SECURE INTEGRATION OF CRYPTOGRAPHIC SOFTWARE
|
|
- Sandra Waters
- 5 years ago
- Views:
Transcription
1 SECURE INTEGRATION OF CRYPTOGRAPHIC SOFTWARE Speaker: Stefan Krüger Folie 1
2 When a Developer Uses a Crypto API Uses Electronic Codebook (ECB) Folie 2
3 The Average Developer is no Crypto Expert 88% of Android apps contain at least one misuse Popular vendors misuse TLS libraries 83% of crypto-related vulnerabilites result from API misuse Folie 3
4 What shall we do about it? AES, RSA, CBC Private Data, Passwords, Data Encryption Folie 4
5 What shall we do about it? AES, RSA, CBC Private Data, Passwords, Data Encryption Folie 5
6 What shall we do about it? AES, RSA, CBC Private Data, Passwords, Data Encryption Folie 6
7 What shall we do about it? AES, RSA, CBC Private Data, Passwords, Data Encryption Folie 7
8 What shall we do about it? AES, RSA, CBC Private Data, Passwords, Data Encryption Folie 8
9 What shall we do about it? AES, RSA, CBC Private Data, Passwords, Data Encryption + Folie 9
10 What shall we do about it? AES, RSA, CBC Private Data, Passwords, Data Encryption + Folie 10
11 What shall we do about it? AES, RSA, CBC Private Data, Passwords, Data Encryption + Folie 11
12 What shall we do about it? AES, RSA, CBC Private Data, Passwords, Data Encryption + Folie 12
13 What shall we do about it? AES, RSA, CBC Private Data, Passwords, Data Encryption + Folie 13
14 CogniCrypt supports Developers as an Eclipse Plugin Folie 14
15 CogniCrypt supports Developers as an Eclipse Plugin Folie 15
16 CogniCrypt s Components CogniCrypt GEN CogniCrypt SAST Folie 16
17 CogniCrypt GEN Code Generation For Crypto APIs CogniCrypt GEN Folie 17
18 CogniCrypt GEN Code Generation For Crypto APIs CogniCrypt GEN [CogniCrypt: Supporting Developers in using Cryptography. Stefan Krüger, Sarah Nadi, Michael Reif, Karim Ali, Eric Bodden, Mira Mezini,. ASE Tool Track 2017.] Folie 18
19 CogniCrypt GEN Code Generation For Crypto APIs Task Descriptions Algorithm Model Code Template [CogniCrypt: Supporting Developers in using Cryptography. Stefan Krüger, Sarah Nadi, Michael Reif, Karim Ali, Eric Bodden, Mira Mezini,. ASE Tool Track 2017.] Folie 19
20 But I have to Change My Code! CogniCrypt GEN CogniCrypt SAST Folie 20
21 CogniCrypt SAST Detection of Crypto-API Misuses CogniCrypt SAST Folie 21
22 CogniCrypt SAST Detection of Crypto-API Misuses CogniCrypt SAST [CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs. Stefan Krüger, Johannes Spaeth, Karim Ali, Eric Bodden, Mira Mezini. ECOOP 2018.] Folie 22
23 within Eclipse! Save Static Analysis Error Markers Folie 23
24 Main Error Types of CogniCrypt SAST Incorrect Usage Pattern Insecure Parameters Insecure Class Composition Folie 24
25 I.E. Error Type: Insecure Parameters AES should rather be AES/{CBC/GCM} [CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs. Stefan Krüger, Johannes Spaeth, Karim Ali, Eric Bodden, Mira Mezini. ECOOP 2018.] Folie 25
26 CrySL Specifiying The Use of Crypto APIs (1/2) SPEC javax.crypto.keygenerator OBJECTS EVENTS int keysize; javax.crypto.secretkey key; java.lang.string alg; g1: getinstance(alg); g2: getinstance(alg, _); Gets := g1 g2; i1: init(keysize); i2: init(keysize, _); i3: init(_); i4: init(_, _); Inits := i1 i2 i3 i4; gk: key = generatekey(); ORDER Gets, Inits?, gk CONSTRAINTS alg in {"AES"} => keysize in {128, 192, 256}; alg in {"DES"} => keysize in {56}; alg in {"Blowfish"} => keysize in {40, 44, 48, 52, 56,..., 436, 440}; [CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs. Stefan Krüger, Johannes Spaeth, Karim Ali, Eric Bodden, Mira Mezini. ECOOP 2018.] Folie 26
