Privacy, Verification, Incentives

Created Tuesday 04 June 2024

Week 5 - Encryption


Sending VERIFIABLE secrets


ALICE needs to send a verifiable message to BOB but CAROL is trying to listen in.

Some definitions:

CLEARTEXT - (should be obvious)
CIPHER - The system of encryption
CIPHERTEXT - the (hopefully not-understandable) gibberish generated
KEY - the arbitrary DECODING or ENCODING "thing/data/password-ish thing" - sometimes not both.

Steganography

Examples:
- fake personal ad to say something else
- having a safe but hiding valuables in a shoebox
- weird bits in a jpg

Steganography is less preferred..

..when your attacker can potentially "see" everything.
EG, the internet, or even...

Some standard ideas

Security through obscurity* is generally a bad idea:

*The STRICT definition, meaning
"Relying on secrecy in implementation or design,
NOT in the key"

Security through obscurity

"Any person can invent a security system so clever that she or he can't think of how to break it."
Schneier's Law

(you can generalize this to a lot of things; e.g. Open Source, Auditing, etc)

Never roll your own

(Or better yet, do, and throw it out. You'll learn something)


Better

Quick note on "Security Through Obscurity"

Sometimes people use this as an equivalent to Steganography, though not quite.

I.E the great

"Should you change your SSH Port" Debate?"

What's the answer?


Against a determined attacker trying to get you personally? No point.

But, as the joke goes, it won't make you faster than the bear, but it will
make you faster than the other hunter.

It's MATH all the way down

One Way Strategies.

Really, it's KEY exchange that's a big deal

If you and your conspirator can "meet" - this makes things easy:

or better yet

(Note that OAuth 2FA is *a lot* like this, but not identical. The overriding 2FA code is like the "book")

But, we are usually "strangers"

Enter PUBLIC KEY ENCRYPTION


So we use this for KEY encryption

The weird flipside of this:

SIGNATURES

IMPORTANT PRACTICAL PRINCPLES


RANDOMNESS

Pseudo-randomness is easy:
"Multiply big'ol numbers a bunch and chop off the beginning of them"

TRUE Randomness is surprisingly hard

RANDOMNESS

In a sense, you can't do it "inside" the computer.

Cloudflare


Backdoors

Yep, they're going to KEEP TRYING THIS MESS.



PRACTICAL MATTERS

DON'T ROLL YOUR OWN...better yet

PRACTICAL MATTERS

DEMAND only free and open source here, confirmed by e.g. NIST

Anything else is almost CERTAINLY compromised in real life.

PRACTICAL MATTERS

All software is imperfect and may have bugs;
..watch out as they may try to use this against you.

PRACTICAL MATTERS

Don't fall for the "Security through Obscurity" trap
(as in, actually reinforce, don't just hide)


PRACTICAL MATTERS

- OR for the "Security through Obscurity trap" trap
(additional hiding to reinforcement isn't bad, aka someone might seriously say, DONT PAINT THIS CAMO.)



Rubber Hose Decryption


Watch the endpoints, this is where the vulnerabilities are


Finally - encrypted AGAINST WHOM?

You'll have to do a fair bit of "game theoretical" thinking here,
when you're dealing with "black-box" encryption.
E.g. Whatsapp claims to be end-to-end encrypted?
I legit don't know.


Week 6 - Passwords and Hashing

Created Monday 28 September 2020

Passwords


When you lose your password, what does the website do?


Make you change it?

Or

Send you a copy of it.


If they're nice enough to send you your password,

you can rest assured..

If they're nice enough to send you your password,

you can rest assured..



that they suck at security.



Good websites CANT send you your password.

Because they don't actually know it.

HOW?

Obviously, if you're storing passwords, you want them "encrypted"
One way to do this:

1) Get their password
2) Save it on your computer
3) Then, encrypt it for safety.

but wait

What do we REALLY need?

The actual password

or

simply:
Proof that they typed in the same thing both times?




What do we REALLY need?


Remember: "encrypting" something always yields:

GIBBERISH that MUST BE
UNIQUE

"MyPassword123" > ab18db351a3ed3849cca9839d98381ee6392eeb391baa39d766290082812d9eceab




So, let's just switch it:

ANOTHER way to do this: ON FIRST LOGIN

1) Get their password
2) ENCRYPT IT FIRST for safety.
3) Then save the ENCRYPTED password.


So, let's just switch it:

ON NEXT LOGIN

1) Get password
2) Encrypt it the same way, then compare the gibberish!


SO NOT

"MyPassword123" = "MyPassword123"

but instead..



"ab18db351a3ed3849cca9839d98381ee6392eeb391baa39d766290082812d9eceab"
=
"ab18db351a3ed3849cca9839d98381ee6392eeb391baa39d766290082812d9eceab"?

And "MyPassword123" IS NOT ON THE SERVER

But wait: Let's do one more thing?

Do we really need all of this?

"ab18db351a3ed3849cca9839d98381ee6392eeb391baa39d766290082812d9eceab"
=
"ab18db351a3ed3849cca9839d98381ee6392eeb391baa39d766290082812d9eceab"?


