SlideShare ist ein Scribd-Unternehmen logo

Password Storage Sucks!

nerdybeardo
nerdybeardo

Password storage strategies

TechnologieBildung
1 von 35
Downloaden Sie, um offline zu lesen
Password Storage Sucks! How to properly store passwords in your database
Legal Disclaimers… Disclaimer 1: I make no guarantees about beard length. But a beard will always be attached to this sexy face. Disclaimer 2 I curse, frequently… sorry Disclaimer 3 Opinions are my own. Advice provided with no warranty. If you go back and implement an algorithm I told you to implement you do so at your own risk. In other words … Don’t come crying to me on twitter
Oh yeah… twitter … @nerdybeardo http://www.nerdybeardo.com
Who am I? • I am Software architect on the .NET Stack • I study cryptography for fun (WTF?!?) • I study application security but not for fun… it’s scary • Most of my life is spent on a keyboard with the following exceptions… • I managed to get married… • And against all odds… I somehow was able to pass on my genes
Credentials…. • I have none… • Except I have a beard… • And because it’s so awesome people pay me a boat load of money to fix their shit • Wait I lied… I’m a certified Scrum master • Or as my clients call me… The Scum Master • I’ve also been called Dragon Master
How to approach this talk •Don’t just look at this as a talk on password storage •Look at the approach we’re taking to secure our passwords •Use the same type of approach for all your PII Data
Why are we here? •Because developers suck at security! •And our users are paying for our suckiness!
How many people know what Angular is?
How many people know what a CSRF is? • How important CSRF is becoming because of single page sites? • Do you know why it’s dangerous to allow your API’s to be hit as GET requests? • Are you protecting your API’s with request forgery tokens? • In other words CSRF is much more dangerous because of the use of frameworks like Angular with a REST API, yet it’s rarely brought up as a topic.
I’m dizzy please stop! • The amount of new frameworks coming out is dizzying • We are WAY too focused on frameworks, and tools, and the next thing that’s going to make our site look super awesome.
Newsflash! • Using Angular isn’t going to make you cool! (Is it still ok to say the word cool?) • We will still be nerds. (or in my case Nerdy) • There is going to be a new framework tomorrow. • Your apps will still be broken!
Do you know who this is?
Game Theory Player1 Player 2 Hawk Dove Dov e Hawk 0,V V,0
Wild Wild West… • The internet is the Wild Wild West • “Cost” of playing hawk on the internet has gone down tremendously • 17 year old in Eastern Europe can be the cause of 40 million credit cards being stolen from Target
Pshhhhhh…. “People will get their money back if my shit is owned, I don’t care…”
Yeah except… People in this room control… •Health Records •Financial data •Legal Data •Buying habits •Most people use the same passwords for all their sites
Oh the things I’ve seen…. •Password stored only as hash values •User tables susceptible to SQL Injection attacks •Backdoor “master” password access to all users •“Encrypted” in the famous base64 encryption algorithm •“Encrypted” in the famous plaintext algorithm •No Password - How’s anybody going to get to this admin page? Nobody knows the URL…
So you think you’re secure…
Not the kind of hash you may be used to Blast From the Past College Professor’s told me.. I can use a hash function to “map” my data to a “bucket” Mainly used in hash tables System.Collections.HashTable System.Collections.Generic.Dictiona ry Fast storage and retrieval (ooooh yeah) Example I have Bins buckets and 100 apples. I want to spread them evenly to all my bins. h(x) = x mod 10
Why Not Encryption? H(x) = x mod 10
This ain’t yo mama’s Hash function Use cryptographically secure hash functions for passwords • It should be hard given h(m) to find m’ such that h(m’) = h(m) (pre-image resistance) • Should be difficult given a message m with hash h(m) to find a message m’ != m and h(m) = h(m’) (second pre-image) • It should be difficult to find two messages m and m’ where h(m) = h(m’) • Preferable to have a property called the avalanche effect • 1 bit difference causes at least 50% of the following bits to change
Merkle Damgard Construction
We still have some problems Fact of life: All cryptographic hash functions are susceptible to collisions. • I’m lazy… so here’s my rule of thumb • Take the output size of the hash algorithm and divide by 2 and our security level is 2^n • Search Wikipedia for Birthday paradox for the proper math