27 CrySL Specifiying The Use of Crypto APIs (2/2) ENSURES generatedkey(key,alg); SPEC javax.crypto.cipher REQUIRES generatedkey(key, alg(transformation)); ENSURES encrypted(plaintext, ciphertext); [CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs. Stefan Krüger, Johannes Spaeth, Karim Ali, Eric Bodden, Mira Mezini. ECOOP 2018.] Folie 27
28 CrySL Rules for the Java Cryptographic Architecture (JCA) Encryption & Decryption Randomness Hashing and MACs Signing & Verification Key Generation 23 Classes & Interfaces Persisting of Key Material [CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs. Stefan Krüger, Johannes Spaeth, Karim Ali, Eric Bodden, Mira Mezini. ECOOP 2018.] Folie 28
29 Evaluation - Android 88% 10k Android Apps 96% of these Apps are insecure [CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs. Stefan Krüger, Johannes Spaeth, Karim Ali, Eric Bodden, Mira Mezini. ECOOP 2018.] Folie 29
30 Evaluation - Maven 2.7+ Million Software Artefacts 73% 88% of these Artefacts are insecure Folie 30
31 Folie 31
32 Folie 32
33 Folie 33
34 Folie 34
35 Folie 35
CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs Stefan Krüger Paderborn University, Germany stefan.krueger@uni-paderborn.de
More informationarxiv: v1 [cs.se] 2 Oct 2017
Stefan Krüger Paderborn University stefan.krueger@upb.de Johannes Späth Fraunhofer IEM johannes.spaeth@iem.fraunhofer.de Karim Ali University of Alberta karim.ali@ualberta.ca Eric Bodden Paderborn University
More informationEncrypting and Decrypting using CTR and CBC Modes in C# with BouncyCastle
SE425: Communication and Information Security Recitation 5 Semester 2 5778 16 April 2018 Encrypting and Decrypting using CTR and CBC Modes in C# with BouncyCastle In this week s recitation we ll learn
More informationTowards Secure Integration of Cryptographic Software
Towards Secure Integration of Cryptographic Software Steven Arzt 1 Sarah Nadi 2 Karim Ali 1 Eric Bodden 1 Sebastian Erdweg 2 Mira Mezini 2 1 Secure Software Engineering Group, Technische Universität Darmstadt,
More informationFIPS Non-Proprietary Security Policy. Level 1 Validation Version 1.2
Oracle Solaris Kernel Cryptographic Framework with SPARC T4 and T5 Software Version: 1.0 and 1.1; Hardware Version: SPARC T4 (527-1437-01) and T5 (7043165) FIPS 140-2 Non-Proprietary Security Policy Level
More informationCIS 4360 Secure Computer Systems Symmetric Cryptography
CIS 4360 Secure Computer Systems Symmetric Cryptography Professor Qiang Zeng Spring 2017 Previous Class Classical Cryptography Frequency analysis Never use home-made cryptography Goals of Cryptography
More informationDefending Against the Sneakers Scenario. Bryan Sullivan, Security Program Manager, Microsoft SDL
Defending Against the Sneakers Scenario Bryan Sullivan, Security Program Manager, Microsoft SDL Crypto systems get broken eh be sure vxuh to wr drink gulqn your brxu rydowlqh ovaltine Why assume that current
More informationUnit 8 Review. Secure your network! CS144, Stanford University
Unit 8 Review Secure your network! 1 Basic Problem Internet To first approximation, attackers control the network Can snoop, replay, suppress, send How do we defend against this? Communicate securely despite
More informationBCA III Network security and Cryptography Examination-2016 Model Paper 1
Time: 3hrs BCA III Network security and Cryptography Examination-2016 Model Paper 1 M.M:50 The question paper contains 40 multiple choice questions with four choices and student will have to pick the correct
More informationMobile Security Fall 2013
Mobile Security 14-829 Fall 2013 Yuan Tian Class #25 Security Misuse in Mobile 2013 Patrick Tague Outline Misuse of SSL in mobile development Misuse of encryption in mobile development Some slides are
More informationJuniper Network Connect Cryptographic Module Version 2.0 Security Policy Document Version 1.0. Juniper Networks, Inc.
