@adam_englander

Tales From the CryptA Cryptography Primer

Adam Englander, iovation

@adam_englander

Who Am I?

@adam_englander

What We Will Discuss

Wearegoingtotalkaboutthecommonmethodsandtermsusedforcryptographyinapplicationdevelopment.

@adam_englander

Don’t Dwell

Donotfeelashamedbecauseyouaredoinganyofthiswrong.Justfixitmovingforward.

@adam_englander

What Is Cryptography?

Cryptography…isthepracticeandstudyoftechniquesforsecurecommunicationinthepresenceofthirdpartiescalledadversaries. Wikipedia

@adam_englander

My Definition of Cryptography

Cryptographyobscuresdatainsuchawaythatitisdifficultandcostlytoduplicateorreverse.

@adam_englander

What is Good Cryptography?

Goodcryptographyhasahighlevelofentropy.Thatis,thattheencryptedorhasheddatahasalowlevelofpredictability.

@adam_englander

Why Is Entropy Important?

Alldatahaspatterns.Ifyourencryptedorhasheddataretainsthosepatterns,itismuchlessdifficultandlesscostlytoduplicateorreverse.

@adam_englander

Example of Poor Entropy

@adam_englander

How To Increase Entropy

•Increaseentropybymixingincryptographicallysecurepseudorandomdataintheformofaninitializationvector(IV)orsalt•Increaseentropywithfeedbackloops

@adam_englander

Feedback Loop Example

@adam_englander

Example of Good Entropy

@adam_englander

Localized vs Global Entropy

• Highentropyonanitemisgood• Highentropyacrossthedatasetisbetter• Patternsexistacrossyourentiredatasetthatmayaidadversaries

@adam_englander

Cryptography Types

• Symmetric Key Cryptography uses shared secrets• Asymmetric Key Cryptography uses

private/public key pairs

@adam_englander

Cryptography Applications

• Encryption• Digital Signatures• Key Derivation

@adam_englander

Encryption

• Protecting data that needs to be recalled• Can be reversed via decryption

@adam_englander

Digital Signature

• Used to verify authenticity of data• Used mostly for data transfer• Can not be reversed but can be

reproduced for verification

@adam_englander

Key Derivation

• A.K.A. password hashing• Cannot be reversed• Computationally expensive by design

@adam_englander

Symmetric Key Cryptography

@adam_englander

Symmetric Key Cryptography

• Shared secrets• Uses cipher algorithms against blocks

or streams of data• Most implementations will use block

@adam_englander

Block Cipher Modes

• DO NOT USE Electronic Cookbook (ECB)!!!• Cipher Block Chaining (CBC) will be

the right choice for most implementations

@adam_englander

Cipher Block Chaining (CBC)

• Entire message is required for decryption• Full cipher text block is used as the

seed for the next block

@adam_englander

Cipher Block Chaining (CBC)

@adam_englander

Digital Signatures (HMAC)

• Hash-based Message Authentication Code (HMAC)• Hashing combined with key• SHA-256 or better is preferred to

ensure uniqueness

@adam_englander

Asymmetric Key Cryptography

@adam_englander

Asymmetric Key Cryptography

• RSA is common and available• Uses very large prime integers• Very computationally expensive• Uses key pairs to protect secret

@adam_englander

Private/Public Key Pair

• Private key can do encrypt, decrypt, sign, and verify signature• Public key does not have enough data

to decrypt or sign. Can only encrypt and verify signature

@adam_englander

Key Size and Hash Algorithm

• Current minimum recommend key size is 2048• SHA1 is considered safe but SHA-256

is better

@adam_englander

Data Limitations

• RSA can only encrypt or sign data up to the length of the key size• Signatures use hashing• Crypto often mixed with symmetric key

cryptography

@adam_englander

Padding

• Padding is how RSA creates additional entropy• RSA_PKCS1_OAEP_PADDING is

default and should always be used• RSA_PKCS1_PADDING is not safe

@adam_englander

Key Derivation Functionsa.k.a Password Hashing

@adam_englander

Password Hashing

NEVERusestandardhashingfunctionlikeMD5orSHA!

Onlyusekeyderivationfunctions!

@adam_englander

Key Derivation

• Injects salt for entropy• Iterates to increase cost• Can create cost via threads and memory• Bigger is better!

@adam_englander

Which KDF Should I Use

• argon2i is the new hotness• scrypt is preferred• bcrypt is acceptable• pbkdf2 can be used in a pinch• No passwords are best

@adam_englander

Recommendations

@adam_englander

Types

• Use RSA asymmetric key cryptography when transferring data and AES/CBC otherwise• Mix with AES and random keys/IVs per transfer• Use crypto.randomBytes for randomness• Use bcrypt/scrypt/argon2i for passwords

@adam_englander

Strength

• AES: aes-256-cbc / sha256• RSA: 2048+ PKCS1_OAEP / RSA-

SHA256• Hash until it hurts!

@adam_englander

Further Reading

• https://nodejs.org/api/crypto.html• https://www.wikipedia.org/• https://www.npmjs.com/package/bcrypt• https://www.npmjs.com/package/scrypt• https://www.npmjs.com/package/argon2

@adam_englander

Please Provide Feedback

• @adam_englander• https://speakerrate.com/talks/70701-

tales-from-the-crypt-a-cryptography-primer