yoshie
/
posts-go
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

crypto

main
sudo pacman -Syu 2023-09-11 01:03:48 +07:00
parent c0c9617c33
commit c7199dd051
2 changed files with 121 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

82
docs/2023-08-23-real-world-crypto.html
View File

@ -46,7 +46,17 @@
>Real-World Cryptography</a
>
</p>
<p><strong>Hash</strong> function convert from input to digest:</p>
<h2>
<a
id="user-content-hash-function-convert-from-input-to-digest"
class="anchor"
aria-hidden="true"
tabindex="-1"
href="#hash-function-convert-from-input-to-digest"
><span aria-hidden="true" class="octicon octicon-link"></span
></a>
<strong>Hash</strong> function convert from input to digest
</h2>
<ul>
<li>Pre-image resistance: Given digest, can not find input</li>
<li>
@ -55,10 +65,18 @@
</li>
<li>Collision resistance: Can not find 2 input produce same digest.</li>
</ul>
<p>
<h2>
<a
id="user-content-mac-aka-message-authentication-code-produce-from-key-message-to-authentication-tag"
class="anchor"
aria-hidden="true"
tabindex="-1"
href="#mac-aka-message-authentication-code-produce-from-key-message-to-authentication-tag"
><span aria-hidden="true" class="octicon octicon-link"></span
></a>
<strong>MAC</strong> aka Message Authentication Code produce from key,
message to authentication tag. <strong>HMAC</strong> is MAC using hash.
</p>
message to authentication tag.
</h2>
<ul>
<li>A send B message with MAC (generate from message and A key).</li>
<li>
@ -67,6 +85,62 @@
</li>
<li>A and B use same key.</li>
</ul>
<div class="highlight highlight-source-mermaid">
<pre><span class="pl-k">sequenceDiagram</span>
<span class="pl-k">participant</span> <span class="pl-ent">alice</span>
<span class="pl-k">participant</span> <span class="pl-ent">bob</span>
<span class="pl-ent">alice </span><span class="pl-k">-&gt;&gt;</span> <span class="pl-ent">bob</span><span class="pl-k">:</span> <span class="pl-s">send alice, mac(secret_key_alice, alice)</span>
<span class="pl-ent">bob </span><span class="pl-k">-&gt;&gt;</span> <span class="pl-ent">bob</span><span class="pl-k">:</span> <span class="pl-s">compare mac(secret_key_alice, alice) with mac(secret_key_bob, alice)</span></pre>
</div>
<ul>
<li>
Prevent forgery: without secret_key, can not generate MAC even if
knowing <strong>a lot of</strong> alice and mac(secret_key, alice),
</li>
<li>Prevent collisions: keep MAC long enough (256-bit),</li>
<li>
Replay attacks: send transaction 2 times with perfectly MAC and u know
why -&gt; instead of mac(secret_key, alice), use
<strong>counter</strong> as mac(secret_key, counter, alice).
</li>
<li>
Verify must be done in <strong>constant time</strong>: if not, probaly
return error the moment the bytes differ -&gt; attacker recreate byte by
byte by measuring how long -&gt; timing attacks
</li>
</ul>
<p>Constant time comparision:</p>
<div class="highlight highlight-source-go">
<pre><span class="pl-k">for</span> <span class="pl-s1">i</span> <span class="pl-c1">:=</span> <span class="pl-c1">0</span>; <span class="pl-s1">i</span> <span class="pl-c1">&lt;</span> <span class="pl-en">len</span>(<span class="pl-s1">x</span>); <span class="pl-s1">i</span><span class="pl-c1">++</span> {
<span class="pl-c">// Use XOR instead of compare x[i] == y[i]</span>
<span class="pl-c">// If x[i] == y[i] -&gt; XOR is 1</span>
<span class="pl-c">// Otherwise XOR is 0</span>
<span class="pl-s1">v</span> <span class="pl-c1">|=</span> <span class="pl-s1">x</span>[<span class="pl-s1">i</span>] <span class="pl-c1">^</span> <span class="pl-s1">y</span>[<span class="pl-s1">i</span>]
}
<span class="pl-c">// v == 1 means all XOR is 1 means x == y</span></pre>
</div>
<p>Use for:</p>
<ul>
<li>
Integrity: because MAC ensure no one can tamper with message without
noticing
</li>
</ul>
<div class="highlight highlight-source-mermaid">
<pre><span class="pl-k">sequenceDiagram</span>
<span class="pl-k">participant</span> <span class="pl-ent">alice</span>
<span class="pl-k">participant</span> <span class="pl-ent">bob</span>
<span class="pl-ent">alice </span><span class="pl-k">-&gt;&gt;</span> <span class="pl-ent">bob</span><span class="pl-k">:</span> <span class="pl-s">send username, password</span>
<span class="pl-ent">bob </span><span class="pl-k">--&gt;&gt;</span> <span class="pl-ent">alice</span><span class="pl-k">:</span> <span class="pl-s">return alice|mac(secret_key, alice)</span>
<span class="pl-ent">alice </span><span class="pl-k">-&gt;&gt;</span> <span class="pl-ent">bob</span><span class="pl-k">:</span> <span class="pl-s">send alice|mac(secret_key, alice)</span>
<span class="pl-ent">bob </span><span class="pl-k">--&gt;&gt;</span> <span class="pl-ent">alice</span><span class="pl-k">:</span> <span class="pl-s">return OK</span>
<span class="pl-ent">alice </span><span class="pl-k">-&gt;&gt;</span> <span class="pl-ent">bob</span><span class="pl-k">:</span> <span class="pl-s">send bob|mac(secret_key, alice)</span>
<span class="pl-ent">bob </span><span class="pl-k">--&gt;&gt;</span> <span class="pl-ent">alice</span><span class="pl-k">:</span> <span class="pl-s">return ERROR</span></pre>
</div>
<p><strong>HMAC</strong> is MAC using hash</p>
<div>
Feel free to ask me via

