to say about NIST and the AES process“ www.cert.or.id
  • 10. Rijndael • developed by two Belgian cryptographers, • Vincent Rijmen and Joan Daemen, • all operations are performed on 8-bit • Finite Field Arithmetic • each with a block size of 128 bits, but three different key lengths: 128, 192 and 256 bits • Substitution & Permutation • Repetition 10 round for 128 bit keys, 12 à 192; 14 à256
  • 11. Encryption process 1. Plaintext data to be encrypted 2. Static bytes that are part of the algorithm (lookup table) 3. The key used for encryption www.cert.or.id
  • 12. Encryption process • Substitution & Permutation • Add key • Shift rows • Substituting bytes • Mix columns • Repetition 10 round for 128 bit keys, 12 à 192; 14 à256 www.cert.or.id
  • 13. Implementation • RAR, Winzip, 7z • NTFS • Bitlocker, Truecrypt • IEEE 802.11 Wireless • Whatsapp, Facebook Messenger • IPSec à VPN • GPG à • Intel & AMD Processor • Grand Theft Auto
  • 15. Bruteforce • Trying all possible combination • =exhaustive key search • Needs big computing power & energy • 128 bit key AES à1,02 x1018 years • 256-bit à 3,31 x 1056 years • billions of years to brute force • Supercomputer www.cert.or.id
  • 16. Attack - Cryptanalyst • 2002; XSL attack; • Theoretical attack ; Courtois and Pieprzyk à unworkable • 2009: Alex Biryukov, Dmitry Khovratovich, and Ivica Nikolić, • 2011; Bogdanov, Khovratovich, and Rechberger, • Snowden; NSA doing research on attack based on TAU statistic • Without key à No success (if AES correctly implemented)
  • 17. Side Channel Attack • Not on cipher text • find a weakness in the implementation • Hardware/software • measure power consumption, electromagnetic emissions, and heat generation • requires physical access to the target device. www.cert.or.id
  • 18. Success story • 2005: Bernstein ; cache-timing attackà OpenSSL • number of machine cycles taken by the encryption operation • 2009: DFA (Differential Fault Analysis) à hardware (key recovery) • Smart Card à embedded processor ; • Overclocking, high temperature à false output
  • 21. Crypto implementation in malware • Encrypt the source code à difficult to reverse • Encrypt the comunication to C&C server • Ransomware
  • 22. Ransomware • Malware encrypt your data • Ask ransom (money) • Different crypto algorithm • Most common : asymmetric encryption www.cert.or.id
  • 23. Ransomware-File obfuscation • move or hide targeted files; • show ransom message • Reverse the code à hide the file
  • 24. Custom crypto • Algorithm to encrypt the file • XOR the file • Algorithm is the key • Reverse the steps www.cert.or.id
  • 25. MBR rewriting • Master Boot Record • Rewrite MBR à require password or number • Force reboot a computer à before windows load à ransom message • reversing the serial or password validation algorithm: MBR • Keygen
  • 26. Asymmetric – modern ransomware 1. dynamically generates the keys locally • Sends to C&C server à client ID • Keys are not identical 2. Keys are generated by author • Preloaded in the ransomware • Key are static • Someone get the key, • Share the key www.cert.or.id
  • 27. Dynamic generated keys • Analyse memory dump for file recovery • cryptanalyst • Intercept the transfer and generation of the keys
  • 28. Ransomware Algorithm • AES • RSA • Blowfish • etc www.cert.or.id
  • 29. Shione Ransomware case • C# • Keys are embedded in the ransomware • RSA & AES • AES à encrypt victim files • AES Key à RSA • Public Key RSA embedded in the malware
  • 30. Reference • William, S., & Stalling, C. (2006). Network Security, 4/E. • Malware analysis report, ID-CERT
  • 31. Terima Kasih jul [at] tass.telkomuniversity.ac.id jul_ismail Blog: julismail.staff.telkomuniversity.ac.id www.cert.or.id/