Encryption Recap: A Refresher on Key Concepts
thomashtkim
34 views
31 slides
May 14, 2024
Slide 1 of 31
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
About This Presentation
Encryption Recap: A Refresher on Key Concepts
DO and DON'T for developers
A while ago, I had chance to collect information and share this PDF summarizing common encryption terminology within my teams. This covers algorithms, and best practices that many developers may find helpful as a refresh...
Slide Content
Data Encryption
Recap
Thomas Kim
Recap
Thomas Kim
Security &
Encryption
•Priority of security ‘was’ low than features
•There is NO 100% secure
•Security is not just cost, it is everything and
everywhere
•Encryption is the minimum defence, when
other security fails
•Encryption is minimum requirement for
any services or apps
Encryption
•Priority of security ‘was’ low than features
•There is NO 100% secure
•Security is not just cost, it is everything and
everywhere
•Encryption is the minimum defence, when
other security fails
•Encryption is minimum requirement for
any services or apps
Common
Terminology
•Number of Keys : Symmetric vs. Asymmetric
•Data Processing Unit : Stream vs. Block
•Data Recovery Capability : One Way vs. Both
Way
Terminology
•Number of Keys : Symmetric vs. Asymmetric
•Data Processing Unit : Stream vs. Block
•Data Recovery Capability : One Way vs. Both
Way
Hash
Functions
•Turn arbitrary size of input to fixed size of
output
•Guaranteed same output for same input
•It is fast, used for fast search as hash table
•Digest : output of hashing
Functions
•Turn arbitrary size of input to fixed size of
output
•Guaranteed same output for same input
•It is fast, used for fast search as hash table
•Digest : output of hashing
Hash
Collision
•h(M) = H
•h() : hash function
•M : input
•H : hash (digest)
•Collision: different input,
same hash (MD5, SHA1)
Collision
•h(M) = H
•h() : hash function
•M : input
•H : hash (digest)
•Collision: different input,
same hash (MD5, SHA1)
Requirement of
Encrypting
Hash Function
•Pre-image Resistance
•2
nd Pre-image Resistance
•Collision Resistance
Encrypting
Hash Function
•Pre-image Resistance
•2
nd Pre-image Resistance
•Collision Resistance
Pre-image
Resistance
With given hash H, difficult to find out original
input
h(M) = H
H = ‘aaf4c61ddcc5e8a2dabede0f3b482cd9aea9434d’
M = ‘hello’
Resistance
With given hash H, difficult to find out original
input
h(M) = H
H = ‘aaf4c61ddcc5e8a2dabede0f3b482cd9aea9434d’
M = ‘hello’
2
nd Pre-image
Resistance
With given (M), ensure there is no other
input (M`) to have the same h
h(M) = H
H = ‘aaf4c61ddcc5e8a2dabede0f3b482cd9aea9434d’
M = ‘hello’, M`=?
nd Pre-image
Resistance
With given (M), ensure there is no other
input (M`) to have the same h
h(M) = H
H = ‘aaf4c61ddcc5e8a2dabede0f3b482cd9aea9434d’
M = ‘hello’, M`=?