But wait: Let's do one more thing?

What about just:

"ab18db351a3"= "ab18db351a3"*

As long as
we use ALL the data in the original to get this number
And it's STILL mathematically unliklely that two different passwords will yield the same short gibberish, we're good to go.
*you don't quite just cut a chunk off, but it's like this

But wait: Let's do one more thing?

Do we really need all of this?

"ab18db351a3"= "ab18db351a3"*

ADVANTAGES:
It's shorter
Now you LITERALLY CANNOT "decrypt" it because you're missing some information. This is good!
And, now - we can use this verification method on things other than passwords as well.

Hashing

"Used to map data of arbitrary (big) size,

to (non-informative) data of fixed (small) size."


To Illustrate, first something slightly dumber...


File Verification
Presumption: The network (or person) is imperfect. The bytes we receive may not always be the exact ones that were sent.

Also: The network or verification is "slow"

We need a shorter, but verifiable, version of the data.

Basic Checksumming

(technically the following is NOT checksumming)

Basic Checksumming


The grocery list:

Cheese
Crackers
Eggs
Ham
Koala
Mangoes
Salt
Underwear

Send the following...

Cheese
Ham
Eggs
Crackers
Koala
Salt
Underwear
Mangoes
CHECKSUM.45

CHECKSUM.45 = CHECKSUM.45

If the reciever gets

Cheese
Ham
Eggs
Crackers
Salt
Underwear
Mangoes
CHECKSUM.45

CHECSUM.40 = CHECKSUM.45? NO, SEND AGAIN.

Hashing


Error checking/Checksumming.

One tiny change in the original still means BIG changes in the gibberish.

(MD5, which is fast, but not super-secure) is good for this)



Verification:

Hashing Uses
Error Checking/Checksums
Password "Storage"
Bitcoin/Cryptocurrencies
Passwords

They don't store your password

(your secret ingredient)

They just store the entire milkshake....and calculate/mix it every time.

(don't use MD5, use something deliberately slow, like bcrypt)

To abuse some more analogies..


Consider your mom's _______ recipe?
(milkshake?)

Even if you don't know the ingredients..
... you know when it's WRONG :)

How passwords are done

Horrible - storing the password

Better but still bad - storing the password hashed

Decent - storing "userid+password" hashed

Best - storing "userid+password+salt" hashed

For example

Login: jmarks
password: g00dpassword
(salt): b00gab00ga (or better yet, change it every time)
jmarks+g00dpassword+b00gab00ga
==HASHED==>
02f39aae85ad73e162b446e918597e89


Real life





Is Cybersecurity THAT bad today?


imho, yes.

This engineering v?



This


Sigh, passwords for humans

In the beginning, there was leetspeak

or should I say 1337sp34k.

n00b pr0n lololol

Hey, why did this happen in the first place? Not for passwords...

1337sp34k


We do this now, except we say things like "unalived" and "PDF file"

Warning: Controversy ahead.


I'm following NIST, what they say makes A LOT OF SENSE to me:
You WILL see disagreement, feel free to form your own opinion

The Good Idea

Allow for, and perhaps require LENGTH.

That's IT.

Think passPHRASES, not words

The Good Idea


Bad ideas

Composition rules:

"At least one upper and one lowercase and a number.."

(We have a better solution, which is length)

Bad ideas

Password rotation - i.e. Change passwords every:

NAH, just pick a good one in the first place

Bad ideas

Password hints and Security Questions aka
Knowledge Based Authentication
ALWAYS LIE ON THESE. THEY ARE JUST SECONDARY PASSWORDS

https://www.mcsweeneys.net/articles/nihilistic-password-security-questions


Not NIST, but what I recommend

Make a good password

Write them down on paper and put in your wallet or purse. (Schneier agrees)

If you think you gangsta like I do

Remember the encryption thing you just did?

I write down my passwords in an encrypted text file. That's it.


Password Managers?

teach the controversy I guess.
They make NO SENSE to me, but clearly some find them acceptable.


2fa - Two Factor Authentication

Usually, a password and .. something else

Something else?

SMS?
Email?
Authenticator?
Hardware?

SMS


Not bad, but proving to be grimy, because cell phone companies aren't good at this..

Email


Also not bad, but it's like the default backup for everything, so there you go.

Authenticators

e.g. Oauth. Pretty good. One time passwords, very similar to the "Bookstore Method"

PS, YEP, I STORE MY OAUTH KEYS in that same file and generate my 2fa #s from the command line. WHAT.

FIDO - Hardware


I mean, I suppose.


Other ideas, again:

(prof's opinion)

Biometrics are stupid*

Other ideas, again:


Biometrics are as stupid as Social security numbers
(i.e. decent USERNAMES or slight SECURITY THROUGH OBSCURITY)
I don't use 'em.



A Warning:

Practicing what we discuss today can just as easily
get you fired as get you promoted.

Though we don't touch computers today, I'd
guess that today's is potentially the most hazardous to your career.


A bold idea:

You might be able to be really good at cybersecurity without knowing anything about computers.