Merriam Webster I Shake My Fist At You! • Forget all the theory…. • We can just pre-hash a dictionary and match the hash to the original value. (Rainbow Tables)
Rainbow Connection Rank Password MD5 SHA1 1123456 e10adc3949ba59abbe56e057f20f88 3e 7c4a8d09ca3762af61e59520943dc26494f89 41b 212345 827ccb0eea8a706c4c34a16891f84e 7b 8cb2237d0679ca88db6464eac60da96345513 964 3123456789 25f9e794323b453885f5181f1b624d0 b f7c3bc1d808e04732adf679965ccc34ca7ae34 41 4Password dc647eb65e6711e155375218212b39 64 8be3c943b1609fffbfc51aad666d0a04adf83c9 d 5iloveyou f25a2fc72690b780b2a14e140ef6a9e 0 ee8d8728f435fd550f83852aabab5234ce1da5 28 6princess 8afa847f50a716e64932d995c8e743 5a 775bb961b81da1ca49217a48e533c832c3371 54a 7rockyou f806fc5a2a0d5ba247160075845279 9c f1cf651ce1a2191a760c0b2f161234f7958e26 e4 81234567 fcea920f7412b5da7be0cf42b8c9375 9 20eabe5d64b0e216796e834f52d61fd0b7033 2fc 25d55ad283aa400af464c76d713c07 7c222fb2927d828af22f592134e8932480637c
mmmm…. Salty • To get around the problem of rainbow tables add a random salt • Don’t just use random text! I see this time and time again. • Use Random bytes and add to the password before hashing • Generate with System.Security.Cryptography.RNGCryptoServiceProvider • PHP openssl_random_pseudo_bytes • Ruby: OpenSSL::Random • Longer and more random is better • Store the salt in a field in your db along with the username and password hash (can be unencrypted) • PasswordField == Hash(saltBytes + GetBytes(passwordEntered))
Salty Hash is good but not that good… • Most cryptographic hash algorithms are made to perform over large files, so they are really fast • My PC (Core i7 3930k) can do almost 360 Mb/s for SHA-1 • So we can generate rainbow tables on the fly from password databases • Need to slow it down! So we’ll introduce a work factor • Work factor tells the algorithm how much “work” to perform • As computers get faster increase the work factor and re-hash as users log in • Good examples are BCrypt, SCrypt, PBKDF2
PBKDF2 PROS •Uses standard Hash Functions •Takes Salt •Comes Standard in Many Frameworks (Rfc2898DeriveBytes) CONS • Possible to mis-configure if using anything other than the standard Hash • Standards for work factor are really unknown • Can be attacked using GPU Array • Can be attacked using FPGA Array
BCrypt PROS • Very Old! • Open Source! • Has been used in many secure software programs • Much Easier to Configure and use •Salt, Iteration and Hash stored as one field • Difficult to brute force on GPU CONS • Open Source • Memory requirements make it vulnerable to things like FPGA
SCRYPT PROS •Open Source •Much Easier to Configure and use •Salt, Iteration and Hash stored as one field • Difficult to brute force on GPU CONS • Relatively new • Open Source • Good implementations are harder to find
OMG WTF Am I gonna do? • If you’re not using a salted hash update all passwords with a more secure algorithm. BCrypt(MD5(Password)) and store a version (Version 1). • When a user logs in simply upgrade on successful login and save to a new version (Version 2). string function VerifyPassword(string input, string hash, int version) if version is 1 then input = md5(input) result = bcrypt.verifypassword(input, storedhash) if result is true and version is 1 then updatepassword(bcrypt(input,workfactor), 2) return result end
What if I don’t have a hash at all? • Even though you are less secure than someone who went through hashing you’re actually on an easier upgrade path • Simple compute the BCrypt hash (or whatever else you want to use) over your user database and store it back in the database • If you have a lot of users (> 100,000 users) this will take a long time, but you can take advantage of multi-threading and multiple cores. • Make your users change their password on first login
Other recommendations • My #1 Recommendation for password storage •DON’T • If you can get away with it use an open API like OpenID (google, facebook, yahoo etc..) this removes the liability from your code and is safer for your users. • If you can use a standard authentication mechanism such as Active Directory, or a corporate standard approved by your security team then use that instead. • Run your entire application under the least privileges you can get away with. • I highly recommend putting restrictions on which users are able to read the user table, segregate that table away from the rest of the database if possible and only allow a single user to have read access, and a single user that has write access.
Last thoughts… •Developers need to engage the Infosec community •OWASP Meeting’s •Local security meet ups!
Ok I’m done now… Follow me on twitter: @nerdybeardo Blog: http://www.nerdybeardo.com

