Learning a few Crypto pitfalls practically-Part 1
NULL Hyderabad held its April month's security meetup at J.P Morgan Chase, Hyderabad. This time, there was a turn out of about 150 people! Glad to see that security enthusiasts in Hyderabad are increasing :) This time, I have presented on "Learning a few Crypto pitfalls, practically".
Whenever I commit for giving a talk, I always visualize (may be fantasize is the right word :p) about my demos first, and start writing code. I usually end up preparing slides on the day of the talk. Apparently, I am quite consistent at this, as evident from this old tweet :p
Spent the last couple of days on demos for today's talk at @nullhyd. Realized that I don't have a ppt yet! 1 hr to go. This doesn't change!
— Krishna Chaitanya T (@novogeek) October 15, 2016
Coming to the topic, I wasn't sure what to propose and I led myself into a trap this time ;) Primarily I work on securing apps developed using Microsoft technologies (ASP.NET Core, Azure PaaS etc.). Since I know that almost 99% of my audience are from non-Microsoft-tech background, I'm sure it would sound like Astro-Physics if I go into the nuances of what I work on. So I thought of choosing a generic topic and thought about covering the basics of Crypto. Touching Crypto without going into the basic Math of it is hard, and doing a talk on it without demos is sin! It is easy to do basic demos, but I wanted to tinker and expand my learning.
.@nullhyd The learning I had in the last few days is amazing! Well, I thought to do an intro session, but I now think it may go beyond intro ;)
— Krishna Chaitanya T (@novogeek) April 21, 2017
Precisely for this, I have changed the title of my talk from "Practical Crypto 101" to "Learning a few Crypto pitfalls, practically". Though a part of the content was more than absolute basics for some, I am sure it was useful.
Though the talk was for about 1.5 hrs, I spent more than 30 hours building the demos. Most of the time went into understanding the theoretical side of it. I have built a simple utility, Crypto Explorer, to graphically demonstrate certain weaknesses in poor Cryptography implementations. Specifically, it demonstrates the weakness in Stream Cipher key stream reuse, and Block cipher ECB mode. You can find the source code of the utility at this Github repo. I have built it in WPF and C#.
For me, demos give a plan of how I should organize the content and slides only help me set the flow. Typically, I polish the slides post my talk so that I can expand the technicalities as per the discussion in the talk. So here are the (polished) slides of my talk:
Here is a quick demo of Crypto Explorer. I really enjoyed building this :)
There were several interesting challenges in building this. E.g., If you thought that encrypting an image is same as encrypting a file (simply run it through an encryption algorithm), you are wrong! The demo requires the image to be rendered on screen. So if you encrypt the image totally, you will be encrypting the image headers as well, thereby corrupting the image. I tried to manually split the headers/content of the image but it wasn't trivial. I ended up looking at a few Steganography projects to get an idea of how it is done. Essentially you need to read the rendered pixels, convert to byte array and encrypt it. One catch is, the same logic doesn't apply for decryption as the approach is error prone (you may not get the same encrypted byte array when you read the rendered pixels of an encrypted image). So the encrypted byte array has to be stored in memory and decryption has to be done on it instead of reading encrypted pixels from screen. It took some time to figure out library support for this, but thankfully MSDN had good pointers.
On top of these implementation challenges, the learning I had in exploring the crypto side of things is amazing. The references slide has some of the sources that I explored. I couldn't cover Padding Oracle in detail in the talk, but hope I can cover it some other time. If you are looking for a good crypto programming challenge, implement a tool to automate padding oracle attack on your own (check Padbuster). You will need to have a detailed understanding of Block ciphers :-)
Thanks to NULL, I had an extremely fruitful week. Want to discuss more about this? Drop by at the next NULL Hyderabad meet :-)