176 lines
7.4 KiB
HTML
176 lines
7.4 KiB
HTML
<!doctype html>
|
|
<html>
|
|
<head>
|
|
<meta charset="utf-8" />
|
|
<meta name="viewport" content="width=device-width, initial-scale=1" />
|
|
<link
|
|
rel="stylesheet"
|
|
href="https://cdnjs.cloudflare.com/ajax/libs/github-markdown-css/5.3.0/github-markdown.min.css"
|
|
/>
|
|
<title>haunt98 posts</title>
|
|
</head>
|
|
<style>
|
|
.markdown-body {
|
|
box-sizing: border-box;
|
|
min-width: 200px;
|
|
max-width: 980px;
|
|
margin: 0 auto;
|
|
padding: 45px;
|
|
}
|
|
|
|
@media (max-width: 767px) {
|
|
.markdown-body {
|
|
padding: 15px;
|
|
}
|
|
}
|
|
</style>
|
|
<body class="markdown-body">
|
|
<h2>
|
|
<a href="index.html"><code>~</code></a>
|
|
</h2>
|
|
<h1 id="user-content-real-world-crypto-101">
|
|
<a class="heading-link" href="#real-world-crypto-101"
|
|
>Real World Crypto 101<span
|
|
aria-hidden="true"
|
|
class="octicon octicon-link"
|
|
></span
|
|
></a>
|
|
</h1>
|
|
<p>
|
|
My notes when reading
|
|
<a
|
|
href="https://www.manning.com/books/real-world-cryptography"
|
|
rel="nofollow"
|
|
>Real-World Cryptography</a
|
|
>
|
|
</p>
|
|
<h2 id="user-content-hash-function-convert-from-input-to-digest">
|
|
<a
|
|
class="heading-link"
|
|
href="#hash-function-convert-from-input-to-digest"
|
|
>
|
|
<strong>Hash</strong> function convert from input to digest<span
|
|
aria-hidden="true"
|
|
class="octicon octicon-link"
|
|
></span
|
|
></a>
|
|
</h2>
|
|
<ul>
|
|
<li>Pre-image resistance: Given digest, can not find input</li>
|
|
<li>
|
|
Second pre-image resistance: Given input, digest, can not find another
|
|
input produce same digest. Small change to input make digest big change.
|
|
</li>
|
|
<li>Collision resistance: Can not find 2 input produce same digest.</li>
|
|
</ul>
|
|
<h2
|
|
id="user-content-mac-aka-message-authentication-code-produce-from-key-message-to-authentication-tag"
|
|
>
|
|
<a
|
|
class="heading-link"
|
|
href="#mac-aka-message-authentication-code-produce-from-key-message-to-authentication-tag"
|
|
>
|
|
<strong>MAC</strong> aka Message Authentication Code produce from key,
|
|
message to authentication tag.<span
|
|
aria-hidden="true"
|
|
class="octicon octicon-link"
|
|
></span
|
|
></a>
|
|
</h2>
|
|
<ul>
|
|
<li>A send B message with MAC (generate from message and A key).</li>
|
|
<li>
|
|
B double check message with MAC (generate from receive message and B
|
|
key).
|
|
</li>
|
|
<li>A and B use same key.</li>
|
|
</ul>
|
|
<div class="highlight highlight-source-mermaid">
|
|
<pre><span class="pl-k">sequenceDiagram</span>
|
|
<span class="pl-k">participant</span> <span class="pl-ent">alice</span>
|
|
<span class="pl-k">participant</span> <span class="pl-ent">bob</span>
|
|
|
|
<span class="pl-ent">alice </span><span class="pl-k">->></span> <span class="pl-ent">bob</span><span class="pl-k">:</span> <span class="pl-s">send alice, mac(secret_key_alice, alice)</span>
|
|
<span class="pl-ent">bob </span><span class="pl-k">->></span> <span class="pl-ent">bob</span><span class="pl-k">:</span> <span class="pl-s">compare mac(secret_key_alice, alice) with mac(secret_key_bob, alice)</span></pre>
|
|
</div>
|
|
<ul>
|
|
<li>
|
|
Prevent forgery: without secret_key, can not generate MAC even if
|
|
knowing <strong>a lot of</strong> alice and mac(secret_key, alice),
|
|
</li>
|
|
<li>Prevent collisions: keep MAC long enough (256-bit),</li>
|
|
<li>
|
|
Replay attacks: send transaction 2 times with perfectly MAC and u know
|
|
why -> instead of mac(secret_key, alice), use
|
|
<strong>counter</strong> as mac(secret_key, counter, alice).
