View
754
Download
2
Category
Preview:
DESCRIPTION
Karl von Randow's talk on Web Crypto for Auckland Web Dev Nights on the 9th of May 2013. http://webdevnights.github.io
Citation preview
Web cryptokarl von randow
I felt sorry for this theme
What’s wrong with plain text?
What’s wrong with MD5?
It’s been CRACKED
It has lots of vulnerabilities since 1996.
Really bad since 2008.
What’s wrong with SHA1?
It’s been CROAKED
Actually it’s just a bit vulnerable maybe.
What about salt?
Effective against rainbow tables
So salt is okay
But not against the other collision attacks
PBKDF2
• Password-Based Key Derivation Function 2
• Easy to remember acronym
• It’s a standard
• Salted - hurts rainbow tables
• Repeats a hash lots of times - key stretching
• Adjustable difficulty
Can be implemented with a small circuit and very little
RAM
Uh oh
bcrypt
• Everything PBKDF2 has (except it’s not a standard)
• Aims to be slow
• Been around for ages and unbroken
• A bit of a pain when converting plain text passwords in the database as it takes a while
What about FPGAs?
Oh
What about scrypt?
scrypt
• Like bcrypt but uses more RAM
• Really new (2009)
Migrating from existing
• Plain text - batch convert
• PostgreSQL contrib package
• Hashed - convert on successful login
Hashes in APIsSignature algorithms
2009
• MD5 length extension hack demonstrated on Flickr API(and others)
• Hashes are not good for signing
Use the right tool for the job
HMAC
• Hash-based message authentication code
• HMAC-SHA1
• Uses a secret key
• Substantially less affected by collisions
• No known extension attacks
What about SSL?
SSL
• Privacy in between
• Only secure when both parties have a vested interest in security
• If you control the client
• Tell system to trust a new CA
• Man-in-the-middle
• Doesn’t protect your API from being tinkered with or disclosed
Only $50
i have seen that yours is the shittest software ever
#@%! your mothers
“CWP was pivotal in helping me crack an https encrypted API for an iPhone
application. Thankfully, that was their only method of securing the data, because it
lead to me bringing online stats for a cult-classic video game called SSX... So, I just
wanted to say thanks!”
“... after seeing the URLs were GET requests with username and passwords, I
figured this was going to be VERY EASY. I actually did it all during the 30 minute trial of the program. (that reminds me, I should
buy a license because it was so awesome).”
Justin J.N.
Thanks Sir JBall
for the sweet vector illustrations. They really
cleared things up.
What about validating the certificate?
bcrypt & HMAC-SHA1
SSL for privacy
Recommended