SlideShare ist ein Scribd-Unternehmen logo

Aes jul-upload

S
Setia Juli Irzal Ismail

Guest Lecture at Universitat Autonoma Barcelona about Symmetric Key Cryptography

Bildung
1 von 31
Downloaden Sie, um offline zu lesen
Symmetric Key Cryptography Setia Juli Irzal Ismail ID-CERT – Telkom University
1. Introduction 2. Introduction about AES 3. Attack in Symmetric Cryptography 4. Cryptography in Malware 5. Discussion
Introduction • Setia Juli Irzal Ismail • Jul Ismail • Malware Analyst – ID-CERT • Lecturer – Telkom University www.cert.or.id/
ID-CERT • Indonesia Computer Emergency Response Team • 1998 – Dr. Budi Rahardjo • Community based • Incident Handling • Malware Lab • Research & Training about Malware • Tools: Malware Scanner • Founder AP-CERT: JP-CERT & AusCERT www.cert.or.id/
Indonesia • South East Asia • 7th largest Country – • 1,904,569 square km2 • Archipelago • 13000 Islands • 4th: Population; 261 million • 700 local language
AES
AES • Advanced Encryption Standard (AES) was published by the National Institute of Standards and Technology (NIST) in 2001. • NIST is a Agency in USA; measurement standard Laboratory • replace DES (Data Encryption Standard) – 1977 (IBM) • have theoretical attacks that can break it • have demonstrated exhaustive key search attacks • slow www.cert.or.id
Selection Process • US NIST issued call for ciphers in 1997 • Open Competition • 15 candidates accepted in Jun 98 • investigated by cryptographers; • Security, • performance in different PC architecture • Implementation in limited environment (smart cards limited memory, low gate count implementations, FPGAs)
Finalist • 1999: 5 Finalist • MARS, RC6, Rijndael, Serpent, and Twofish. • 2000: Rijndael • official standard by publishing an announcement in the Federal Document • Positive comment for opennes from the community • Bruce Schneier (Twofish) “I have nothing but good things to say about NIST and the AES process“ www.cert.or.id
Rijndael • developed by two Belgian cryptographers, • Vincent Rijmen and Joan Daemen, • all operations are performed on 8-bit • Finite Field Arithmetic • each with a block size of 128 bits, but three different key lengths: 128, 192 and 256 bits • Substitution & Permutation • Repetition 10 round for 128 bit keys, 12 à 192; 14 à256
Encryption process 1. Plaintext data to be encrypted 2. Static bytes that are part of the algorithm (lookup table) 3. The key used for encryption www.cert.or.id
Encryption process • Substitution & Permutation • Add key • Shift rows • Substituting bytes • Mix columns • Repetition 10 round for 128 bit keys, 12 à 192; 14 à256 www.cert.or.id
Implementation • RAR, Winzip, 7z • NTFS • Bitlocker, Truecrypt • IEEE 802.11 Wireless • Whatsapp, Facebook Messenger • IPSec à VPN • GPG à • Intel & AMD Processor • Grand Theft Auto
Security Concern
Bruteforce • Trying all possible combination • =exhaustive key search • Needs big computing power & energy • 128 bit key AES à1,02 x1018 years • 256-bit à 3,31 x 1056 years • billions of years to brute force • Supercomputer www.cert.or.id
Attack - Cryptanalyst • 2002; XSL attack; • Theoretical attack ; Courtois and Pieprzyk à unworkable • 2009: Alex Biryukov, Dmitry Khovratovich, and Ivica Nikolić, • 2011; Bogdanov, Khovratovich, and Rechberger, • Snowden; NSA doing research on attack based on TAU statistic • Without key à No success (if AES correctly implemented)
Side Channel Attack • Not on cipher text • find a weakness in the implementation • Hardware/software • measure power consumption, electromagnetic emissions, and heat generation • requires physical access to the target device. www.cert.or.id
Success story • 2005: Bernstein ; cache-timing attackà OpenSSL • number of machine cycles taken by the encryption operation • 2009: DFA (Differential Fault Analysis) à hardware (key recovery) • Smart Card à embedded processor ; • Overclocking, high temperature à false output
Key Exchange Problem www.cert.or.id
Malware
Crypto implementation in malware • Encrypt the source code à difficult to reverse • Encrypt the comunication to C&C server • Ransomware
Ransomware • Malware encrypt your data • Ask ransom (money) • Different crypto algorithm • Most common : asymmetric encryption www.cert.or.id
Ransomware-File obfuscation • move or hide targeted files; • show ransom message • Reverse the code à hide the file
Custom crypto • Algorithm to encrypt the file • XOR the file • Algorithm is the key • Reverse the steps www.cert.or.id
MBR rewriting • Master Boot Record • Rewrite MBR à require password or number • Force reboot a computer à before windows load à ransom message • reversing the serial or password validation algorithm: MBR • Keygen
Asymmetric – modern ransomware 1. dynamically generates the keys locally • Sends to C&C server à client ID • Keys are not identical 2. Keys are generated by author • Preloaded in the ransomware • Key are static • Someone get the key, • Share the key www.cert.or.id
Dynamic generated keys • Analyse memory dump for file recovery • cryptanalyst • Intercept the transfer and generation of the keys
Ransomware Algorithm • AES • RSA • Blowfish • etc www.cert.or.id
Shione Ransomware case • C# • Keys are embedded in the ransomware • RSA & AES • AES à encrypt victim files • AES Key à RSA • Public Key RSA embedded in the malware
Reference • William, S., & Stalling, C. (2006). Network Security, 4/E. • Malware analysis report, ID-CERT
Terima Kasih jul [at] tass.telkomuniversity.ac.id jul_ismail Blog: julismail.staff.telkomuniversity.ac.id www.cert.or.id/