Collision
Resistance
•Ensure mathematically ‘nearly’ impossible
to have two M and M` that has same h
•Finding arbitrary M1, M2 that produce the
same h
•Stability of hash measured to the half of
the bit size of the algorithm (SHA1 =
80bit, SHA256 = 128bit)
Resistance
•Ensure mathematically ‘nearly’ impossible
to have two M and M` that has same h
•Finding arbitrary M1, M2 that produce the
same h
•Stability of hash measured to the half of
the bit size of the algorithm (SHA1 =
80bit, SHA256 = 128bit)
Rainbow
Attack
•A type of Brute-force attack
•Using pre-calculated rainbow table to
match result H
•If H is the same, then M is out of the
rainbow table
•Prevent the attack by adding salt
Attack
•A type of Brute-force attack
•Using pre-calculated rainbow table to
match result H
•If H is the same, then M is out of the
rainbow table
•Prevent the attack by adding salt
Hashing
Algorithms
•MD5, SHA1, SHA2 (SHA256, SHA384, SHA512)
•MD5 (128bit) : not secure
•SHA1(160bit) : not recommended as long term
key (i.e. digital signature, used as one and only
algorithm for password encryption), still OK for
transient keys (session, git commit hash)
Algorithms
•MD5, SHA1, SHA2 (SHA256, SHA384, SHA512)
•MD5 (128bit) : not secure
•SHA1(160bit) : not recommended as long term
key (i.e. digital signature, used as one and only
algorithm for password encryption), still OK for
transient keys (session, git commit hash)
Symmetric-key
Algorithm
•One secret key for encryption and
decryption
•DES, 3DES, AES, IDEA, RC4, RC5
•Speedy and Easy to implement
•Hard to transfer secret keys each
other
•Key management is even harder
n(n-1)/2
Algorithm
•One secret key for encryption and
decryption
•DES, 3DES, AES, IDEA, RC4, RC5
•Speedy and Easy to implement
•Hard to transfer secret keys each
other
•Key management is even harder
n(n-1)/2
Stream
Cipher
•Make a symmetric key
•Bit-wise XOR
•RC4, AS/2
•Speedy, no longer used
Cipher
•Make a symmetric key
•Bit-wise XOR
•RC4, AS/2
•Speedy, no longer used
Block
Cipher
•encrypt/decrypt by data block
•symmetric algorithm
•DES : not recommended
•AES : adopted by NIST, 128/192/256
•Camellia : used for TLS session
•implementations by size of block
and key length
https://www.youtube.com/watch?v=gP4PqVGudtg
Cipher
•encrypt/decrypt by data block
•symmetric algorithm
•DES : not recommended
•AES : adopted by NIST, 128/192/256
•Camellia : used for TLS session
•implementations by size of block
and key length
https://www.youtube.com/watch?v=gP4PqVGudtg
Padding
•Input data is NOT always the
multiples of block size
(i.e.) PKCS7/PKCS5 Padding : if lack
of 3 bytes, put 03 03 03
•Input data is NOT always the
multiples of block size
(i.e.) PKCS7/PKCS5 Padding : if lack
of 3 bytes, put 03 03 03
Mode of
Operations
•Define the rules between each blocks
•ECB, CBC, CFR, etc.
Operations
•Define the rules between each blocks
•ECB, CBC, CFR, etc.
Mode of Operation
ECB
https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation
•Electronic Code Book
•No mode of operations
•Each block can be
encrypted/decrypted
•Critical issues (guess input)
•Shouldn’t be used with
symmetric key encryption
(i.e. AES/ECB NOT secure)
ECB
https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation
•Electronic Code Book
•No mode of operations
•Each block can be
encrypted/decrypted
•Critical issues (guess input)
•Shouldn’t be used with
symmetric key encryption
(i.e. AES/ECB NOT secure)
Mode of Operation
CBC
•Cipher Block Chaining
•Enhanced security
