D4
/
architecture
mirror of https://github.com/D4-project/architecture
2
0
Fork 0
Code Issues Releases Wiki Activity

chg: [workshop] LEA and encryption

master
Jean-Louis Huynen 2019-11-20 07:23:44 +01:00
parent 67715543e9
commit cf331db122
No known key found for this signature in database
GPG Key ID: 64799157F4BD6B93
3 changed files with 84 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
docs/workshop/5-snake-oil-crypto/soc.pdf
View File

Binary file not shown.

93
docs/workshop/5-snake-oil-crypto/soc.tex
View File

@ -251,6 +251,17 @@ codebook to crack it.
\end{frame} \end{frame}
\begin{frame}
\frametitle{Quantifying Security}
RSA 2048 is roughly 100 bits security.
\begin{itemize}
\item
\end{itemize}
\end{frame}
\begin{frame} \begin{frame}
\frametitle{Type of encryption} \frametitle{Type of encryption}
@ -296,10 +307,10 @@ codebook to crack it.
\frametitle{Encryption Workarounds~\cite{kerr2017}} \frametitle{Encryption Workarounds~\cite{kerr2017}}
\begin{quote} \begin{quote}
Any effort to reveal an unencrypted version of a target's data that Any effort to reveal an unencrypted version of a target's data that
has been concealed be encryption. has been concealed by encryption.
\end{quote} \end{quote}
\begin{itemize} \begin{itemize}
\item Try to get the key: \item {\bf Try to get the key:}
\begin{itemize} \begin{itemize}
\item {\bf Find the key:} \item {\bf Find the key:}
\begin{itemize} \begin{itemize}
@ -311,8 +322,8 @@ codebook to crack it.
\end{itemize} \end{itemize}
\item {\bf Guess the key:}, \item {\bf Guess the key:},
\begin{itemize} \begin{itemize}
\item Whereas encryption keys are usually too hard to guess (but more on that \item Whereas encryption keys are usually too hard to guess (eg.
later...), 128bits security is $2^{128}$ trials (universe is $2^{88}$ ns old)),
\item passphrases are usually shorter to be memorizable, and are \item passphrases are usually shorter to be memorizable, and are
linked to the key, linked to the key,
\item some systems have limitations on sorts of passwords (eg. 4/6 \item some systems have limitations on sorts of passwords (eg. 4/6
@ -322,27 +333,71 @@ codebook to crack it.
\item dictionaries and password generation rules (\footnote{\url{https://hashcat.net/hashcat/}}). \item dictionaries and password generation rules (\footnote{\url{https://hashcat.net/hashcat/}}).
\item Offline / online attacks (eg. 13 digits pw: 25.000 on an \item Offline / online attacks (eg. 13 digits pw: 25.000 on an
iphone VS matter of minutes offline), iphone VS matter of minutes offline),
\item + beware devices protection when online (eg. iphone erase on failure). \item + beware devices protection when online (eg. iphone erase on repeated failures).
\end{itemize} \end{itemize}
\item {\bf Compel the key:} \item {\bf Compel the key:}
\begin{figure} \begin{figure}
\centering \centering
\includegraphics[width=180px]{security.png} \includegraphics[width=180px]{security.png}
\end{figure} \end{figure}
\end{itemize} \end{itemize}
\item Try to access the PlaintText without the key:
\begin{itemize}
\item Exploit a Flaw,
\item Access Plaintext when in use,
\item Locate Plaintext copy
\end{itemize}
\end{itemize}
{\bf No workaround works every time.}
\item {\bf Try to access the PlainText without the key:}
\begin{itemize}
\item {\bf Exploit a Flaw:}
\begin{itemize}
\item Weakness in the algorithm (more on that later),
\item weakness in the random-number generator (more on that later),
\item weakness in the implementation,
\item bugs (eg. Gordon's exploit on android in
2015\footnote{\url{https://cve.circl.lu/cve/CVE-2015-3860}}),
\item backdoors (eg. NSA NOBUS -Bullrun program- Dual EC-DRBG~\cite{eprint-2015-26238}
\end{itemize}
\item {\bf Access PlainText when in use:}
\begin{itemize}
\item Access live system memory,
\item especially useful against Full Disk Encryption,
\item Seize device while in use,
\item remotely hack the device,
\item ``Network Investigative Technique'' (eg. Playpen case
against tor).
\end{itemize}
\pagebreak
\item {\bf Locate a PlainText copy:}
\begin{itemize}
\item Avoid encryption entirely,
\item cloud providers (eg. emails),
\item remote cloud storage (eg. iCloud),
\end{itemize}
\end{itemize}
\end{itemize}
\vspace{5mm}
{\bf Takeaways:}
\begin{itemize}
\item {\bf No workaround works every time:} the fact that a target used
encryption does not mean that the investigation is over.
\item {\bf some workarounds are expensive:} exploiting.
\item {\bf expertise may be have to be found outside of the
governments:} vendors' assistance?
\end{itemize}
\framebreak \framebreak
In short, crypto-systems have weaknesses: Technically, we can retain that crypto-systems have weaknesses:
\begin{itemize} \begin{itemize}
\item key generation, \item key generation,
\item key length, \item key length,

10
docs/workshop/references.bib
View File

@ -135,4 +135,14 @@
url = {https://doi.org/10.2139/ssrn.2938033}, url = {https://doi.org/10.2139/ssrn.2938033},
} }
@Article{eprint-2015-26238,
author = {Daniel J. Bernstein and Tanja Lange and Ruben Niederhagen},
title = {Dual EC: A Standardized Back Door},
journal = {IACR Cryptology ePrint Archive},
year = {2015},
volume = {2015},
pages = {767},
url = {https://eprint.iacr.org/2015/767},
}
@Comment{jabref-meta: databaseType:bibtex;} @Comment{jabref-meta: databaseType:bibtex;}