Empfohlen

Malware cryptomining uploadv3
Malware cryptomining uploadv3Malware cryptomining uploadv3
Malware cryptomining uploadv3Setia Juli Irzal Ismail
 
Web security uploadv1
Web security uploadv1Web security uploadv1
Web security uploadv1Setia Juli Irzal Ismail
 
Pa or die
Pa or diePa or die
Pa or dieSetia Juli Irzal Ismail
 
iOS secure app development
iOS secure app developmentiOS secure app development
iOS secure app developmentDusan Klinec
 
Hunting on the cheap
Hunting on the cheapHunting on the cheap
Hunting on the cheapAnjum Ahuja
 
2014: Mid-Year Threat Review
2014: Mid-Year Threat Review2014: Mid-Year Threat Review
2014: Mid-Year Threat ReviewESET
 
Beginner’s Guide on How to Start Exploring IoT Security 1st Session
Beginner’s Guide on How to Start Exploring IoT Security 1st SessionBeginner’s Guide on How to Start Exploring IoT Security 1st Session
Beginner’s Guide on How to Start Exploring IoT Security 1st Sessionveerababu penugonda(Mr-IoT)
 
Path of Cyber Security
Path of Cyber SecurityPath of Cyber Security
Path of Cyber SecuritySatria Ady Pradana
 

Empfohlen

Malware cryptomining uploadv3
Malware cryptomining uploadv3Malware cryptomining uploadv3
Malware cryptomining uploadv3Setia Juli Irzal Ismail
 
Web security uploadv1
Web security uploadv1Web security uploadv1
Web security uploadv1Setia Juli Irzal Ismail
 
Pa or die
Pa or diePa or die
Pa or dieSetia Juli Irzal Ismail
 
iOS secure app development
iOS secure app developmentiOS secure app development
iOS secure app developmentDusan Klinec
 
Hunting on the cheap
Hunting on the cheapHunting on the cheap
Hunting on the cheapAnjum Ahuja
 
2014: Mid-Year Threat Review
2014: Mid-Year Threat Review2014: Mid-Year Threat Review
2014: Mid-Year Threat ReviewESET
 
Beginner’s Guide on How to Start Exploring IoT Security 1st Session
Beginner’s Guide on How to Start Exploring IoT Security 1st SessionBeginner’s Guide on How to Start Exploring IoT Security 1st Session
Beginner’s Guide on How to Start Exploring IoT Security 1st Sessionveerababu penugonda(Mr-IoT)
 
Path of Cyber Security
Path of Cyber SecurityPath of Cyber Security
Path of Cyber SecuritySatria Ady Pradana
 
Beginners guide on how to start exploring IoT 2nd session
Beginners guide on how to start exploring IoT 2nd sessionBeginners guide on how to start exploring IoT 2nd session
Beginners guide on how to start exploring IoT 2nd sessionveerababu penugonda(Mr-IoT)
 
Firmware analysis 101
Firmware analysis 101Firmware analysis 101
Firmware analysis 101veerababu penugonda(Mr-IoT)
 
IoT security zigbee -- Null Meet bangalore
IoT security zigbee -- Null Meet bangaloreIoT security zigbee -- Null Meet bangalore
IoT security zigbee -- Null Meet bangaloreveerababu penugonda(Mr-IoT)
 
Tracking Exploit Kits - Virus Bulletin 2016
Tracking Exploit Kits - Virus Bulletin 2016Tracking Exploit Kits - Virus Bulletin 2016
Tracking Exploit Kits - Virus Bulletin 2016John Bambenek
 
