security: crypto: Update slides

- terminology
- hash
- symmetric message authenticaton (MAC)

Signed-off-by: Holger Dengler <dengler@linutronix.de>

1 files changed, 269 insertions, 30 deletions

diff --git a/security/crypto/pres_crypto_en.tex b/security/crypto/pres_crypto_en.tex
index 560f4c9..baaa217 100644
--- a/security/crypto/pres_crypto_en.tex
+++ b/security/crypto/pres_crypto_en.tex
@@ -13,6 +13,12 @@
 \def\lximg{none}
 
 % ----------------------------
+\begin{frame}
+\frametitle{Overview}
+\tableofcontents
+\end{frame}
+
+% ----------------------------
 \subsubsection{Fundamentals}
 
 \begin{frame}[fragile]
@@ -26,7 +32,7 @@
 \end{frame}
 
 % ----------------------------
-\begin{frame}
+\begin{frame}[fragile]
 \frametitle{Cryptography: Modern}
 \begin{itemize}
 \item Revolution starts in 1970
@@ -38,7 +44,7 @@
 \end{frame}
 
 % ----------------------------
-\begin{frame}
+\begin{frame}[fragile]
 \frametitle{Kerckhoffs's principle}
 Auguste Kerckhoff (1983) on \emph{La Cryptographie Militaire}
 \begin{itemize}
@@ -60,34 +66,243 @@ the key, not on the secret of the algorithm
 \end{frame}
 