Empfohlen

The Neural Search Frontier - Doug Turnbull, OpenSource Connections
The Neural Search Frontier - Doug Turnbull, OpenSource ConnectionsThe Neural Search Frontier - Doug Turnbull, OpenSource Connections
The Neural Search Frontier - Doug Turnbull, OpenSource ConnectionsLucidworks
 
Password Security
Password SecurityPassword Security
Password SecurityCSCJournals
 
Password War Games Webinar
Password War Games Webinar Password War Games Webinar
Password War Games Webinar nCircle - a Tripwire Company
 
Password (in)security
Password (in)securityPassword (in)security
Password (in)securityEnrico Zimuel
 
MMT 29: "Hab Dich!" -- Wie Angreifer ganz ohne JavaScript an Deine wertvollen...
MMT 29: "Hab Dich!" -- Wie Angreifer ganz ohne JavaScript an Deine wertvollen...MMT 29: "Hab Dich!" -- Wie Angreifer ganz ohne JavaScript an Deine wertvollen...
MMT 29: "Hab Dich!" -- Wie Angreifer ganz ohne JavaScript an Deine wertvollen...MMT - Multimediatreff
 
Top-Down? Bottom Up? A Survey of Hierarchical Design Methodologies
Top-Down? Bottom Up? A Survey of Hierarchical Design MethodologiesTop-Down? Bottom Up? A Survey of Hierarchical Design Methodologies
Top-Down? Bottom Up? A Survey of Hierarchical Design MethodologiesTrent McConaghy
 
Data exchange formats
Data exchange formatsData exchange formats
Data exchange formatsPrzemysław Kamiński
 
ProjectManagementSystemPaperFINAL
ProjectManagementSystemPaperFINALProjectManagementSystemPaperFINAL
ProjectManagementSystemPaperFINALKaren Carter
 

Empfohlen

The Neural Search Frontier - Doug Turnbull, OpenSource Connections
The Neural Search Frontier - Doug Turnbull, OpenSource ConnectionsThe Neural Search Frontier - Doug Turnbull, OpenSource Connections
The Neural Search Frontier - Doug Turnbull, OpenSource ConnectionsLucidworks
 
Password Security
Password SecurityPassword Security
Password SecurityCSCJournals
 
Password War Games Webinar
Password War Games Webinar Password War Games Webinar
Password War Games Webinar nCircle - a Tripwire Company
 
Password (in)security
Password (in)securityPassword (in)security
Password (in)securityEnrico Zimuel
 
MMT 29: "Hab Dich!" -- Wie Angreifer ganz ohne JavaScript an Deine wertvollen...
MMT 29: "Hab Dich!" -- Wie Angreifer ganz ohne JavaScript an Deine wertvollen...MMT 29: "Hab Dich!" -- Wie Angreifer ganz ohne JavaScript an Deine wertvollen...
MMT 29: "Hab Dich!" -- Wie Angreifer ganz ohne JavaScript an Deine wertvollen...MMT - Multimediatreff
 
Top-Down? Bottom Up? A Survey of Hierarchical Design Methodologies
Top-Down? Bottom Up? A Survey of Hierarchical Design MethodologiesTop-Down? Bottom Up? A Survey of Hierarchical Design Methodologies
Top-Down? Bottom Up? A Survey of Hierarchical Design MethodologiesTrent McConaghy
 
Data exchange formats
Data exchange formatsData exchange formats
Data exchange formatsPrzemysław Kamiński
 
ProjectManagementSystemPaperFINAL
ProjectManagementSystemPaperFINALProjectManagementSystemPaperFINAL
ProjectManagementSystemPaperFINALKaren Carter
 