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoTCSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoTCanSecWest
 
A (not-so-quick) Primer on iOS Encryption David Schuetz - NCC Group
A (not-so-quick) Primer on iOS Encryption David Schuetz - NCC GroupA (not-so-quick) Primer on iOS Encryption David Schuetz - NCC Group
A (not-so-quick) Primer on iOS Encryption David Schuetz - NCC GroupEC-Council
 
Hunting on the Cheap
Hunting on the CheapHunting on the Cheap
Hunting on the CheapEndgameInc
 
Learn Ethical Hacking With Kali Linux | Ethical Hacking Tutorial | Kali Linux...
Learn Ethical Hacking With Kali Linux | Ethical Hacking Tutorial | Kali Linux...Learn Ethical Hacking With Kali Linux | Ethical Hacking Tutorial | Kali Linux...
Learn Ethical Hacking With Kali Linux | Ethical Hacking Tutorial | Kali Linux...Edureka!
 
Network Security Tools
Network Security ToolsNetwork Security Tools
Network Security ToolsEmanuela Boroș
 
Android Hacking + Pentesting
Android Hacking + Pentesting Android Hacking + Pentesting
Android Hacking + Pentesting Sina Manavi
 
IoT Security - Preparing for the Worst
IoT Security - Preparing for the WorstIoT Security - Preparing for the Worst
IoT Security - Preparing for the WorstSatria Ady Pradana
 
GreyNoise - Lowering Signal To Noise
GreyNoise - Lowering Signal To NoiseGreyNoise - Lowering Signal To Noise
GreyNoise - Lowering Signal To NoiseAndrew Morris
 
Hacking your Android (slides)
Hacking your Android (slides)Hacking your Android (slides)
Hacking your Android (slides)Justin Hoang
 
Advanced Persistent Threats
Advanced Persistent ThreatsAdvanced Persistent Threats
Advanced Persistent ThreatsESET
 
Is Anti-Virus Dead?
Is Anti-Virus Dead?Is Anti-Virus Dead?
Is Anti-Virus Dead?ESET
 
Dark Insight: the Basic of Security - Alexander Obozinskiy
Dark Insight: the Basic of Security - Alexander ObozinskiyDark Insight: the Basic of Security - Alexander Obozinskiy
Dark Insight: the Basic of Security - Alexander ObozinskiyRuby Meditation
 
Android system security
Android system securityAndroid system security
Android system securityChong-Kuan Chen
 
Let’s play the game. Yet another way to perform penetration test. Russian “re...
Let’s play the game. Yet another way to perform penetration test. Russian “re...Let’s play the game. Yet another way to perform penetration test. Russian “re...
Let’s play the game. Yet another way to perform penetration test. Russian “re...Kirill Ermakov
 
[Wroclaw #2] iOS Security - 101
[Wroclaw #2] iOS Security - 101[Wroclaw #2] iOS Security - 101
[Wroclaw #2] iOS Security - 101OWASP
 
iOS Forensics: Overcoming iPhone Data Protection
iOS Forensics: Overcoming iPhone Data ProtectioniOS Forensics: Overcoming iPhone Data Protection
iOS Forensics: Overcoming iPhone Data ProtectionAndrey Belenko
 
Ch 12: Cryptography
Ch 12: CryptographyCh 12: Cryptography
Ch 12: CryptographySam Bowne
 
CISSP Prep: Ch 4. Security Engineering (Part 2)
CISSP Prep: Ch 4. Security Engineering (Part 2)CISSP Prep: Ch 4. Security Engineering (Part 2)
CISSP Prep: Ch 4. Security Engineering (Part 2)Sam Bowne
 

Weitere ähnliche Inhalte

Was ist angesagt?

Beginners guide on how to start exploring IoT 2nd session
Beginners guide on how to start exploring IoT 2nd sessionBeginners guide on how to start exploring IoT 2nd session
Beginners guide on how to start exploring IoT 2nd sessionveerababu penugonda(Mr-IoT)
 
Tracking Exploit Kits - Virus Bulletin 2016
Tracking Exploit Kits - Virus Bulletin 2016Tracking Exploit Kits - Virus Bulletin 2016
Tracking Exploit Kits - Virus Bulletin 2016John Bambenek
 
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoTCSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoTCanSecWest
 
A (not-so-quick) Primer on iOS Encryption David Schuetz - NCC Group
A (not-so-quick) Primer on iOS Encryption David Schuetz - NCC GroupA (not-so-quick) Primer on iOS Encryption David Schuetz - NCC Group
A (not-so-quick) Primer on iOS Encryption David Schuetz - NCC GroupEC-Council
 
Hunting on the Cheap
Hunting on the CheapHunting on the Cheap
Hunting on the CheapEndgameInc
 
Learn Ethical Hacking With Kali Linux | Ethical Hacking Tutorial | Kali Linux...
Learn Ethical Hacking With Kali Linux | Ethical Hacking Tutorial | Kali Linux...Learn Ethical Hacking With Kali Linux | Ethical Hacking Tutorial | Kali Linux...
Learn Ethical Hacking With Kali Linux | Ethical Hacking Tutorial | Kali Linux...Edureka!
 
