Cryptography With PHP - ZendCon 2017 Workshop

CRYPTOGRAPHY WITH PHP
MARK NIEBERGALL
ZendCon 2017 Workshop
https://joind.in/talk/7b305

ABOUT MARK NIEBERGALL
▸ PHP since 2005
▸ Masters degree in MIS
▸ Senior Software Engineer
▸ Drug screening project
▸ UPHPU President
▸ SSCP, CSSLP Certiﬁed and SME
▸ Drones, ﬁshing, skiing, father, husband

ABOUT MARK NIEBERGALL

OBJECTIVES
▸ Time on the keyboard
▸ Learn about and use PHP cryptography and hashing
libraries
▸ Security considerations with implementation

OBJECTIVES
▸ Coding time!
▸ Various modules
▸ Estimated time (5, 10, or 15 minutes)
▸ Cryptography games will apply what was covered

SCHEDULE
▸ 9:00-9:30 Setup and covering slides that including terminology and
cryptography
▸ 9:30-9:50 PHP hash, password hashing
▸ 9:50-10:00 Break, lock picking
▸ 10:00-10:50 CSPRNG, OpenSSL
▸ 10:50-11:00 Break, more lock picking
▸ 11:00-11:15 libsodium
▸ 11:15-11:55 Cryptography Games
▸ 11:55-12:00 Regroup and conclusion

OVERVIEW
▸ Environment Setup
▸ Why Cryptography
▸ Deﬁnitions
▸ Role of Cryptography
▸ Algorithms
▸ Encryption with PHP
▸ Considerations
▸ Cryptography Games

ENVIRONMENT SETUP

ENVIRONMENT SETUP
▸ PHP 5.5+, best is 7.0+
▸ Ideally have libsodium PECL extension (see https://
paragonie.com/book/pecl-libsodium/read/00-
intro.md#installing-libsodium) or 7.2 (RC)
▸ Once you are up and running, please help others
▸ Worse case, use https://3v4l.org/

WHY CRYPTOGRAPHY

WHY CRYPTOGRAPHY
▸ Over 100,000 incidents in 2016 with 3,141 conﬁrmed
breaches
▸ Attacks largely for ﬁnancial gain
▸ Many going after sensitive data

WHY CRYPTOGRAPHY
▸ Review Verizon 2017 Data Breach Investigations Report
▸ Yearly report
▸ Cybersecurity investigations report
▸ Pulls from many sources
▸ Lots of informative charts

WHY CRYPTOGRAPHY
Incidents by industry

WHY CRYPTOGRAPHY
▸ No organization is immune
▸ Cryptography signiﬁcantly reduces breach cost
▸ Cryptography can prevent leak of actual sensitive data

WHY CRYPTOGRAPHY
▸ Attack Countermeasures
▸ Good password policy
▸ Encrypt sensitive data
▸ Encrypt computer disks and devices
▸ Keep current with patches

DEFINITIONS

DEFINITIONS
▸ Cryptography
▸ The process of writing or reading secret messages or
codes
▸ Classical cryptography started thousands of years ago
▸ Advanced during wars of 20th century
▸ The science or study of secret communications

DEFINITIONS
▸ Encryption
▸ To change information from one form to another
especially to hide its meaning
▸ En: to make
▸ Crypto: secret or hidden
▸ The actual changing of a communication

DEFINITIONS
▸ Algorithm
▸ A set of steps that are followed in order to solve a
mathematical problem or to complete a computer
process

DEFINITIONS
▸ Cipher
▸ A way of changing a message to keep it secret
▸ An algorithm used to encrypt or decrypt
▸ Classically included substitution and transposition
▸ A becomes 1
▸ A becomes Z
▸ Abc123 becomes 123Abc
▸ Backwards

DEFINITIONS
▸ Hash
▸ To chop into small pieces
▸ Maps data to a string
▸ One-way hash functions
▸ Schneier “workhorses of modern cryptography”
▸ Input is the message, output is the digest

ROLE OF CRYPTOGRAPHY

▸ World War II
▸ Enigma Machine used by Nazi Germany
▸ Code breaking by Allies, including Alan Turing

▸ Secure communications from third parties
▸ Conﬁdentiality of communications

▸ Secure data at rest
▸ Secure data in transit

▸ First 2 A’s in the AAA Framework
▸ Authentication: credentials
▸ Authorization: encrypt and decrypt data
▸ Accounting