49
posts/2023-08-23-real-world-crypto.md
View File

@ -3,29 +3,66 @@
My notes when reading
[Real-World Cryptography](https://www.manning.com/books/real-world-cryptography)
**Hash** function convert from input to digest:
## **Hash** function convert from input to digest
- Pre-image resistance: Given digest, can not find input
- Second pre-image resistance: Given input, digest, can not find another input
produce same digest. Small change to input make digest big change.
- Collision resistance: Can not find 2 input produce same digest.
**MAC** aka Message Authentication Code produce from key, message to
authentication tag. **HMAC** is MAC using hash.
## **MAC** aka Message Authentication Code produce from key, message to authentication tag.
- A send B message with MAC (generate from message and A key).
- B double check message with MAC (generate from receive message and B key).
- A and B use same key.
```mermaid
sequenceDiagram
participant alice
participant bob
alice ->> bob: send alice, mac(secret_key_alice, alice)
bob ->> bob: compare mac(secret_key_alice, alice) with mac(secret_key_bob, alice)
```
- Prevent forgery: without secret_key, can not generate MAC even if knowing **a
lot of** alice and mac(secret_key, alice),
- Prevent collisions: keep MAC long enough (256-bit),
- Replay attacks: send transaction 2 times with perfectly MAC and u know why ->
instead of mac(secret_key, alice), use **counter** as mac(secret_key, counter,
alice).
- Verify must be done in **constant time**: if not, probaly return error the
moment the bytes differ -> attacker recreate byte by byte by measuring how
long -> timing attacks
Constant time comparision:
```go
for i := 0; i < len(x); i++ {
// Use XOR instead of compare x[i] == y[i]
// If x[i] == y[i] -> XOR is 1
// Otherwise XOR is 0
v |= x[i] ^ y[i]
}
// v == 1 means all XOR is 1 means x == y
```
Use for:
- Integrity: because MAC ensure no one can tamper with message without noticing
```mermaid
sequenceDiagram
participant alice
participant bob
alice ->> bob: send username, password
bob -->> alice: return alice|mac(private_key, alice)
alice ->> bob: send alice|mac(private_key, alice)
bob -->> alice: return alice|mac(secret_key, alice)
alice ->> bob: send alice|mac(secret_key, alice)
bob -->> alice: return OK
alice ->> bob: send bob|mac(private_key, alice)
alice ->> bob: send bob|mac(secret_key, alice)
bob -->> alice: return ERROR
```
**HMAC** is MAC using hash