Juniper Network Connect Cryptographic Module Version 2.0 Security Policy Document Version 1.0 Juniper Networks, Inc. September 10, 2009 Copyright Juniper Networks, Inc. 2009. May be reproduced only in
More informationCSE 127: Computer Security Cryptography. Kirill Levchenko
CSE 127: Computer Security Cryptography Kirill Levchenko October 24, 2017 Motivation Two parties want to communicate securely Secrecy: No one else can read messages Integrity: messages cannot be modified
More informationOracle Solaris Kernel Cryptographic Framework Software Version 1.0 and 1.1
Oracle Solaris Kernel Cryptographic Framework Software Version 1.0 and 1.1 FIPS 140-2 Non-Proprietary Security Policy Level 1 Validation Version 1.2 12/12/2013 Copyright 2013 Oracle Corporation Table of
More informationOpenSSL is a project comprising (1) a core library and (2) a toolkit. The core library offers an API for developers of secure applications.
1 OpenSSL is a project comprising (1) a core library and (2) a toolkit. The core library offers an API for developers of secure applications. The toolkit offers a series of command-line tools to perform
More informationCryptography. Recall from last lecture. [Symmetric] Encryption. How Cryptography Helps. One-time pad. Idea: Computational security
Recall from last lecture Cryptography To a first approximation, attackers control network Next two lectures: How to defend against this 1. Communicate securely despite insecure networks cryptography 2.
More informationVMware, Inc. VMware Horizon JCE (Java Cryptographic Extension) Module
VMware, Inc. VMware Horizon JCE (Java Cryptographic Extension) Module Software Version: 1.0 FIPS 140-2 Non-Proprietary Security Policy F I P S S E C U R I T Y L E V E L 1 D O C U M E N T V E R S I O N
More informationScanned by CamScanner
Scanned by CamScanner Scanned by CamScanner Scanned by CamScanner Scanned by CamScanner Scanned by CamScanner Scanned by CamScanner Scanned by CamScanner Symmetric-Key Cryptography CS 161: Computer Security
More informationCIS 4360 Introduction to Computer Security Fall WITH ANSWERS in bold. First Midterm
CIS 4360 Introduction to Computer Security Fall 2010 WITH ANSWERS in bold Name:.................................... Number:............ First Midterm Instructions This is a closed-book examination. Maximum
More informationSymmetric-Key Cryptography
Symmetric-Key Cryptography CS 161: Computer Security Prof. Raluca Ada Popa Sept 13, 2016 Announcements Project due Sept 20 Special guests Alice Bob The attacker (Eve - eavesdropper, Malice) Sometimes Chris
More informationOPERATIONS & MAINTENANCE MANUAL. Trivalent Management Service
OPERATIONS & MAINTENANCE MANUAL DECEMBER 2016 Table of Contents Table of Contents 1. Introduction... 1 1.1. Acronyms... 1 1.2. Scope of evaluation... 2 2. Installation... 3 2.1. Uninstalling... 4 3. Overview
More informationProgramming Project #1
CS255: Cryptography and Computer Security Winter 2008 Due: Friday, February 8th, 2008. Programming Project #1 1 Overview For the first programming assignment you will be implementing a password manager,
More informationThis Security Policy describes how this module complies with the eleven sections of the Standard:
Vormetric, Inc Vormetric Data Security Server Module Firmware Version 4.4.1 Hardware Version 1.0 FIPS 140-2 Non-Proprietary Security Policy Level 2 Validation May 24 th, 2012 2011 Vormetric Inc. All rights
More informationIKEv2-SCSI (06-449) Update
1 IKEv2-SCSI (06-449) Update David L. Black 2 IKEv2-SCSI (06-449) Plans and Status Plan Revise IKEv2-SCSI draft for approval at this meeting Reality The best laid schemes o' Mice an' Men... gang aft FCoE!!
More informationProgramming Project #1
CS255: Cryptography and Computer Security Winter 2006 Due: Friday, February 10th, 2006. Programming Project #1 1 Overview For the first programming assignment you will be adding security to a content distribution
More informationUSER GUIDE. Trivalent Protect 2.6 for Android
USER GUIDE NOVEMBER 2017 Table of Contents Table of Contents 1. General Information... 1 1.1. Introduction... 1 1.2. Description... 1 1.3. Benefits & Value... 1 1.4. Platform Requirements... 1 1.5. Application
More information1. OVERVIEW RELEASE ITEMS HOW TO APPLY ADDITIONAL FUNCTIONS AND CHANGE FUNCTIONS FROM PREVIOUS EDITION...