ALGORITHMS

ALGORITHMS
▸ One Way Hash

ALGORITHMS
▸ One Way Hash
▸ Data is hashed
▸ Cannot go backwards
▸ Integrity checks
▸ Password checks
▸ Identiﬁers; ex: Git and Mercurial

ALGORITHMS
▸ One Way Hash
▸ MD5
▸ SHA-1, SHA-2, SHA-3

ALGORITHMS
▸ Symmetric-Key

ALGORITHMS
▸ Symmetric-Key
▸ Same key to encrypt and decrypt
▸ Shared secret key
▸ Susceptible to plaintext attacks (known and chosen) and
cryptanalysis (differential and linear)

ALGORITHMS
▸ Symmetric-Key
▸ DES
▸ Triple DES
▸ AES

ALGORITHMS
▸ Symmetric-Key
▸ Blowfish
▸ Twofish
▸ Threefish

ALGORITHMS
▸ Asymmetric-Key

ALGORITHMS
▸ Asymmetric-Key
▸ Heavily used in cryptography
▸ Public and private keys
▸ Public key is publicly available
▸ Private key is kept secret

ALGORITHMS
▸ Asymmetric-Key
▸ Public key used to authenticate messages from owner of
the private key
▸ Public key used to encrypt message to send to owner of
the private key
▸ Private key used to decrypt inbound messages
▸ Private key used to encrypt outbound messages

ALGORITHMS
▸ Asymmetric-Key (Public-Key)
▸ RSA
▸ DSA

ALGORITHMS
▸ Broken
▸ DES
▸ MD2, MD4, MD5
▸ SHA-1
▸ GOST
▸ Panama
▸ RC4

ENCRYPTION WITH PHP

ENCRYPTION WITH PHP
▸ String functions just don’t cut it
▸ bin2hex
▸ strrev
▸ base64_encode
▸ dechex
▸ ord and chr (ASCII)
▸ str_replace

ENCRYPTION WITH PHP
▸ Hash
▸ Password hashing
▸ mcrypt
▸ CSPRNG
▸ openssl
▸ libsodium
▸ StupidPass

ENCRYPTION WITH PHP
▸ Hash
▸ hash_algos for array of options
▸ hash($algorithm, $message, $raw = false);
▸ hash_ﬁle for ﬁle contents hash
▸ hash_equals for comparing hashed values

ENCRYPTION WITH PHP
▸ Hash - Coding time!
▸ 5 minutes
▸ hash_algos for array of algorithms
▸ Output available algorithms 
 
<?php 
print_r(hash_algos());
▸ See https://en.wikipedia.org/wiki/
Comparison_of_cryptographic_hash_functions

ENCRYPTION WITH PHP
▸ 10 minutes
▸ hash($algorithm, $message, $raw = false);
▸ foreach hash_algos generate hash
▸ Review output content, including characters, length
▸ Does different message or message length impact hash
length?

ENCRYPTION WITH PHP
▸ 5 minutes
▸ hash_file for file contents hash
▸ make a text file with some text in it
▸ compare with hash of plain text

ENCRYPTION WITH PHP
▸ Hash
▸ == and === are not timing safe comparisons
▸ Nuances with PHP == returning true 
var_dump(md5('240610708') == md5(‘QNKCDZO')); 
var_dump(md5('aabg7XSs') == md5('aabC9RqS')); 
var_dump(sha1('aaroZmOk') == sha1('aaK1STfY')); 
var_dump(sha1('aaO8zKZF') == sha1('aa3OFF9m')); 
var_dump('0010e2' == '1e3'); 
var_dump('0x1234Ab' == '1193131'); 
var_dump('0xABCdef' == ' 0xABCdef');

ENCRYPTION WITH PHP
▸ 15 minutes
▸ hash_equals as a timing safe hash comparison
▸ run thousands of iterations, look for patterns with averages
▸ $timeStart = microtime(true); … $timeEnd =
mircotime(true);
▸ array_multisort($timing, SORT_NUMERIC);

ENCRYPTION WITH PHP
▸ 10 minute break
▸ Lock picking

ENCRYPTION WITH PHP
▸ CSPRNG

ENCRYPTION WITH PHP
▸ CSPRNG
▸ Cryptographically Secure Pseudo-Random Number
Generator (CSPRNG)
▸ Part of PHP 7 core
▸ For PHP < 7: 
composer require paragonie/random_compat