Android Hacking + Pentesting
Android Hacking + Pentesting Android Hacking + Pentesting
Android Hacking + Pentesting Sina Manavi
 
IoT Security - Preparing for the Worst
IoT Security - Preparing for the WorstIoT Security - Preparing for the Worst
IoT Security - Preparing for the WorstSatria Ady Pradana
 
GreyNoise - Lowering Signal To Noise
GreyNoise - Lowering Signal To NoiseGreyNoise - Lowering Signal To Noise
GreyNoise - Lowering Signal To NoiseAndrew Morris
 
Hacking your Android (slides)
Hacking your Android (slides)Hacking your Android (slides)
Hacking your Android (slides)Justin Hoang
 
Advanced Persistent Threats
Advanced Persistent ThreatsAdvanced Persistent Threats
Advanced Persistent ThreatsESET
 
Is Anti-Virus Dead?
Is Anti-Virus Dead?Is Anti-Virus Dead?
Is Anti-Virus Dead?ESET
 
Dark Insight: the Basic of Security - Alexander Obozinskiy
Dark Insight: the Basic of Security - Alexander ObozinskiyDark Insight: the Basic of Security - Alexander Obozinskiy
Dark Insight: the Basic of Security - Alexander ObozinskiyRuby Meditation
 
Let’s play the game. Yet another way to perform penetration test. Russian “re...
Let’s play the game. Yet another way to perform penetration test. Russian “re...Let’s play the game. Yet another way to perform penetration test. Russian “re...
Let’s play the game. Yet another way to perform penetration test. Russian “re...Kirill Ermakov
 
[Wroclaw #2] iOS Security - 101
[Wroclaw #2] iOS Security - 101[Wroclaw #2] iOS Security - 101
[Wroclaw #2] iOS Security - 101OWASP
 
iOS Forensics: Overcoming iPhone Data Protection
iOS Forensics: Overcoming iPhone Data ProtectioniOS Forensics: Overcoming iPhone Data Protection
iOS Forensics: Overcoming iPhone Data ProtectionAndrey Belenko
 

Was ist angesagt? (20)

Beginners guide on how to start exploring IoT 2nd session
Beginners guide on how to start exploring IoT 2nd sessionBeginners guide on how to start exploring IoT 2nd session
Beginners guide on how to start exploring IoT 2nd session
 
Firmware analysis 101
Firmware analysis 101Firmware analysis 101
Firmware analysis 101
 
IoT security zigbee -- Null Meet bangalore
IoT security zigbee -- Null Meet bangaloreIoT security zigbee -- Null Meet bangalore
IoT security zigbee -- Null Meet bangalore
 
Tracking Exploit Kits - Virus Bulletin 2016
Tracking Exploit Kits - Virus Bulletin 2016Tracking Exploit Kits - Virus Bulletin 2016
Tracking Exploit Kits - Virus Bulletin 2016
 
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoTCSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
 
A (not-so-quick) Primer on iOS Encryption David Schuetz - NCC Group
A (not-so-quick) Primer on iOS Encryption David Schuetz - NCC GroupA (not-so-quick) Primer on iOS Encryption David Schuetz - NCC Group
A (not-so-quick) Primer on iOS Encryption David Schuetz - NCC Group
 
Hunting on the Cheap
Hunting on the CheapHunting on the Cheap
Hunting on the Cheap
 
Learn Ethical Hacking With Kali Linux | Ethical Hacking Tutorial | Kali Linux...
Learn Ethical Hacking With Kali Linux | Ethical Hacking Tutorial | Kali Linux...Learn Ethical Hacking With Kali Linux | Ethical Hacking Tutorial | Kali Linux...
Learn Ethical Hacking With Kali Linux | Ethical Hacking Tutorial | Kali Linux...
 