RZ/G Series Release notes for RZ/G Security Solution R01TU0212EJ0100 Document Version 1.00 Table of Contents 1. OVERVIEW... 2 2. RELEASE ITEMS... 4 3. HOW TO APPLY... 6 4. ADDITIONAL FUNCTIONS AND CHANGE
More informationCSE484 Final Study Guide
CSE484 Final Study Guide Winter 2013 NOTE: This study guide presents a list of ideas and topics that the TAs find useful to know, and may not represent all the topics that could appear on the final exam.
More informationArchitectural Support for Copy and Tamper Resistant Software
Architectural Support for Copy and Tamper Resistant Software David Lie, Chandu Thekkath, Mark Mitchell, Patrick Lincoln, Dan Boneh, John Mitchell and Mark Horowitz Computer Systems Laboratory Stanford
More informationAES Code Example
210 Figure 12-1. Block cipher chaining modes 12.1.6. AES Code Example Now that we have covered block ciphers and CBC, we provide a simple Java code example that can encrypt and decrypt using AES in CBC
More informationSatisfying CC Cryptography Requirements through CAVP/CMVP Certifications. International Crypto Module Conference May 19, 2017
Satisfying CC Cryptography Requirements through CAVP/CMVP Certifications International Crypto Module Conference May 19, 2017 Synopsis Background NIAP policy relating to cryptographic requirements NIAP
More informationAPNIC elearning: Cryptography Basics
APNIC elearning: Cryptography Basics 27 MAY 2015 03:00 PM AEST Brisbane (UTC+10) Issue Date: Revision: Introduction Presenter Sheryl Hermoso Training Officer sheryl@apnic.net Specialties: Network Security
More informationL13. Reviews. Rocky K. C. Chang, April 10, 2015
L13. Reviews Rocky K. C. Chang, April 10, 2015 1 Foci of this course Understand the 3 fundamental cryptographic functions and how they are used in network security. Understand the main elements in securing
More informationAsymmetric Cryptography. kprv. kpub. used in digital signature
Digital Signature logical representation: Asymmetric Cryptography plaintext plaintext kpub E kpub () kprv E kprv () ciphertext ciphertext kprv E -1 kprv () kpub E -1 kpub () used in digital envelope plaintext
More informationNIST Cryptographic Toolkit
Cryptographic Toolkit Elaine Barker ebarker@nist.gov National InformationSystem Security Conference October 16, 2000 Toolkit Purpose The Cryptographic Toolkit will provide Federal agencies, and others
More informationInformation System Security
Prof. Dr. Christoph Karg Aalen University Of Applied Sciences Department Of Computer Science Information System Security Exercise: Cryptography with Java October 16, 2017 The goal of this laboratory exercise
More informationComputer Security CS 526
Computer Security CS 526 Topic 4 Cryptography: Semantic Security, Block Ciphers and Encryption Modes CS555 Topic 4 1 Readings for This Lecture Required reading from wikipedia Block Cipher Ciphertext Indistinguishability
More informationSecret-in.me. A pentester design of password secret manager
Secret-in.me A pentester design of password secret manager Who am I? Security engineer Working at SCRT France! Password manager Password A string Secret Information shared by very few people You have to
More informationEncryption of cardholder information. Torbjörn Lofterud Cybercom Sweden East AB.