ENCRYPTION WITH PHP
▸ CSPRNG - Coding time!
▸ 10 minutes
▸ random_bytes($length)
▸ bin2hex($randomBytes) for human readable version
▸ random_int($min, $max)
▸ PHP_INT_MIN and PHP_INT_MAX

ENCRYPTION WITH PHP

ENCRYPTION WITH PHP
▸ $insecure = md5($password);
▸ Too fast
▸ Brute force
▸ 5f4dcc3b5aa765d61d8327deb882cf99

ENCRYPTION WITH PHP
▸ Anthony Ferrara RFC in 2012 to simplify password hashing
▸ Use password_hash and password_verﬁy (PHP 5.5+)
▸ $current = password_hash($password,
PASSWORD_DEFAULT);
▸ PASSWORD_DEFAULT can change over time, currently is
blowﬁsh, max password length of 72
▸ $isValid = password_verify($password, $current);

ENCRYPTION WITH PHP
▸ Salt generated automatically
▸ Deprecated as option in PHP 7
▸ Option ‘cost’, target time it takes
▸ password_hash($password, PASSWORD_DEFAULT,
[‘cost’ => 10]);

ENCRYPTION WITH PHP
▸ Password hashing - Coding time!
▸ 10 minutes
▸ password_hash($password, PASSWORD_DEFAULT, [‘cost’ => 10]);
▸ notice output pattern, repeat for same password, try variations,
different costs
▸ $2y$10$i49TRWieyhYtQ6P.76R5aOwRisUIqnQJxS6tszUobVkGG8bP9/XsW
▸ $2y$ for algorithm
▸ 10 for cost
▸ 22 character salt, varies by algorithm
▸ Hash as the rest

ENCRYPTION WITH PHP
▸ Password hashing - Coding time!
▸ 10 minutes
▸ password_verify($plaintext, $hash);
▸ password_needs_rehash($hash, PASSWORD_DEFAULT,
$options)
▸ Timing safe check

ENCRYPTION WITH PHP
▸ mcrypt

ENCRYPTION WITH PHP
▸ mcrypt
▸ Encrypt and decrypt
▸ Uses libmcrypt, which hasn’t been updated since 2007
▸ Bug ﬁxes and patches
▸ Use libsodium or OpenSSL instead!

ENCRYPTION WITH PHP
▸ openssl

ENCRYPTION WITH PHP
▸ openssl
▸ Generate and verify signatures
▸ Certiﬁcate Signing Requests (CSR)
▸ Encrypt and decrypt data
▸ Actively supported

ENCRYPTION WITH PHP
▸ openssl
▸ Private key generation
▸ openssl_pkey_new([$configs]);
▸ openssl_pkey_export_to_file($privateKey, $fileName);
▸ openssl_free_key($privateKey);

ENCRYPTION WITH PHP
▸ openssl
▸ Conﬁguration defaults to openssl.conf
▸ digest_alg: Digest method to use
▸ x509_extensions: Extensions to use for x509 cert
▸ req_extensions: Extensions to use for CSR
▸ private_key_bits: Bits for private key generation
▸ private_key_type: Type of key
▸ encrypt_key: Export key with passphrase
▸ encrypt_key_cipher: Cipher for key

ENCRYPTION WITH PHP
▸ openssl - Coding time!
▸ 5 minutes
▸ Private key generation
▸ $config = [‘private_key_bits’ => 2048, 'private_key_type' =>
OPENSSL_KEYTYPE_RSA];
▸ openssl_pkey_new([$configs]);
▸ openssl_pkey_export_to_file($privateKey, $fileName);
▸ openssl_free_key($privateKey);

ENCRYPTION WITH PHP
▸ 5 minutes
▸ Public key generation
▸ Continue on from private key generation
▸ openssl_pkey_get_details($privateKey);
▸ ﬁle_put_contents(‘public.pem’, $details[‘key’]);
▸ Array with keys ‘bits’, ‘key’ (public key), ‘rsa’, ‘type’

ENCRYPTION WITH PHP
▸ 5 minutes
▸ Encrypting data with the public key, decrypt with private
▸ $isEncrypted = openssl_public_encrypt($message,
$encrypted, ﬁle_get_contents(‘public.pem’));
▸ $isDecrypted = openssl_private_decrypt($encrypted,
$decrypted, ﬁle_get_contents(‘private.pem’);