Network Security Tools
Network Security ToolsNetwork Security Tools
Network Security Tools
 
Android Hacking + Pentesting
Android Hacking + Pentesting Android Hacking + Pentesting
Android Hacking + Pentesting
 
IoT Security - Preparing for the Worst
IoT Security - Preparing for the WorstIoT Security - Preparing for the Worst
IoT Security - Preparing for the Worst
 
GreyNoise - Lowering Signal To Noise
GreyNoise - Lowering Signal To NoiseGreyNoise - Lowering Signal To Noise
GreyNoise - Lowering Signal To Noise
 
Hacking your Android (slides)
Hacking your Android (slides)Hacking your Android (slides)
Hacking your Android (slides)
 
Advanced Persistent Threats
Advanced Persistent ThreatsAdvanced Persistent Threats
Advanced Persistent Threats
 
Is Anti-Virus Dead?
Is Anti-Virus Dead?Is Anti-Virus Dead?
Is Anti-Virus Dead?
 
Dark Insight: the Basic of Security - Alexander Obozinskiy
Dark Insight: the Basic of Security - Alexander ObozinskiyDark Insight: the Basic of Security - Alexander Obozinskiy
Dark Insight: the Basic of Security - Alexander Obozinskiy
 
Android system security
Android system securityAndroid system security
Android system security
 
Let’s play the game. Yet another way to perform penetration test. Russian “re...
Let’s play the game. Yet another way to perform penetration test. Russian “re...Let’s play the game. Yet another way to perform penetration test. Russian “re...
Let’s play the game. Yet another way to perform penetration test. Russian “re...
 
[Wroclaw #2] iOS Security - 101
[Wroclaw #2] iOS Security - 101[Wroclaw #2] iOS Security - 101
[Wroclaw #2] iOS Security - 101
 
iOS Forensics: Overcoming iPhone Data Protection
iOS Forensics: Overcoming iPhone Data ProtectioniOS Forensics: Overcoming iPhone Data Protection
iOS Forensics: Overcoming iPhone Data Protection
 

Ähnlich wie Aes jul-upload

Ch 12: Cryptography
Ch 12: CryptographyCh 12: Cryptography
Ch 12: CryptographySam Bowne
 
CISSP Prep: Ch 4. Security Engineering (Part 2)
CISSP Prep: Ch 4. Security Engineering (Part 2)CISSP Prep: Ch 4. Security Engineering (Part 2)
CISSP Prep: Ch 4. Security Engineering (Part 2)Sam Bowne
 
How to do Cryptography right in Android Part One
How to do Cryptography right in Android Part OneHow to do Cryptography right in Android Part One
How to do Cryptography right in Android Part OneArash Ramez
 
CNIT 141: 3. Cryptographic Security
CNIT 141: 3. Cryptographic SecurityCNIT 141: 3. Cryptographic Security
CNIT 141: 3. Cryptographic SecuritySam Bowne
 
3. Cryptographic Security
3. Cryptographic Security3. Cryptographic Security
3. Cryptographic SecuritySam Bowne
 
CNIT 125 Ch 4. Security Engineering (Part 2)
CNIT 125 Ch 4. Security Engineering (Part 2)CNIT 125 Ch 4. Security Engineering (Part 2)
CNIT 125 Ch 4. Security Engineering (Part 2)Sam Bowne
 
CompTIASecPLUS-Part6 - UnlimitedEdited.pptx
CompTIASecPLUS-Part6 - UnlimitedEdited.pptxCompTIASecPLUS-Part6 - UnlimitedEdited.pptx
CompTIASecPLUS-Part6 - UnlimitedEdited.pptxmohedkhadar60
 
Normalizing Empire's Traffic to Evade Anomaly-Based IDS
Normalizing Empire's Traffic to Evade Anomaly-Based IDSNormalizing Empire's Traffic to Evade Anomaly-Based IDS
Normalizing Empire's Traffic to Evade Anomaly-Based IDSUtku Sen
 
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptxUNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptxssuserd5e356
 
CNIT 123 12: Cryptography
CNIT 123 12: CryptographyCNIT 123 12: Cryptography
CNIT 123 12: CryptographySam Bowne
 
Track 5 session 2 - st dev con 2016 - security iot best practices
Track 5 session 2 - st dev con 2016 - security iot best practicesTrack 5 session 2 - st dev con 2016 - security iot best practices
Track 5 session 2 - st dev con 2016 - security iot best practicesST_World
 
Information Security Lesson 8 - Cryptography - Eric Vanderburg
Information Security Lesson 8 - Cryptography - Eric VanderburgInformation Security Lesson 8 - Cryptography - Eric Vanderburg
Information Security Lesson 8 - Cryptography - Eric VanderburgEric Vanderburg
 
Chapter 8 cryptography lanjutan
Chapter 8 cryptography lanjutanChapter 8 cryptography lanjutan
Chapter 8 cryptography lanjutannewbie2019
 
CNIT 141: 1. Encryption
CNIT 141: 1. EncryptionCNIT 141: 1. Encryption
CNIT 141: 1. EncryptionSam Bowne
 