Encryption of cardholder information Cybercom Sweden East AB 8/13/11 1 torbjorn.lofterud@cybercomgroup.com Information security consultant at Cybercom Sweden AB QSA PA-QSA PFI 8/13/11 2 PCI DSS Common
More informationSlides by Kent Seamons and Tim van der Horst Last Updated: Oct 7, 2013
Digital Signatures Slides by Kent Seamons and Tim van der Horst Last Updated: Oct 7, 2013 Digital Signatures Diagram illustrating how to sign a message Why do we use a one-way hash? How does a collision
More informationOracle Solaris Userland Cryptographic Framework Software Version 1.0 and 1.1
Oracle Solaris Userland Cryptographic Framework Software Version 1.0 and 1.1 FIPS 140-2 Non-Proprietary Security Policy Level 1 Validation Version 1.3 2014-01-08 Copyright 2014 Oracle Corporation Table
More informationWorkshop Challenges Startup code in PyCharm Projects
INTRODUCTION TO CRYPTOGRAPHIC ATTACKS EXERCISE LOGISTICS Workshop Challenges Startup code in PyCharm Projects BLOCK CIPHERS Fixed sized input Random looking output for each message and key Block Cipher
More informationSSL/TLS & 3D Secure. CS 470 Introduction to Applied Cryptography. Ali Aydın Selçuk. CS470, A.A.Selçuk SSL/TLS & 3DSec 1
SSL/TLS & 3D Secure CS 470 Introduction to Applied Cryptography Ali Aydın Selçuk CS470, A.A.Selçuk SSL/TLS & 3DSec 1 SSLv2 Brief History of SSL/TLS Released in 1995 with Netscape 1.1 Key generation algorithm
More informationAutomotive Security An Overview of Standardization in AUTOSAR
Automotive Security An Overview of Standardization in AUTOSAR Dr. Marcel Wille 31. VDI/VW-Gemeinschaftstagung Automotive Security 21. Oktober 2015, Wolfsburg Hackers take over steering from smart car driver
More informationMeru Networks. Security Gateway SG1000 Cryptographic Module Security Policy Document Version 1.2. Revision Date: June 24, 2009
Security Gateway SG1000 Cryptographic Module Security Policy Document Version 1.2 Meru Networks Revision Date: June 24, 2009 Copyright Meru Networks 2008. May be reproduced only in its original entirety
More informationIntroduction to Symmetric Cryptography
Introduction to Symmetric Cryptography Tingting Chen Cal Poly Pomona 1 Some slides are from Dr. Cliff Zou. www.cs.ucf.edu/~czou/cis3360-12/ch08-cryptoconcepts.ppt Basic Cryptography Private Key Cryptography
More informationTRANSITIONING OF CRYPTOGRAPHIC ALGORITHMS IN THE ELECTRONIC BIDDING CORE SYSTEM JACIC Hiroyuki ISHIWATA
TRANSITIONING OF CRYPTOGRAPHIC ALGORITHMS IN THE ELECTRONIC BIDDING CORE SYSTEM 2013.11.8 JACIC Hiroyuki ISHIWATA JACIC Electronic Bidding Core System Development Consortium introduce myself author name:
More informationCryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng
Cryptography Basics IT443 Network Security Administration Slides courtesy of Bo Sheng 1 Outline Basic concepts in cryptography systems Secret key cryptography Public key cryptography Hash functions 2 Encryption/Decryption
More informationAuthenticated Encryption in TLS
Authenticated Encryption in TLS Same modelling & verification approach concrete security: each lossy step documented by a game and a reduction (or an assumption) on paper Standardized complications - multiple
More information9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers
Cryptography Basics IT443 Network Security Administration Slides courtesy of Bo Sheng Basic concepts in cryptography systems Secret cryptography Public cryptography 1 2 Encryption/Decryption Cryptanalysis
More informationIntroduction to Medical Computing
CS 2125 Introduction to Medical Computing Stephen M. Watt The University of Western Ontario Topic 3 Cryptography University of Western Ontario CS 2125. Stephen M. Watt Cryptography Some things should be
More informationHomework 2. Out: 09/23/16 Due: 09/30/16 11:59pm UNIVERSITY OF MARYLAND DEPARTMENT OF ELECTRICAL AND COMPUTER ENGINEERING
UNIVERSITY OF MARYLAND DEPARTMENT OF ELECTRICAL AND COMPUTER ENGINEERING ENEE 457 Computer Systems Security Instructor: Charalampos Papamanthou Homework 2 Out: 09/23/16 Due: 09/30/16 11:59pm Instructions
More informationFIPS Security Policy
FIPS 140-2 Security Policy BlackBerry Cryptographic Library Version 2.0.0.10 Document Version 1.2 BlackBerry Certifications, Research In Motion This document may be freely copied and distributed provided
More informationCS155. Cryptography Overview
CS155 Cryptography Overview Cryptography! Is n A tremendous tool n The basis for many security mechanisms! Is not n The solution to all security problems n Reliable unless implemented properly n Reliable
More informationThe Linux Kernel Cryptographic API
Published on Linux Journal (http://www.linuxjournal.com) The Linux Kernel Cryptographic API By James Morris Created 2003-04-01 02:00 This article provides a brief overview of the new cryptographic API
More informationSecurity Requirements for Crypto Devices
Security Requirements for Crypto Devices Version 1.0 02 May 2018 Controller of Certifying Authorities Ministry of Electronics and Information Technology 1 Document Control Document Name Security Requirements
More informationThe question paper contains 40 multiple choice questions with four choices and students will have to pick the correct one (each carrying ½ marks.).
