Jose L. Quiñones, BS

MCSA, RHSA, C|EH, C)PEH, C)M2I, GCIH, GPEN

What is a crypto party?

Is a grassroots global movement to introduce the basics of practical cryptography such as the Tor anonymity network, key signing parties, disk encryption and virtual private networks to the general public.

How the Internet works?

The NSA scandal has revealed …

• They can and will capture all traffic possible

• All encrypted traffic is considered suspicious and is retained indefinitely

• They trace up to 3 hops/connections (people) to and from the target.

• This is not something new, don’t be naive. Every country does it.

• The Patriot Act expired on June 1st, 2015, but was reinstated by the USA Freedom Act on June 2, 2015 until 2019.

Encoding

• Encoding is the process of putting a sequence of characters (letters, numbers, punctuation, and certain symbols) into a specialized format for efficient transmission or storage.

• Encoding Standards: Base64, ROT13, ASCII, Hex/Bin, XML

• Encoding IS NOT SECURITY!

Hashing

• Creates a fixed string of bits or hexadecimal characters, which cannot be reverted to recreate the original data.

• A hash is a number derived from performing a calculation (algorithm) on data, such as a message, file or string.

• It can be used to ensure that data has retained integrity.

• It’s commonly used for storing passwords

Common Hashing Algorithms

• MD5• MD5 algorithm is a widely used hash function producing a 128-bit hash value

• SHA-1• SHA-1 (Secure Hash Algorithm 1) is a cryptographic hash function published

by the United States NIST. SHA-1 produces a 160-bit (20-byte) hash value known as a message digest.

• SHA-2• It’s the successor to SHA-1. The SHA-2 family consists of six hash functions

with digests (hash values) that are 224, 256, 384 or 512 bits: SHA-224, SHA-256, SHA-384, and SHA-512.

Encryption

• Scrambles, or ciphers data to make It unreadable if intercepted

• Can be used to ensure Confidentiality and Integrity• Confidentiality ensures that data is only viewable by authorized users

• Integrity provides assurances that data has not been modified

• Does not protect metadata or activity around the encrypted packet or file.

Types of Encryption

• Symmetric• Symmetric-key algorithms are algorithms for cryptography that use the same

cryptographic keys for both encryption of plaintext and decryption of ciphertext.

• Examples: AES (Rijndael), DES, 3DES, Blowfish, Twofish

• Asymmetric• Public key cryptography, or asymmetric cryptography, is any cryptographic

system that uses pairs of keys: public keys which may be disseminated widely, and private keys which are known only to the owner.

Encryption Algorithms and Protocols

• Algorithms• RC4

• RSA

• AES

• DES/3DES

• Blowfish

• Twofish

• Protocols• OpenPGP

• HTTPS/S-HTTP

• SSL/TLS

• IpSec

• SSH/SCP/SFTP

• STMPS

Tools & Technologies

PRISM ⚡ BREAK

Go to … https://prism-break.org/en/

Gnu Privacy Guard (GnuPG/GPG)

• It’s a free open source implementation of the OpenPGPstandard.

• Download at:Linux: Install using package manager (apt-get or yum)

MacOS: https://gpgtools.org

Windows: http://www.gpg4win.org

GPG How-to

# Generate you key pair (Private/Public), answer the questions. (key size > 2048)

$ gpg --gen-key

# Export your public key to ASCII format

$ gpg --armor --export <email@domain>

# Encrypt file

$ gpg --encrypt --sign --armor -r <email@domain> <file_name>

# Decrytpt file

$ gpg <file_name>

(The Onion Router)

• The original data, including its destination, are encrypted and re-encrypted multiple times, and sent through a virtual circuit comprising successive, randomly selected Tor relays.

• Download at:

https://www.torproject.org/

How does Tor works?

How Tor protects you from snooping

Private Virtual Private network (VPN)

• Private VPN service• VPN service you pay for to protect your information

• VPN providers are bound by its country’s laws

• Protocols• PPTP (weakest)

• L2TP/Ipsec

• SSL/TLS

• OpenVPN• Opensource vpn software

How a private VPN works

Secure Shell (SSH)

• SSH is a cryptographic network protocol for operating network services securely over an unsecured network.

• The best known example application is for remote login to computer systems by users.

• SSH can be used to create encrypted tunnels and forward port traffic.

SSH Socks Proxy

SSH How-to

• Remote• ssh –R remote_port

• Static (redirect a local connection to a remote ip:port)• ssh –L local_port:remote_ip:remote_port user@host

• ssh –L 10000:10.10.10.10:80 user@host

• Dynamic (socks v5)• ssh –D local_port user@host

• ssh –D 10000 user@host

• Other options• -f (sent to backgrond

• -N (prevent execution on remote server

• -o (send proxy command)

6/22/2017

Watch out for sides channels, … and metadata!

Cautions with Tor

• Traffic on exit nodes can be captured/sniffed, exit nodes should not (NEVER) be trusted.

• Incompatible applications can bypass Tor and reveal your location/personal information

• “User” fingerprinting may be possible• User agent, OS, plugins, etc…

• Client side scripting can collect valuable information

Metadata

• With whom do you communicate?• Telephone, Email, Text/SMS, Chat

• What is you pattern of communication?• frequency, periods of time, volume, time line

• Where do you go and who goes to the same “place”?• “places” you visit

Immersion at MIThttps://immersion.media.mit.edu/

• Immersion presents users with a number of different perspectives of their email data.

• It provides a tool for self-reflection at a time where the zeitgeist is one of self-promotion.

• It provides an artistic representation that exists only in the presence of the visitor.

• It helps explore privacy by showing users data that they have already shared with others.

• Finally, it presents users wanting to be more strategic with their professional interactions, with a map to plan more effectively who they connect with.

Thanks!

josequinones@codefidelio.org

@josequinones