 % ----------------------------
-\begin{frame}
-\frametitle{Cryptographic Methods}
+\begin{frame}[fragile]
+\frametitle{Terminology}
 \begin{itemize}
-\item Asymmetric methods
+\item Encoding
+\item Encryption
+\item Hashing
+\item Obfuscation
+\end{itemize}
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{Encoding}
 \begin{itemize}
-\item expensive and slow
-\item Public and Private Key
-\item Key Exchange
+\item Data Transformation
+ \begin{itemize}
+ \item Consumability (different systems)
+ \item Transportability
+ \end{itemize}
+\item Public available Transformation Scheme
+\item No information secret!
+\item Encoding Schemes
+ \begin{itemize}
+ \item ASCII
+ \item BASE64
+ \item Unicode
+ \item ROT13
+ \end{itemize}
 \end{itemize}
-\item Symmetric methods
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{Encryption}
 \begin{itemize}
-\item efficient and fast
-\item single Key
-\item Bulk Data Encryption/Hashes
+\item Data Transformation
+ \begin{itemize}
+ \item Security
+ \item Privacy
+ \end{itemize}
+\item public available Algorithm
+\item non-public available Message Secret (Key)
+\item Encryption Methods
+ \begin{itemize}
+ \item Block-Ciphers, symm./asymm.
+ \item DES, AES, Blowfish
+ \item RSA, ECC
+ \item Stream-Ciphers
+ \end{itemize}
 \end{itemize}
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{Hash}
+\begin{itemize}
+\item Data Transformation
+ \begin{itemize}
+ \item Message integrity
+ \item Input: variable length (0..x)
+ \item Output: fixed length (e.g. 128bit)
+ \end{itemize}
+\item No information secret!
+\item Hash algorithms
+ \item MD-Family (MD2, MD4, MD5, MD6)
+ \item SHA-1, SHA-2, SHA-3
+ \item GHASH
+ \item HMAC, CBC-MAC
+\end{itemize}
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{Obfuscation}
+\begin{itemize}
+\item Data Re-order / Re-format
+ \begin{itemize}
+ \item Consumability restriction
+ \item Prevent Attacks or Leak of Information
+ \end{itemize}
+\item Obstacle only, no information secret!
+\item e.g. Code Obfuscation
+ \begin{itemize}
+ \item Make it hard for Humans to read/understand
+ \item Compiler/Interpreter still work
+ \end{itemize}
+\end{itemize}
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{Cryptographic Methods I}
+\begin{itemize}
+\item Cryptographic Hashes
+ \begin{itemize}
+ \item one-way functions
+ \item "The workhorses of modern cryptography" \\
+       (Bruce Schneier, Cryptanalysis of MD5 and SHA: Time for a New
+       Standard)
+ \item Required properties
+  \begin{itemize}
+  \item fast
+  \item no correlation: \\
+        small changes in input shall cause an extensively changed hash
+  \item no reverse function: \\
+        infeasible to recreate a message from its hash
+  \item no collision: \\
+        infeasible to find 2 messages with the same hash
+  \end{itemize}
+ \item Usage
+  \begin{itemize}
+  \item Message Digest, Check-sum, Fingerprint
+  \item Message Authentication
+  \item Signature
+  \end{itemize}
+ \end{itemize}
+\end{itemize}
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{Cryptographic Methods II}
+\begin{itemize}
+\item Asymmetric encryption methods
+ \begin{itemize}
+ \item expensive and slow
+ \item Public and Private Key
+ \item Key Exchange
+ \end{itemize}
+\item Symmetric encryption methods
+ \begin{itemize}
+ \item efficient and fast
+ \item single Key
+ \item Bulk Data Encryption/Hashes
+ \end{itemize}
 \item non-linear behavior
 \item resistant against
+ \begin{itemize}
+ \item statistical analysis
+ \item differential cryptanalysis
+ \end{itemize}
+\end{itemize}
+\end{frame}
+
+% ----------------------------
+\subsubsection{Hash Methods}
+
+\begin{frame}[fragile]
+\frametitle{Message Digest Algorithm}
+\begin{itemize}
+\item MD2, MD4
+ \begin{itemize}
+ \item MD2: successful attacks (collision, preimage) since 1997
+ \item MD4: first successful collision attack published in 1995
+ \item 2004: "MD2 can no longer be considered a secure one-way hash function"
+ \item 2009: Security Update disables MD2 in OpenSSL
+ \end{itemize}
+\item MD5
+ \begin{itemize}
+ \item published 1992 (by R. Rivest)
+ \item Hash Size: 128
+ \item Block size: 512
+ \item Rounds: 4
+ \end{itemize}
+\item MD6
+ \begin{itemize}
+ \item published 2008 (by R. Rivest)
+ \item Hash Size: up to 512 bit (variable)
+ \item Rounds: variable
+ \item Modes: keyed and un-keyed
+ \end{itemize}
+\item Recommendations:
+ \begin{itemize}
+ \item no usage of MD2 or MD4
+ \item MD5 only for tasks with low security requirements \\
+       (e.g. check-sums for downloads)
+ \end{itemize}
+\end{itemize}
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{Secure Hash Algorithm}
 \begin{itemize}
-\item statistical analysis
-\item differential cryptanalysis
+\item SHA-1
+ \begin{itemize}
+ \item SHA-1, SHA-0 replacement (small modification, harder to attack)
+ \item SHA-0: published in 1993 (by NSA)
+ \item SHA-1: published in 1995 (by NSA)
+ \item since 2005: recommendation to replace SHA-1 with SHA-2
+ \item 2017: main browsers will deny SSL-certificates using SHA-1
+ \end{itemize}
+\item SHA-2
+ \begin{itemize}
+ \item SHA-224, SHA-256, SHA-384, SHA-512
+ \item published 2001 (by NSA)
+ \item Hash Size: 224, 256, 384, or 512 bit
+ \item Shortened SHA-512 variants: \\
+       SHA-512/224, SHA-512/256
+ \item Rounds: 64 or 80
+ \end{itemize}
+\item SHA-3
+ \begin{itemize}
+ \item developed as KECCAK
+ \item published 2011 \\
+       (by G. Bertoni, J. Daemen, M. Peeters, G. v. Assche)
+ \item Hash Size: variable (usual: 224, 256, 384, or 512 bit)
+ \item Rounds: 24 (in SHA-3)
+ \end{itemize}
+\item Recommendations
+ \begin{itemize}
+ \item at least SHA-2, SHA-3 if possible
+ \end{itemize}
 \end{itemize}
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{Other Hash Algorithm}
+\begin{itemize}
+\item GHASH
+ \begin{itemize}
+ \item based on Galois-field multiplication
+ \item calculation in parallel
+ \item used in Galois Counter Mode (GCM)
+ \end{itemize}
+\item Stream-cipher based Hashes
+ \begin{itemize}
+ \item hash: last block of stream cipher
+ \end{itemize}
 \end{itemize}
 \end{frame}
 
 % ----------------------------
-\subsubsection{Symmetric Methods}
+\subsubsection{Symmetric Encryption Methods}
 
-\begin{frame}
+\begin{frame}[fragile]
 \frametitle{Data Encryption Standard (DES)}
 \begin{itemize}
 \item S-Box based, \\
@@ -102,7 +317,7 @@ the key, not on the secret of the algorithm
 \end{frame}
 