Time: 3hrs BCA III Network security and Cryptography Examination-2016 Model Paper 2 M.M:50 The question paper contains 40 multiple choice questions with four choices and students will have to pick the
More informationThere are numerous Python packages for cryptography. The most widespread is maybe pycrypto, which is however unmaintained since 2015, and has
1 There are numerous Python packages for cryptography. The most widespread is maybe pycrypto, which is however unmaintained since 2015, and has unpatched buffer-overflow vulnerabilities. New projects should
More informationLeveraging Intel SGX to Create a Nondisclosure Cryptographic library
CS 2530 - Computer and Network Security Project presentation Leveraging Intel SGX to Create a Nondisclosure Cryptographic library Mohammad H Mofrad & Spencer L Gray University of Pittsburgh Thursday, December
More informationCrypto Basics: History, Applied Cryptography in IT Security Today and in the Next Year
SESSION ID: Crypto Basics: History, Applied Cryptography in IT Security Today and in the Next Year Dan Bailey Chief Security Architect Carbonite @dansinferno What is Applied Cryptography? Transforming
More informationExtended Package for Secure Shell (SSH) Version: National Information Assurance Partnership
Extended Package for Secure Shell (SSH) Version: 1.1 2016-11-25 National Information Assurance Partnership Revision History Version Date Comment 0.9 2015-08-19 First Draft - Extended Package for Secure
More informationSecurity in NVMe Enterprise SSDs
Security in NVMe Enterprise SSDs Radjendirane Codandaramane, Sr. Manager, Applications, Microsemi August 2017 1 Agenda SSD Lifecycle Security threats in SSD Security measures for SSD August 2017 2 SSD
More informationSoftware Interfaces to Cryptographic Primitives
Software Interfaces to Cryptographic Primitives Frank Piessens (Frank.Piessens@cs.kuleuven.be ) Secappdev 2007 1 Overview Introduction Cryptographic Primitives Cryptographic API s Key Management Issues
More informationTabular Presentation of the
Tabular Presentation of the Protection Profile for Application Software Version: 1.3 2018-03-07 National Information Assurance Partnership Revision History Version Date Comment Introduction This document
More informationSecurity Policy Document Version 3.3. Tropos Networks
Tropos Control Element Management System Security Policy Document Version 3.3 Tropos Networks October 1 st, 2009 Copyright 2009 Tropos Networks. This document may be freely reproduced whole and intact
More informationCryptographic Systems
CPSC 426/526 Cryptographic Systems Ennan Zhai Computer Science Department Yale University Recall: Lec-10 In lec-10, we learned: - Consistency models - Two-phase commit - Consensus - Paxos Lecture Roadmap
More informationCryptographic Primitives A brief introduction. Ragesh Jaiswal CSE, IIT Delhi
Cryptographic Primitives A brief introduction Ragesh Jaiswal CSE, IIT Delhi Cryptography: Introduction Throughout most of history: Cryptography = art of secret writing Secure communication M M = D K (C)
More information3 Symmetric Key Cryptography 3.1 Block Ciphers Symmetric key strength analysis Electronic Code Book Mode (ECB) Cipher Block Chaining Mode (CBC) Some
3 Symmetric Key Cryptography 3.1 Block Ciphers Symmetric key strength analysis Electronic Code Book Mode (ECB) Cipher Block Chaining Mode (CBC) Some popular block ciphers Triple DES Advanced Encryption
More informationNetwork Security Technology Project
Network Security Technology Project Shanghai Jiao Tong University Presented by Wei Zhang zhang-wei@sjtu.edu.cn!1 Part I Implement the textbook RSA algorithm. The textbook RSA is essentially RSA without
More informationAnalysing Cryptographic Hardware Interfaces with Tookan
Analysing Cryptographic Hardware Interfaces with Tookan Graham Steel joint work with R. Bardou, M. Bortolozzo, M. Centenaro, R. Focardi, Y. Kawamoto, L. Simionato, J.-K. Tsay Graham Steel September 23,
More informationSony Security Module. Security Policy
Sony Security Module Security Policy Document Version 1.0.0 Sony Corporation FIPS 140-2 Non-Proprietary Copyright 2010 Sony Corporation TABLE OF CONTENTS 1. MODULE OVERVIEW... 3 2. SECURITY LEVEL... 5
More informationSymantec Corporation
Symantec Corporation Symantec PGP Cryptographic Engine FIPS 140-2 Non-proprietary Security Policy Document Version 1.0.4 Revision Date 05/01/2015 Symantec Corporation, 2015 May be reproduced only in its
More informationCPSC 467: Cryptography and Computer Security