ENCRYPTION WITH PHP
▸ 5 minutes
▸ Encrypting data with the private key, decrypt with public
▸ $isEncrypted = openssl_private_encrypt($message,
$encrypted, ﬁle_get_contents(‘private.pem’));
▸ $isDecrypted = openssl_public_decrypt($encrypted,
$decrypted, ﬁle_get_contents(‘public.pem’);

ENCRYPTION WITH PHP
▸ cracklib

ENCRYPTION WITH PHP
▸ cracklib
▸ PECL extension, must be installed
▸ Checks complexity of passwords
▸ Still experimental

ENCRYPTION WITH PHP
▸ cracklib
▸ crack_opendict(‘/path/to/dictionary’)
▸ crack_check($dictionary, $password)
▸ crack_getlastmessage()
▸ crack_closedict($dictionary)

ENCRYPTION WITH PHP
▸ cracklib
▸ it's WAY too short
▸ it is too short
▸ it does not contain enough DIFFERENT characters
▸ it is all whitespace
▸ it is too simplistic/systematic
▸ it looks like a National Insurance number.
▸ it is based on a dictionary word
▸ it is based on a (reversed) dictionary word
▸ strong password

ENCRYPTION WITH PHP
▸ 10 minute break
▸ Find group of up to 4 for games

ENCRYPTION WITH PHP
▸ libsodium

ENCRYPTION WITH PHP
▸ libsodium
▸ PECL extension
▸ PHP 7.2 core
▸ modern cryptography library
▸ namespaced as Sodiumfunction_name

ENCRYPTION WITH PHP
▸ libsodium - Coding time!
▸ 10 minutes
▸ Cryptographically secure randomness
▸ Sodiumrandombytes_buf($numberBytes) with each byte being a
random value between 0 and 255 (bin2hex for readability)
▸ Sodiumrandombytes_random16() for random integer between 0
and 65535
▸ Sodiumrandombytes_uniform($maxPlusOne) for uniformly
distributed random integers between 0 and max

ENCRYPTION WITH PHP
▸ libsodium - Coding time!
▸ 10 minutes
▸ Secret-key encryption and decryption
▸ $key =
Sodiumrandombytes_buf(SodiumCRYPTO_SECRETBOX_KEYBYTES);
▸ $nonce =
Sodiumrandombytes_buf(SodiumCRYPTO_SECRETBOX_NONCEBYTES);
▸ $ciphertext = Sodiumcrypto_secretbox('test', $nonce, $key);
▸ $plaintext = Sodiumcrypto_secretbox_open($ciphertext, $nonce, $key);

ENCRYPTION WITH PHP
▸ libsodium
▸ Public-key encryption and decryption
▸ Sodiumcrypto_box_* functions

ENCRYPTION WITH PHP
▸ libsodium
▸ Much more functionality
▸ Password hashing and checking
▸ Key signing
▸ Message Authentication Code (MAC)
▸ Hashing

ENCRYPTION WITH PHP
▸ StupidPass

ENCRYPTION WITH PHP
▸ StupidPass
▸ composer require northox/stupid-password
▸ $stupidPass = new StupidPass;
▸ $isValid = $stupidPass->validate($password);
▸ $stupidPass->getErrors();
▸ new StupidPass($maxLength, $environmental,
$pathToDictionary, $errorText, $options);

ENCRYPTION WITH PHP
▸ StupidPass - Coding time!
▸ 10 minutes
▸ install composer, StupidPass
▸ Try out common passwords, custom dictionary, see the errors
▸ composer require northox/stupid-password
▸ $stupidPass = new StupidPass;
▸ $isValid = $stupidPass->validate($password);
▸ $stupidPass->getErrors();
▸ new StupidPass($maxLength, $environmental, $pathToDictionary, $errorText, $options);

CONSIDERATIONS

CONSIDERATIONS
▸ Salts
▸ Algorithm costs
▸ Timing attacks
▸ Brute force attacks
▸ Rainbow tables
▸ Max message length

CONSIDERATIONS
▸ Salts
▸ Increased security for digest if done correctly
▸ Ex: $salt . $password
▸ Pepper debate
▸ Let password_hash generate the salt for you
▸ Different salt per password or message