•Uses previous block as input to
produce the next block
•For 1st block, use IV
(Initialization Vector), hard to
guess
•Recommended for symmetric
key encryption (AES/CBC)
https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation
CBC
•Cipher Block Chaining
•Enhanced security
•Uses previous block as input to
produce the next block
•For 1st block, use IV
(Initialization Vector), hard to
guess
•Recommended for symmetric
key encryption (AES/CBC)
https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation
CBC
private static final String key = "aesEncryptionKey"; // 16 bytes
private static final String IV = "encryptionIntVec"; // 16 bytes
private static final String UTF8 = "UTF-8";
public static String encrypt(String value) {
try {
IvParameterSpec iv = new IvParameterSpec(IV.getBytes(UTF8));
SecretKeySpec spec = new SecretKeySpec(key.getBytes(UTF8), "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING" );
cipher.init(Cipher.ENCRYPT_MODE, spec, iv);
byte[] encrypted = cipher.doFinal(value.getBytes());
return Base64.encodeBase64String(encrypted);
}
catch (Exception ex) {
ex.printStackTrace();
}
return null;
}
•Key : should be loaded
from secure storage
•IV : secure random value
•Key, IV are required for
encryption/decryption
private static final String key = "aesEncryptionKey"; // 16 bytes
private static final String IV = "encryptionIntVec"; // 16 bytes
private static final String UTF8 = "UTF-8";
public static String encrypt(String value) {
try {
IvParameterSpec iv = new IvParameterSpec(IV.getBytes(UTF8));
SecretKeySpec spec = new SecretKeySpec(key.getBytes(UTF8), "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING" );
cipher.init(Cipher.ENCRYPT_MODE, spec, iv);
byte[] encrypted = cipher.doFinal(value.getBytes());
return Base64.encodeBase64String(encrypted);
}
catch (Exception ex) {
ex.printStackTrace();
}
return null;
}
•Key : should be loaded
from secure storage
•IV : secure random value
•Key, IV are required for
encryption/decryption
Comparison
: Mode of Operations
•ECB
•CBC
ECB CBC
Original
: Mode of Operations
•ECB
•CBC
ECB CBC
Original
PBKDF2
•Password Based Key Derivation Function 2
•Widely used for user password encryption
•Prevent brute-force attack by iteration (key
stretching)
1.Generate random key based on password
2.Adding salt
3.Iterate enough times to produce hash
•Password Based Key Derivation Function 2
•Widely used for user password encryption
•Prevent brute-force attack by iteration (key
stretching)
1.Generate random key based on password
2.Adding salt
3.Iterate enough times to produce hash
Public Key
Encryption
•Asymmetric Key Algorithm
•Encrypt with Public Key
•Decrypt with Private Key
•Resolve the Difficulty of Key Sharing
•Used for
-Authentication
-Non-Repudiation
-Digital Signature
Encryption
•Asymmetric Key Algorithm
•Encrypt with Public Key
•Decrypt with Private Key
•Resolve the Difficulty of Key Sharing
•Used for
-Authentication
-Non-Repudiation
-Digital Signature
Public Key
Cryptography
RSA
•Rivest, Shamir, Adleman
•uses HUGE prime numbers as keys
•Much calculation, slow
ECDSA
•Elliptic Curve Digital Signature Algorithm
•Bitcoin
DSA
•Digital Signature Algorithm
13 = A * B
A=? and B=?
472,882,027 = A * B
A=? and B=?
Cryptography
RSA
•Rivest, Shamir, Adleman
•uses HUGE prime numbers as keys
•Much calculation, slow
ECDSA
•Elliptic Curve Digital Signature Algorithm
•Bitcoin
DSA
•Digital Signature Algorithm
13 = A * B
A=? and B=?
472,882,027 = A * B
A=? and B=?