This guy....



So what then?

SKIN IN THE GAME

Shift the risk to the responsible party.
That's the tweet.

Hammurabi's Code


If a builder builds a house for a man and does not make its construction firm, and the house which he has built collapses and causes the death of the owner of the house, that builder shall be put to death.

Whoa.

Grimy, I know:

The idea being: This sort of system sets up better incentives than the ones that came before.

Lots of milder examples:

Dogfooding:
The people who made Discord use Discord.
versus
When Yahoo Mail was a thing, more people were using Gmail.

MY DOMAIN AND EMAIL at jrm4.com

I pay 5 bucks a month for jrm4.com email and hosting.
This is very much more expensive than free, but....

MY DOMAIN AND EMAIL at jrm4.com

I can call and chat and yell at people if I have to, because HOSTDIMES reputation is on the line.
And so, true story, what if your dad manages to inexplicably delete all his email?
They said, we can fix this, but it will cost you.

MY DOMAIN AND EMAIL at jrm4.com

I can call and chat and yell at people if I have to, because HOSTDIMES reputation is on the line.
And so, true story, what if your dad manages to inexplicably delete all his email?
They said, we can fix this, but it will cost you FIFTEEN DOLLARS!!!

SO THEN

When some smug sales rep from TechnoSafeCo shows up at your organization:
We use the latest 256-bit SSL encrypted zippity zorp doobie doo
to fragulate your mainframes flux capacitor for 99.9% reliability!


SO THEN

You raise your hand and say 99.9%? GREAT!

Our data and relationships are worth a million dollars. We'll pay you $1000 a month...
...if YOU INDEMNIFY US IN CASE OF A BREACH.
i.e., we get breached, you pay us a million*

Risk Calculation

If 100 houses are each worth $100,000
and 1 house burns down every year
Then a reasonable insurance premium would be $1000 per homeowner...
..which goes to paying for the one house that burns down every year.

Switch out some words

If 100 cyber companies are each worth $100,000
and 1 is hacked out of existence every year
Then a reasonable insurance premium would be $1000 per company...
..which goes to paying for the one company that burns down every year.


SO THEN


Fairly certain LITERALLY NO TECH COMPANY
DOES THIS.

SO THEN

*Again, this will either save your company or get you fired for saying it out loud.

GOOD LUCK!

(shout out to the hero Todd Davis)

External Incentives (presently weak or nonexistent)

Regulation
Liability (Tort Law)
Contract


Time permitting...



Hey, so hashing again?

Hey, so these hashes
They look like--
02f39aae85ad73e162b446e9

What are the odds that it would look like, say..
00000ae85ad73e162b446e9

Not IMPOSSIBLE, just VERY UNLIKELY.

A bit on banks and money

What is most money "made of?" How is it stored? Coins and little green pieces of paper?



A bit on banks and money

What is most money "made of?" How is it stored? Coins and little green pieces of paper?

NOPE.

Just (trusted) lists. Ledgers in banks and such.
Usually "digital"

In fact, lists are older than "money" itself.

Not dollars, but a list somewhere that says
"Ug owes Oof two cows"
"Oof owes Grok a stick"
or more accurately
"everybody owes the king taxes"

theorem: any system that involves writing down "ownership" and "what you've paid" for is (possibly) a bank = (gamestop, even)

But, you also might want "pieces/tokens"


GOLD AND DIAMONDS HA HA HA

(wait, seriously. Why are diamonds more expensive than water?)

Bitcoin and most other "Cryptocurrencies"

(note, some others don't work exactly this way)
A huge encoded/distributed online ledger/list, also called a "blockchain"

Powered/driven by "mining" (which is more like a slot machine, pull the lever, power the thing, and see if you "win")

Mining Bitcoin?

Randomly trying to find "nice looking" hashes.

......4E9BB99 nope.

.......000000 yep! $$$$

Mining

When you download a bitcoin (full node) wallet program, you literally have to get a copy of every single transaction ever.

Transactions are computationally expensive.
The "Mining" also powers the "hashed transactions..eg."

02b23 gave bf239 .005 bitcoins. I can prove it because the hash of this transaction is =>
081ee23

Add this to the chain and spread it around.

Bitcoin transaction.

You "add your new or old hash movement" to the ledger. By making another special hash. Which is "expensive."

This work powers the blockchain and "proves" that you've put in work. By design, the system "rewards" you for it.
Bitcoin transaction.

Now, why is it valuable?


Because people believe it is.

See also: gold, beanie babies, crappy companies, virtual swords, pokemon cards, sneakers, whatevs.

Bitcoin transaction.

PS: Crypto addresses? Just numbers in different bases (sometimes with a prefix):
Functionally similar to public keys
ETH/PLS: 0x19C653CB3D30EeEe2F99f9f4B987E3b22880FFCF

(this is 100% real, please feel free to send me money :) )


"Blockchain"

It's a large public database, in which everyone can see every transaction. That's all.

Now give me a bunch of money because I just said "blockchain" :)



Backlinks: FSU Courses:LIS5411:Raw Slides