CPSC 467: Cryptography and Computer Security Michael J. Fischer Lecture 24a December 2, 2013 CPSC 467, Lecture 24a 1/20 Secure Shell (SSH) Transport Layer Security (TLS) Digital Rights Management and Trusted
More informationPOST-QUANTUM CRYPTOGRAPHY VIENNA CYBER SECURITY WEEK DR. DANIEL SLAMANIG
POST-QUANTUM CRYPTOGRAPHY VIENNA CYBER SECURITY WEEK 2018 02.02.2018 DR. DANIEL SLAMANIG WHAT IS POST-QUANTUM CRYPTOGRAPHY? Also called quantum safe/resistant cryptography NOT quantum cryptography (= quantum
More informationSecurity+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 11 Basic Cryptography Objectives Define cryptography Describe hashing List the basic symmetric cryptographic algorithms 2 Objectives
More informationFindings for
Findings for 198.51.100.23 Scan started: 2017-07-11 12:30 UTC Scan ended: 2017-07-11 12:39 UTC Overview Medium: Port 443/tcp - NEW Medium: Port 443/tcp - NEW Medium: Port 443/tcp - NEW Medium: Port 80/tcp
More informationCryptography MIS
Cryptography MIS-5903 http://community.mis.temple.edu/mis5903sec011s17/ Cryptography History Substitution Monoalphabetic Polyalphabetic (uses multiple alphabets) uses Vigenere Table Scytale cipher (message
More informationSecurity in NFC Readers
Security in Readers Public Content and security, a different kind of wireless Under the hood of based systems Enhancing the security of an architecture Secure data exchange Information security goals Cryptographic
More informationMTAT Applied Cryptography
MTAT.07.017 Applied Cryptography Block Ciphers (AES) University of Tartu Spring 2017 1 / 17 Block Ciphers Properties: Deterministic Without the key plaintext cannot be found Valid plaintext-ciphertext
More informationCryptographic Mechanisms: Recommendations and Key Lengths
Technical Guideline TR-02102-4 Cryptographic Mechanisms: Recommendations and Key Lengths Part 4 Use of Secure Shell (SSH) (Version 2018-01) Federal Office for Information Security P.O.B. 20 03 63 D-53133
More informationComputer Security. 10r. Recitation assignment & concept review. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 10r. Recitation assignment & concept review Paul Krzyzanowski Rutgers University Spring 2018 April 3, 2018 CS 419 2018 Paul Krzyzanowski 1 1. What is a necessary condition for perfect
More informationSamsung FIPS BC for Mobile Phone and Tablet FIPS Security Policy
Version 1.6 Last Update: 2014-02-11 Trademarks... 3 1. Introduction... 4 1.1. Purpose of the Security Policy... 4 1.2. Target Audience... 4 2. Cryptographic Module Specification... 5 2.1. Description of
More informationGELI Disk Encryption in FreeBSD
GELI Disk Encryption in FreeBSD Michal Borysiak borysiam@gmail.com November 15, 2018 Disk encryption facilities in FreeBSD GBDE (GEOM-based Disk Encryption) FreeBSD 5, 2003 Poul-Henning Kamp GEOM module
More informationApps with Hardware Enabling Run-time Architectural Customization in Smart Phones
Apps with Hardware Enabling Run-time Architectural Customization in Smart Phones Michael Coughlin, Ali Ismail, Eric Keller University of Colorado Boulder Mobile Devices Devices are designed around certain
More informationHewlett-Packard Development Company, L.P. NonStop Volume Level Encryption (NSVLE) Product No: T0867 SW Version: 2.0
Hewlett-Packard Development Company, L.P. NonStop Volume Level Encryption (NSVLE) Product No: T0867 SW Version: 2.0 FIPS 140 2 Non Proprietary Security Policy FIPS Security Level: 1 Document Version: 1.3
More informationComputer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08. Cryptography Part II Paul Krzyzanowski Rutgers University Spring 2018 March 23, 2018 CS 419 2018 Paul Krzyzanowski 1 Block ciphers Block ciphers encrypt a block of plaintext at a
More informationDyadic Security Enterprise Key Management
Dyadic Security Enterprise Key Management The Secure-as-Hardware Software with a Mathematical Proof Dyadic Enterprise Key Management (EKM) is the first software-only key management and key protection system
More informationUnderstanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl
Understanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl www.crypto-textbook.com Chapter 5 More About Block Ciphers ver. November 26, 2010 Last modified 10-2-17
More informationAdvanced Android Security APIs. KeyStore and Crypto VPN
Advanced Android Security APIs KeyStore and Crypto VPN 1 KEYCHAIN AND CRYPTO APIS Like any other OS: support for crypto operations - SecureRandom: generate cryptographically secure random data E.g., seeding
More informationBCM58100B0 Series: BCM58101B0, BCM58102B0, BCM58103B0 Cryptographic Module VC0 Non-Proprietary Security Policy Document Version 0.