|
|
</li>
|
|
<li>
|
|
Verify must be done in <strong>constant time</strong>: if not, probaly
|
|
return error the moment the bytes differ -> attacker recreate byte by
|
|
byte by measuring how long -> timing attacks
|
|
</li>
|
|
</ul>
|
|
<p>Constant time comparision:</p>
|
|
<div class="highlight highlight-source-go">
|
|
<pre><span class="pl-k">for</span> <span class="pl-s1">i</span> <span class="pl-c1">:=</span> <span class="pl-c1">0</span>; <span class="pl-s1">i</span> <span class="pl-c1"><</span> <span class="pl-en">len</span>(<span class="pl-s1">x</span>); <span class="pl-s1">i</span><span class="pl-c1">++</span> {
|
|
<span class="pl-c">// Use XOR instead of compare x[i] == y[i]</span>
|
|
<span class="pl-c">// If x[i] == y[i] -> XOR is 1</span>
|
|
<span class="pl-c">// Otherwise XOR is 0</span>
|
|
<span class="pl-s1">v</span> <span class="pl-c1">|=</span> <span class="pl-s1">x</span>[<span class="pl-s1">i</span>] <span class="pl-c1">^</span> <span class="pl-s1">y</span>[<span class="pl-s1">i</span>]
|
|
}
|
|
|
|
<span class="pl-c">// v == 1 means all XOR is 1 means x == y</span></pre>
|
|
</div>
|
|
<p>Use for:</p>
|
|
<ul>
|
|
<li>
|
|
Integrity: because MAC ensure no one can tamper with message without
|
|
noticing
|
|
</li>
|
|
</ul>
|
|
<div class="highlight highlight-source-mermaid">
|
|
<pre><span class="pl-k">sequenceDiagram</span>
|
|
<span class="pl-k">participant</span> <span class="pl-ent">alice</span>
|
|
<span class="pl-k">participant</span> <span class="pl-ent">bob</span>
|
|
|
|
<span class="pl-ent">alice </span><span class="pl-k">->></span> <span class="pl-ent">bob</span><span class="pl-k">:</span> <span class="pl-s">send username, password</span>
|
|
<span class="pl-ent">bob </span><span class="pl-k">-->></span> <span class="pl-ent">alice</span><span class="pl-k">:</span> <span class="pl-s">return alice|mac(secret_key, alice)</span>
|
|
<span class="pl-ent">alice </span><span class="pl-k">->></span> <span class="pl-ent">bob</span><span class="pl-k">:</span> <span class="pl-s">send alice|mac(secret_key, alice)</span>
|
|
<span class="pl-ent">bob </span><span class="pl-k">-->></span> <span class="pl-ent">alice</span><span class="pl-k">:</span> <span class="pl-s">return OK</span>
|
|
<span class="pl-ent">alice </span><span class="pl-k">->></span> <span class="pl-ent">bob</span><span class="pl-k">:</span> <span class="pl-s">send bob|mac(secret_key, alice)</span>
|
|
<span class="pl-ent">bob </span><span class="pl-k">-->></span> <span class="pl-ent">alice</span><span class="pl-k">:</span> <span class="pl-s">return ERROR</span></pre>
|
|
</div>
|
|
<p><strong>HMAC</strong> is MAC using hash</p>
|
|
<h2 id="user-content-aes">
|
|
<a class="heading-link" href="#aes"
|
|
>AES<span aria-hidden="true" class="octicon octicon-link"></span
|
|
></a>
|
|
</h2>
|
|
<p>
|
|
Currently (2023) the world using AES-128 which take a key 128 bits == 16
|
|
bytes/
|
|
</p>
|
|
<ul>
|
|
<li>Take a variable-length key</li>
|
|
<li>Take plaintext of 128 bits</li>
|
|
<li>Give ciphertext of 128 bits</li>
|
|
</ul>
|
|
<p>
|
|
AES is kind of cipher, handle fixed-size plaintext so we called
|
|
<strong>block cipher</strong>.
|
|
</p>
|
|
|
|
<div>
|
|
Feel free to ask me via
|
|
<a href="mailto:hauvipapro+posts@gmail.com">email</a> or
|
|
<a rel="me" href="https://hachyderm.io/@haunguyen">Mastodon</a>.
|
|
<br />Source code is available on
|
|
<a href="https://github.com/haunt98/posts-go">GitHub</a>
|
|
<a href="https://codeberg.org/yoshie/posts-go">Codeberg</a>
|
|
<a href="https://git.sr.ht/~youngyoshie/posts-go">sourcehut</a>
|
|
<a href="https://gitea.treehouse.systems/yoshie/posts-go">Treehouse</a>
|
|
<a href="https://gitlab.com/youngyoshie/posts-go">GitLab</a>
|
|
</div>
|
|
</body>
|
|
</html>
|