 % ----------------------------
-\begin{frame}
+\begin{frame}[fragile]
 \frametitle{Advanced Encryption Standard (AES)}
 \begin{itemize}
 \item S-Box based, \\
@@ -116,9 +331,9 @@ the key, not on the secret of the algorithm
 \end{frame}
 
 % ----------------------------
-\subsubsection{Asymmetric Methods}
+\subsubsection{Asymmetric Encryption Methods}
 
-\begin{frame}
+\begin{frame}[fragile]
 \frametitle{Asymmetric Methods}
 \begin{itemize}
 \item based on one-way methods
@@ -141,7 +356,29 @@ the key, not on the secret of the algorithm
 % ----------------------------
 \subsubsection{Applications}
 
-\begin{frame}
+\begin{frame}[fragile]
+\frametitle{Hash-based Message Authentication Code (HMAC)}
+\begin{columns}[onlytextwidth]
+ \begin{column}{0.5\textwidth}
+  \begin{itemize}
+  \item Authentication of a message
+  \item Symmetric Key
+  \item outer pad: 0x5c5c\dots5c
+  \item inner pad: 0x3636\dots36
+  \item Notation: HMAC-SHA1, HAMC-MD5,etc.
+  \end{itemize}
+ \end{column}
+ \begin{column}{0.5\textwidth}
+  \begin{figure}[h]
+  \centering
+  \includegraphics[width=4cm]{images/sec_crypto_hmac.png}
+  \end{figure}
+ \end{column}
+\end{columns}
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
 \frametitle{Modes of Operation}
 \begin{itemize}
 \item turn Block Cipher into a Stream Cipher
@@ -154,10 +391,10 @@ the key, not on the secret of the algorithm
 \end{frame}
 
 % ----------------------------
-\begin{frame}
+\begin{frame}[fragile]
 \frametitle{Cipher Block Chaining (CBC)}
 \begin{itemize}
-\item Decryption parallelizable
+\item Decryption in parallel
 \item damaged IV affects first plaintext block
 \item one-bit flip in ciphertext affects whole plaintext block and the
 corresponding bit in the following plaintext block
@@ -170,11 +407,11 @@ corresponding bit in the following plaintext block
 \end{frame}
 
 % ----------------------------
-\begin{frame}
+\begin{frame}[fragile]
 \frametitle{Cipher Feedback (CFB)}
 \begin{itemize}
 \item Required only Block Encryption
-\item Decryption parallelizable
+\item Decryption in parallel
 \item No padding required
 \end{itemize}
 \begin{figure}[h]
@@ -184,11 +421,11 @@ corresponding bit in the following plaintext block
 \end{frame}
 
 % ----------------------------
-\begin{frame}
+\begin{frame}[fragile]
 \frametitle{Counter (CTR)}
 \begin{itemize}
 \item Required only Block Encryption
-\item Encryption and Decryption parallelizable
+\item Encryption and Decryption in parallel
 \item En-/decryption can be prepared in advance
 \item No padding required
 \end{itemize}
@@ -199,7 +436,9 @@ corresponding bit in the following plaintext block
 \end{frame}
 
 % ----------------------------
-\begin{frame}
+\subsubsection{Protocols}
+
+\begin{frame}[fragile]
 \frametitle{SSL/TLS Handshake (1)}
 Secure Key Exchange
 \begin{itemize}
@@ -219,7 +458,7 @@ RN\subscript {s})
 \end{frame}
 
 % ----------------------------
-\begin{frame}
+\begin{frame}[fragile]
 \frametitle{SSL/TLS Handshake (2)}
 \begin{itemize}
 \item Phase 3:
@@ -239,7 +478,7 @@ RN\subscript{s} and PMS
 \end{frame}
 
 % ----------------------------
-\begin{frame}
+\begin{frame}[fragile]
 \frametitle{Open Crypto Libraries}
 \begin{itemize}
 \item OpenSSL: libcrypto and libssl \\
@@ -260,7 +499,7 @@ RN\subscript{s} and PMS
 % ----------------------------
 \subsubsection{Related Links}
 
-\begin{frame}
+\begin{frame}[fragile]
 Starting point on Wikipedia
 \begin{itemize}
 \item \url{http://en.wikipedia.org/wiki/Cryptography}