Ähnlich wie Aes jul-upload (20)

Ch 12: Cryptography
Ch 12: CryptographyCh 12: Cryptography
Ch 12: Cryptography
 
CISSP Prep: Ch 4. Security Engineering (Part 2)
CISSP Prep: Ch 4. Security Engineering (Part 2)CISSP Prep: Ch 4. Security Engineering (Part 2)
CISSP Prep: Ch 4. Security Engineering (Part 2)
 
How to do Cryptography right in Android Part One
How to do Cryptography right in Android Part OneHow to do Cryptography right in Android Part One
How to do Cryptography right in Android Part One
 
CNIT 141: 3. Cryptographic Security
CNIT 141: 3. Cryptographic SecurityCNIT 141: 3. Cryptographic Security
CNIT 141: 3. Cryptographic Security
 
3. Cryptographic Security
3. Cryptographic Security3. Cryptographic Security
3. Cryptographic Security
 
CNIT 125 Ch 4. Security Engineering (Part 2)
CNIT 125 Ch 4. Security Engineering (Part 2)CNIT 125 Ch 4. Security Engineering (Part 2)
CNIT 125 Ch 4. Security Engineering (Part 2)
 
CompTIASecPLUS-Part6 - UnlimitedEdited.pptx
CompTIASecPLUS-Part6 - UnlimitedEdited.pptxCompTIASecPLUS-Part6 - UnlimitedEdited.pptx
CompTIASecPLUS-Part6 - UnlimitedEdited.pptx
 
Cryptology - The practice and study of hiding information
Cryptology - The practice and study of hiding informationCryptology - The practice and study of hiding information
Cryptology - The practice and study of hiding information
 
Crypto academy
Crypto academyCrypto academy
Crypto academy
 
Normalizing Empire's Traffic to Evade Anomaly-Based IDS
Normalizing Empire's Traffic to Evade Anomaly-Based IDSNormalizing Empire's Traffic to Evade Anomaly-Based IDS
Normalizing Empire's Traffic to Evade Anomaly-Based IDS
 
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptxUNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
 
Security.ppt
Security.pptSecurity.ppt
Security.ppt
 
CNIT 123 12: Cryptography
CNIT 123 12: CryptographyCNIT 123 12: Cryptography
CNIT 123 12: Cryptography
 
Track 5 session 2 - st dev con 2016 - security iot best practices
Track 5 session 2 - st dev con 2016 - security iot best practicesTrack 5 session 2 - st dev con 2016 - security iot best practices
Track 5 session 2 - st dev con 2016 - security iot best practices
 
Symmetric encryption
Symmetric encryptionSymmetric encryption
Symmetric encryption
 
nabdullin_brcrdu_dark
nabdullin_brcrdu_darknabdullin_brcrdu_dark
nabdullin_brcrdu_dark
 
Information Security Lesson 8 - Cryptography - Eric Vanderburg
Information Security Lesson 8 - Cryptography - Eric VanderburgInformation Security Lesson 8 - Cryptography - Eric Vanderburg
Information Security Lesson 8 - Cryptography - Eric Vanderburg
 
Chapter 8 cryptography lanjutan
Chapter 8 cryptography lanjutanChapter 8 cryptography lanjutan
Chapter 8 cryptography lanjutan
 
CNIT 141: 1. Encryption
CNIT 141: 1. EncryptionCNIT 141: 1. Encryption
CNIT 141: 1. Encryption
 
Slidecast - Workshop
Slidecast - WorkshopSlidecast - Workshop
Slidecast - Workshop
 

Mehr von Setia Juli Irzal Ismail

Panduan Proyek Akhir D3 Teknologi Komputer Telkom University
Panduan Proyek Akhir D3 Teknologi Komputer Telkom UniversityPanduan Proyek Akhir D3 Teknologi Komputer Telkom University
Panduan Proyek Akhir D3 Teknologi Komputer Telkom UniversitySetia Juli Irzal Ismail
 

Mehr von Setia Juli Irzal Ismail (20)

slide-share.pdf
slide-share.pdfslide-share.pdf
slide-share.pdf
 
slide-lp3i-final.pdf
slide-lp3i-final.pdfslide-lp3i-final.pdf
slide-lp3i-final.pdf
 
society50-jul-share.pdf
society50-jul-share.pdfsociety50-jul-share.pdf
society50-jul-share.pdf
 
57 slide presentation
57 slide presentation57 slide presentation
57 slide presentation
 
