6005 CEM

Week 4: Crypto 1

Introduction

Topics

Round up of this weeks Offline work
Discussion + Task
(Break)
GOTO 2

Topics

History of Crypto
Passwords
Encoding
Hashing

Coursework’s

Talk though these

Question

Any points we want to Cover?

Passwords (POLL)

Something we Know
Not getting away from them
So what makes a strong password?

Password Entropy

Longer the Better
72ⁿ where N is the length
How to Remember them?

Password Managers (POLL)

From Aula some good points on both sides.
- Good because they stop reuse
- Good because it makes strong easy to remember
- Bad because of a single point of failure
- Bad because of Trust

Horse Battery Staple Correct

Discussion:

Any Flaws With this (or the 3 words Strategy)

Encoding

It’s Not Crypto

But it might look like it….
Transform a set of bytes into another format
Helps us deal with different transmission protocols.

URL Encoding

Convert a set of chars into a well known alphabet for ASCII transmission
Work around magic characters (like &, ?)

A Good question

Do we still need to use it, as its done automatically?

URL Encoding Demo

Cyber Chef
Python

Base 64

Another very common conversion
Bytes to UPPER, lower, Numbers, +2 Other
Easy enough to spot (Look for %3 or =)

Base 64 Demo

Toll House (Basic Auth)
Command Line in Linux

Hashing

What is hashing?

POLL

Hashing

One way (non Reversable) function to convert data to a fixed length string
- Storing Passwords
- Checking Authenticity
- Anything Else?

Checking Authenticity

A small change in input == large change in hash

Take the Hash of a file and send it with the doc
If the doc gets manipulated, the hash will change.

Storing Passwords

Instead of storing plain text password
We store the hash
User input is converted to Hash and checked

Where To Hash the Password

POLL
- Client Side?
- Server Side?

Where to Hash the password

In general doing anything Client side is a bad idea
We have seen how easy it is to manipulate requests
How can we trust that the Client side stuff is done correctly?
- Will DEMO on Monday.

Pass the Hash Attack

One of many Weakness in old windows storage
We get the hash and use that to authenticate.
Will post on Aula about it.

Hashing Algorithms

MD5: No Longer Secure
SHA Family
Brypyt

Hashing Algorithm Types

Fast (SHA, MD5 )
Slow (Bcrypt)

Hashing In Python Demo

Lets Hash with MD5

Your Turn

Write a program that takes user input and converts it to a sha512 hash
https://docs.python.org/3/library/hashlib.html

Hashing Flaws

We can get lists of common passwords
If we spend some time hashing all of them, we can just do a lookup.
Lots of Effort once…

Hashing Flaws

- MD5: 1c63129ae9db9c60c3e8aa94d3e00495
- SHA512: 0cc9d1ea89d4b916db12c6148fc99573f300c85c98c78baa8ea62a0aef6ed68a5f2a575cee79014a15340b7d9341f6b7bfe06864ed5382a8b589dd4d401cf870

Hash Cracking Code

DEMO https://raw.githubusercontent.com/danielmiessler/SecLists/master/Passwords/Common-Credentials/10-million-password-list-top-1000.txt

Hash Cracking

Your Turn:
Write a md5 hash cracking tool and try it on
- da443a0ad979d5530df38ca1a74e4f80
- 40be4e59b9a2a2b5dffb918c0e86b3d7
- f34c903e17cfeea18e499d4627eeb3ec

Using a Salt

Mitigates the problem of lookup tables
Prefix of Affix some extra text to the input before hashing
Now means we need to generate a lookup table for EVERY salt.

Using a Salt

password1
SALTpassword1
password1SALT

Choosing a Salt

Random
Longer is better
Should be unique for DB Entries

Where to Store the Salt

POLL

Where to Store the Salt

It doesn’t need to be secret
- Knowing the salt wont help us derive the plaintext
- Convenience of keeping it with the PW

Generating Salted Passwords

DEMO

Cracking Salted Password

Generate all possible Salt Values (Rainbow Tables)
Brute force each password individually

Cracking Salted Passwords. Static Salt

Your Turn

Cracking Passwords: Non Static Salt

If we have time

Summary

Encoding isn’t crypto
Hashing