Key
Exchange
•Key agreement
-Procedure to get agreement on key exchange
-Diffie-Hellman Algorithm (SSH, SSL)
(https://www.youtube.com/watch?v=wLFztjQDdzI )))
•Key Encipherment
-RSA Algorithm
1.Receiver generate symmetric key
2.Encrypt the symmetric key with sender’s public key
3.Transfer to the sender
Exchange
•Key agreement
-Procedure to get agreement on key exchange
-Diffie-Hellman Algorithm (SSH, SSL)
(https://www.youtube.com/watch?v=wLFztjQDdzI )))
•Key Encipherment
-RSA Algorithm
1.Receiver generate symmetric key
2.Encrypt the symmetric key with sender’s public key
3.Transfer to the sender
SSL
TLS
•Session Key: symmetric key for a session
•SSL Hands-shake: key exchange procedure for SSL session
(Diffie-Hellman)
•SSL uses symmetric key (session key) throughout the session
•Session key cache for speed up
•TLS 1.2/1.3
•Excessive session timeout NOT recommended
TLS
•Session Key: symmetric key for a session
•SSL Hands-shake: key exchange procedure for SSL session
(Diffie-Hellman)
•SSL uses symmetric key (session key) throughout the session
•Session key cache for speed up
•TLS 1.2/1.3
•Excessive session timeout NOT recommended
PGP
•Pretty Good Privacy
•1991 by Phil Zimmermann
•Used for Email Encryption
•Public Key Repository (http://pgp.mit.edu)
•GPG Tools
•Lack of Certified Authority
•Pretty Good Privacy
•1991 by Phil Zimmermann
•Used for Email Encryption
•Public Key Repository (http://pgp.mit.edu)
•GPG Tools
•Lack of Certified Authority
CA
Certificate Authority
SSL
Certificate
SSL certificate issued by CA
•Public Key Certificate
•CA certify ownership of Public Key
•CA sign Public Key by its own Private Key
•validate SSL certificate by CA public key on establishing SSL session
•start to trust owner of SSL certificate certified by a CA
•Verification Domain Ownership by certificate chain
Self-Signed SSL Certificate
•certified by its own CA
•NO trust from browsers
Certificate Authority
SSL
Certificate
SSL certificate issued by CA
•Public Key Certificate
•CA certify ownership of Public Key
•CA sign Public Key by its own Private Key
•validate SSL certificate by CA public key on establishing SSL session
•start to trust owner of SSL certificate certified by a CA
•Verification Domain Ownership by certificate chain
Self-Signed SSL Certificate
•certified by its own CA
•NO trust from browsers
Authentication
vs.
Authorization
Authentication
•validate a user (or entity) is right one
•By password, biometry (fingerprint, face/palm/
iris scan, voice signature), smart card, OTP, etc.
Authorization
•Decide whether allow or not (permission)
•Authentication followed by Authorization
vs.
Authorization
Authentication
•validate a user (or entity) is right one
•By password, biometry (fingerprint, face/palm/
iris scan, voice signature), smart card, OTP, etc.
Authorization
•Decide whether allow or not (permission)
•Authentication followed by Authorization
HSM
Hardware Security Module
•Security Compliance
•Embedded circuit (or software) to perform
cryptographic calculation
•Key management
•No access of key from outside
•Self destroy keys on unauthorized
disassemble attempts*
•Keep information safe
•Cloud-based HSM available (AWS, Azure,
etc.)
Hardware Security Module
•Security Compliance
•Embedded circuit (or software) to perform
cryptographic calculation
•Key management
•No access of key from outside
•Self destroy keys on unauthorized
disassemble attempts*
•Keep information safe
•Cloud-based HSM available (AWS, Azure,
etc.)
Rules of
Thumb
PLEASE DON’T DO
•DO NOT try to invent new encryption algorithm by yourself
•DO NOT use AES/ECB, instead AES/CBC
•DO NOT save AES Keys and IVs as file
•DO NOT use Self-signed certificate (if possible)
PLEASE DO
•PBKDF2 for user password
•Use salt on one way hashing to avoid rainbow attack
•Use key stretching (hash iteration) to avoid brute-force attack
•Consider key strength and hash iteration based on life of data and importance
•Use HSM for Super sensitive data
Thumb
PLEASE DON’T DO
•DO NOT try to invent new encryption algorithm by yourself
•DO NOT use AES/ECB, instead AES/CBC
•DO NOT save AES Keys and IVs as file
•DO NOT use Self-signed certificate (if possible)
PLEASE DO
•PBKDF2 for user password
•Use salt on one way hashing to avoid rainbow attack
•Use key stretching (hash iteration) to avoid brute-force attack
•Consider key strength and hash iteration based on life of data and importance
•Use HSM for Super sensitive data
Thanks
Q/A
Q/A
Categories
TechnologyDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 34
- Slides 31
- Age 567 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
46 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
46 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
37 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
34 views
21
Know for Certain
DaveSinNM
21 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
26 views