Panduan Proyek Akhir D3 Teknologi Komputer Telkom University
Panduan Proyek Akhir D3 Teknologi Komputer Telkom UniversityPanduan Proyek Akhir D3 Teknologi Komputer Telkom University
Panduan Proyek Akhir D3 Teknologi Komputer Telkom University
 
Sosialisasi kurikulum2020
Sosialisasi kurikulum2020Sosialisasi kurikulum2020
Sosialisasi kurikulum2020
 
Welcoming maba 2020
Welcoming maba 2020Welcoming maba 2020
Welcoming maba 2020
 
Slide jul apcert agm 2016
Slide jul apcert agm 2016Slide jul apcert agm 2016
Slide jul apcert agm 2016
 
Tugas besar MK Keamanan Jaringan
Tugas besar MK Keamanan Jaringan Tugas besar MK Keamanan Jaringan
Tugas besar MK Keamanan Jaringan
 
05 wireless
05 wireless05 wireless
05 wireless
 
04 sniffing
04 sniffing04 sniffing
04 sniffing
 
03 keamanan password
03 keamanan password03 keamanan password
03 keamanan password
 
02 teknik penyerangan
02 teknik penyerangan02 teknik penyerangan
02 teknik penyerangan
 
01a pengenalan keamanan jaringan upload
01a pengenalan keamanan jaringan upload01a pengenalan keamanan jaringan upload
01a pengenalan keamanan jaringan upload
 
Kajian3 upload
Kajian3 uploadKajian3 upload
Kajian3 upload
 
1.pendahuluan sistem operasi
1.pendahuluan sistem operasi1.pendahuluan sistem operasi
1.pendahuluan sistem operasi
 
10 tk3193-ids
10 tk3193-ids10 tk3193-ids
10 tk3193-ids
 
09 vpn
09 vpn 09 vpn
09 vpn
 
17. representasi data 5 jul
17. representasi data 5 jul17. representasi data 5 jul
17. representasi data 5 jul
 
16. representasi data 4 jul
16. representasi data 4 jul16. representasi data 4 jul
16. representasi data 4 jul
 

Kürzlich hochgeladen

4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptxmary850239
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxHumphrey A Beña
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4MiaBumagat1
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSJoshuaGantuangco2
 
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptx
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptxMusic 9 - 4th quarter - Vocal Music of the Romantic Period.pptx
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptxleah joy valeriano
 
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...Postal Advocate Inc.
 
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...Nguyen Thanh Tu Collection
 
Transaction Management in Database Management System
Transaction Management in Database Management SystemTransaction Management in Database Management System
Transaction Management in Database Management SystemChristalin Nelson
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatYousafMalik24
 
Choosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for ParentsChoosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for Parentsnavabharathschool99
 
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfGrade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfJemuel Francisco
 
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxBarangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxCarlos105
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfTechSoup
 
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptxAUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptxiammrhaywood
 
Karra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptxKarra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptxAshokKarra1
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPCeline George
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management systemChristalin Nelson
 
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Celine George
 

Kürzlich hochgeladen (20)

4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
 
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptx
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptxMusic 9 - 4th quarter - Vocal Music of the Romantic Period.pptx
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptx
 
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
 
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
 
Transaction Management in Database Management System
Transaction Management in Database Management SystemTransaction Management in Database Management System
Transaction Management in Database Management System
 
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptxLEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice great
 
Choosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for ParentsChoosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for Parents
 
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfGrade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
 
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxBarangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
 
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptxAUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
 
Raw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptxRaw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptx
 
Karra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptxKarra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptx
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERP
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management system
 