CONSIDERATIONS
▸ Algorithm Costs
▸ Default cost for password_hash is 10
▸ Higher cost leads to more processing time
▸ 8-12 is generally a good baseline
▸ Might change depending on hardware available

CONSIDERATIONS
▸ Timing Attacks
▸ Analyzing timing for algorithms
▸ Time variation for hashing, encrypting, decrypting
▸ Ex: Username not found, no password check attempted
▸ Ex: String comparisons stop after ﬁrst mismatch
▸ Timing safety built into functions, take same time for
positive or negative match

CONSIDERATIONS
▸ Brute Force Attacks
▸ Timing attack used to brute force list of usernames
▸ Dictionary attack using dictionary and common
passwords
▸ Take time
▸ Advanced Persistent Threat (APT)

CONSIDERATIONS
▸ Countermeasures
▸ Lock accounts, but causes Denial of Service
▸ Add time to each login
▸ Lock by IP address
▸ Vary failed login attempt behavior (Ex: HTTP status,
redirect)

CONSIDERATIONS
▸ Countermeasures
▸ Key words in HTML comments (invalid login, bad
username or password)
▸ Security questions
▸ CAPTCHA
▸ Add another factor (multi-factor authentication)

CONSIDERATIONS
▸ Rainbow Tables
▸ Table with hashes already ﬁgured out
▸ Used for hashing that always generates same hash for
an input
▸ Counter with modern algorithms, salts
▸ Common for MD5, SHA1, and other older algorithms

CONSIDERATIONS
▸ Rainbow Tables
▸ Internet search for the hash
▸ Online hash cracking sites

CONSIDERATIONS
▸ Max Message Length
▸ Only X characters considered when generating hash
▸ Ex: MD5 max is 128 characters in, 32 hex out
▸ Ex: password_hash max is 72 characters

CONSIDERATIONS
▸ Identify sensitive data
▸ Determine appropriate encryption
▸ Use cryptography to keep data safe

CONSIDERATIONS
▸ Cryptography can help minimize damage
▸ Electronic data breaches
▸ Stolen electronic devices
▸ Data transmission

CONSIDERATIONS
▸ Cryptography cannot help minimize damage
▸ Phishing attacks
▸ Credential theft
▸ Escalation of privileges
▸ DoS/DDoS
▸ Social engineering

CONSIDERATIONS
▸ Security education
▸ Verizon Data Breach Investigation Report
▸ SANS Institution, email digest
▸ Krebs on Security blog
▸ OWASP
▸ BrightTALK

CRYPTOGRAPHY GAMES

CRYPTOGRAPHY GAMES
▸ Groups of up to 4
▸ 11:15-11:20 Instructions and rules, get in groups
▸ 11:20-11:45 Coding time!
▸ 11:45-11:55 Review answers
▸ 11:55-12:00 Closing

CRYPTOGRAPHY GAMES
▸ Get into your groups of up to 4

CRYPTOGRAPHY GAMES
▸ Instructions and rules
▸ Use PHP
▸ Decrypt the data
▸ Record how you decrypted the message
▸ Record plain text answer
▸ Winning team is team with most correct answers

CRYPTOGRAPHY GAMES
▸ Time is up!

CRYPTOGRAPHY GAMES
▸ Answers

CRYPTOGRAPHY GAMES
▸ Conclusion
▸ Leverage PHP cryptography and hashing features
▸ Use modern libraries
▸ Encrypt sensitive information
▸ Hash passwords correctly

QUESTIONS?
▸ Rate on joind.in
▸ https://joind.in/talk/7b305

SOURCES
▸ Merriam-Webster Dictionary online
▸ PHP.net documentation
▸ Virendra Chandak https://www.virendrachandak.com
▸ OWASP
▸ Verizon 2017 Data Breach Investigations Report
▸ https://paragonie.com/book/pecl-libsodium/read/00-intro.md
▸ https://www.cryptologie.net/article/268/how-to-compare-password-hashes-
in-php/
▸ http://blog.ircmaxell.com/2014/11/its-all-about-time.html

Cryptography With PHP - ZendCon 2017 Workshop

More Related Content

Similar to Cryptography With PHP - ZendCon 2017 Workshop (20)

More from Mark Niebergall (20)

Recently uploaded (20)

Cryptography With PHP - ZendCon 2017 Workshop