BCM58100B0 Series: BCM58101B0, BCM58102B0, BCM58103B0 Cryptographic Module VC0 Non-Proprietary Security Policy Document Version 0.8 Broadcom Ltd. Revision Date: 2016-05-25 Copyright Broadcom 2016. May
More informationFIPS Level 1 Validation March 31, 2011 Version 1.12
KoolSpan TrustChip Developer Kit (TDK) Cryptographic Library Version 3.0 Security Policy FIPS 140-2 Level 1 Validation March 31, 2011 Version 1.12 Table of Contents 1 Introduction... 1 1.1 Acronyms and
More informationContents. Overview Project Environment
Contents Overview ---------------------------------------------------2 Project Environment ---------------------------------------------------2 Key Points ---------------------------------------------------2
More informationARX (Algorithmic Research) PrivateServer Hardware version 4.7 Firmware version 4.8.1
ARX (Algorithmic Research) PrivateServer Hardware version 4.7 Firmware version 4.8.1 FIPS 140-2 Non-Proprietary Security Policy Level 3 Validation April 2012 Copyright 2012 Algorithmic Research This document
More informationCS 161 Computer Security
Popa & Wagner Spring 2016 CS 161 Computer Security Midterm 2 Print your name:, (last) (first) I am aware of the Berkeley Campus Code of Student Conduct and acknowledge that academic misconduct will be
More informationECE 646 Fall 2009 Final Exam December 15, Multiple-choice test
ECE 646 Fall 2009 Final Exam December 15, 2009 Multiple-choice test 1. (1 pt) Parallel processing can be used to speed up the following cryptographic transformations (please note that multiple answers
More informationCrypto Catalog. Version: National Information Assurance Partnership
Crypto Catalog Version: 1.0 2017-04-19 National Information Assurance Partnership 1 Revision History Version Date Comment 1.0 Contents 1. Introduction 1.1. Overview 1.2. Terms 1.2.1. Common Criteria Terms
More informationTungsten Security Whitepaper
Tungsten Labs UG (haftungsbeschränkt) Email: contact@tungsten-labs.com Web: http://tungsten-labs.com Monbijouplatz 5, 10178 Berlin Tungsten Security Whitepaper Berlin, May 2018 Version 1 Contents Introduction
More informationCryptography III. Public-Key Cryptography Digital Signatures. 2/1/18 Cryptography III
Cryptography III Public-Key Cryptography Digital Signatures 2/1/18 Cryptography III 1 Public Key Cryptography 2/1/18 Cryptography III 2 Key pair Public key: shared with everyone Secret key: kept secret,
More informationFIPS Security Policy. for Marvell Semiconductor, Inc. Solaris 2 Cryptographic Module
FIPS 140-2 Security Policy for Marvell Semiconductor, Inc. Solaris 2 Cryptographic Module Hardware Version: 88i8925, 88i8922, 88i8945, and 88i8946 Firmware Version: Solaris2-FIPS-FW-V1.0 Document Version:
More informationECE 646 Fall 2015 Term Project. Overview, comparison of open crypto libraries for application development. By Ravi Kota
ECE 646 Fall 2015 Term Project Overview, comparison of open crypto libraries for application development. By Ravi Kota Goal How to determine which open source crypto library or libraries can be considered
More informationPass, No Record: An Android Password Manager
Pass, No Record: An Android Password Manager Alex Konradi, Samuel Yeom December 4, 2015 Abstract Pass, No Record is an Android password manager that allows users to securely retrieve passwords from a server
More information