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
 

Aes jul-upload

  • 1. Symmetric Key Cryptography Setia Juli Irzal Ismail ID-CERT – Telkom University
  • 2. 1. Introduction 2. Introduction about AES 3. Attack in Symmetric Cryptography 4. Cryptography in Malware 5. Discussion
  • 3. Introduction • Setia Juli Irzal Ismail • Jul Ismail • Malware Analyst – ID-CERT • Lecturer – Telkom University www.cert.or.id/
  • 4. ID-CERT • Indonesia Computer Emergency Response Team • 1998 – Dr. Budi Rahardjo • Community based • Incident Handling • Malware Lab • Research & Training about Malware • Tools: Malware Scanner • Founder AP-CERT: JP-CERT & AusCERT www.cert.or.id/
  • 5. Indonesia • South East Asia • 7th largest Country – • 1,904,569 square km2 • Archipelago • 13000 Islands • 4th: Population; 261 million • 700 local language
  • 6. AES
  • 7. AES • Advanced Encryption Standard (AES) was published by the National Institute of Standards and Technology (NIST) in 2001. • NIST is a Agency in USA; measurement standard Laboratory • replace DES (Data Encryption Standard) – 1977 (IBM) • have theoretical attacks that can break it • have demonstrated exhaustive key search attacks • slow www.cert.or.id
  • 8. Selection Process • US NIST issued call for ciphers in 1997 • Open Competition • 15 candidates accepted in Jun 98 • investigated by cryptographers; • Security, • performance in different PC architecture • Implementation in limited environment (smart cards limited memory, low gate count implementations, FPGAs)
  • 9. Finalist • 1999: 5 Finalist • MARS, RC6, Rijndael, Serpent, and Twofish. • 2000: Rijndael • official standard by publishing an announcement in the Federal Document • Positive comment for opennes from the community • Bruce Schneier (Twofish) “I have nothing but good things to say about NIST and the AES process“ www.cert.or.id
  • 10. Rijndael • developed by two Belgian cryptographers, • Vincent Rijmen and Joan Daemen, • all operations are performed on 8-bit • Finite Field Arithmetic • each with a block size of 128 bits, but three different key lengths: 128, 192 and 256 bits • Substitution & Permutation • Repetition 10 round for 128 bit keys, 12 à 192; 14 à256
  • 11. Encryption process 1. Plaintext data to be encrypted 2. Static bytes that are part of the algorithm (lookup table) 3. The key used for encryption www.cert.or.id
  • 12. Encryption process • Substitution & Permutation • Add key • Shift rows • Substituting bytes • Mix columns • Repetition 10 round for 128 bit keys, 12 à 192; 14 à256 www.cert.or.id
  • 13. Implementation • RAR, Winzip, 7z • NTFS • Bitlocker, Truecrypt • IEEE 802.11 Wireless • Whatsapp, Facebook Messenger • IPSec à VPN • GPG à • Intel & AMD Processor • Grand Theft Auto
  • 15. Bruteforce • Trying all possible combination • =exhaustive key search • Needs big computing power & energy • 128 bit key AES à1,02 x1018 years • 256-bit à 3,31 x 1056 years • billions of years to brute force • Supercomputer www.cert.or.id
  • 16. Attack - Cryptanalyst • 2002; XSL attack; • Theoretical attack ; Courtois and Pieprzyk à unworkable • 2009: Alex Biryukov, Dmitry Khovratovich, and Ivica Nikolić, • 2011; Bogdanov, Khovratovich, and Rechberger, • Snowden; NSA doing research on attack based on TAU statistic • Without key à No success (if AES correctly implemented)
  • 17. Side Channel Attack • Not on cipher text • find a weakness in the implementation • Hardware/software • measure power consumption, electromagnetic emissions, and heat generation • requires physical access to the target device. www.cert.or.id
  • 18. Success story • 2005: Bernstein ; cache-timing attackà OpenSSL • number of machine cycles taken by the encryption operation • 2009: DFA (Differential Fault Analysis) à hardware (key recovery) • Smart Card à embedded processor ; • Overclocking, high temperature à false output
  • 21. Crypto implementation in malware • Encrypt the source code à difficult to reverse • Encrypt the comunication to C&C server • Ransomware
  • 22. Ransomware • Malware encrypt your data • Ask ransom (money) • Different crypto algorithm • Most common : asymmetric encryption www.cert.or.id
  • 23. Ransomware-File obfuscation • move or hide targeted files; • show ransom message • Reverse the code à hide the file
  • 24. Custom crypto • Algorithm to encrypt the file • XOR the file • Algorithm is the key • Reverse the steps www.cert.or.id
  • 25. MBR rewriting • Master Boot Record • Rewrite MBR à require password or number • Force reboot a computer à before windows load à ransom message • reversing the serial or password validation algorithm: MBR • Keygen
  • 26. Asymmetric – modern ransomware 1. dynamically generates the keys locally • Sends to C&C server à client ID • Keys are not identical 2. Keys are generated by author • Preloaded in the ransomware • Key are static • Someone get the key, • Share the key www.cert.or.id
  • 27. Dynamic generated keys • Analyse memory dump for file recovery • cryptanalyst • Intercept the transfer and generation of the keys
  • 28. Ransomware Algorithm • AES • RSA • Blowfish • etc www.cert.or.id
  • 29. Shione Ransomware case • C# • Keys are embedded in the ransomware • RSA & AES • AES à encrypt victim files • AES Key à RSA • Public Key RSA embedded in the malware
  • 30. Reference • William, S., & Stalling, C. (2006). Network Security, 4/E. • Malware analysis report, ID-CERT
  • 31. Terima Kasih jul [at] tass.telkomuniversity.ac.id jul_ismail Blog: julismail.staff.telkomuniversity.ac.id www.cert.or.id/