Techniques for password hashing and cracking
Techniques for password hashing and crackingTechniques for password hashing and cracking
Techniques for password hashing and crackingNipun Joshi
 
Data oriented design and c++
Data oriented design and c++Data oriented design and c++
Data oriented design and c++Mike Acton
 
Protect Your Payloads: Modern Keying Techniques
Protect Your Payloads: Modern Keying TechniquesProtect Your Payloads: Modern Keying Techniques
Protect Your Payloads: Modern Keying TechniquesLeo Loobeek
 
How to Use Cryptography Properly: The Common Mistakes People Make When Using ...
How to Use Cryptography Properly: The Common Mistakes People Make When Using ...How to Use Cryptography Properly: The Common Mistakes People Make When Using ...
How to Use Cryptography Properly: The Common Mistakes People Make When Using ...POSSCON
 
Workshop on Network Security
Workshop on Network SecurityWorkshop on Network Security
Workshop on Network SecurityUC San Diego
 
Open source security
Open source securityOpen source security
Open source securitylrigknat
 
The Web Application Hackers Toolchain
The Web Application Hackers ToolchainThe Web Application Hackers Toolchain
The Web Application Hackers Toolchainjasonhaddix
 
Django at Scale
Django at ScaleDjango at Scale
Django at Scalebretthoerner
 
BSides Hannover 2015 - Shell on Wheels
BSides Hannover 2015 - Shell on WheelsBSides Hannover 2015 - Shell on Wheels
BSides Hannover 2015 - Shell on Wheelsinfodox
 
Cryptography for developers
Cryptography for developersCryptography for developers
Cryptography for developersKai Koenig
 
How to Use Cryptography Properly: Common Mistakes People Make When Using Cry...
How to Use Cryptography Properly: Common Mistakes People Make When Using Cry...How to Use Cryptography Properly: Common Mistakes People Make When Using Cry...
How to Use Cryptography Properly: Common Mistakes People Make When Using Cry...All Things Open
 
Applied cryptanalysis - everything else
Applied cryptanalysis - everything elseApplied cryptanalysis - everything else
Applied cryptanalysis - everything elseVlad Garbuz
 
Vulnerability, exploit to metasploit
Vulnerability, exploit to metasploitVulnerability, exploit to metasploit
Vulnerability, exploit to metasploitTiago Henriques
 
P@ssw0rds
P@ssw0rdsP@ssw0rds
P@ssw0rdsWill Alexander
 
Hacknbeers sqli and cryptography
Hacknbeers sqli and cryptographyHacknbeers sqli and cryptography
Hacknbeers sqli and cryptographyMiguel Ibarra
 
Using Cryptography Properly in Applications
Using Cryptography Properly in ApplicationsUsing Cryptography Properly in Applications
Using Cryptography Properly in ApplicationsGreat Wide Open
 
Passwords good badugly181212-2
Passwords good badugly181212-2Passwords good badugly181212-2
Passwords good badugly181212-2Iftach Ian Amit
 
Ncku csie talk about Spark
Ncku csie talk about SparkNcku csie talk about Spark
Ncku csie talk about SparkGiivee The
 
A Technical Dive into Defensive Trickery
A Technical Dive into Defensive TrickeryA Technical Dive into Defensive Trickery
A Technical Dive into Defensive TrickeryDan Kaminsky
 
nabdullin_brcrdu_dark
nabdullin_brcrdu_darknabdullin_brcrdu_dark
nabdullin_brcrdu_darkNikita Abdullin
 
Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialJoão Esperancinha
 
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...BookNet Canada
 

Weitere ähnliche Inhalte

Ähnlich wie Password Storage Sucks!

Techniques for password hashing and cracking
Techniques for password hashing and crackingTechniques for password hashing and cracking
Techniques for password hashing and crackingNipun Joshi
 
Data oriented design and c++
Data oriented design and c++Data oriented design and c++
Data oriented design and c++Mike Acton
 
Protect Your Payloads: Modern Keying Techniques
Protect Your Payloads: Modern Keying TechniquesProtect Your Payloads: Modern Keying Techniques
Protect Your Payloads: Modern Keying TechniquesLeo Loobeek
 
How to Use Cryptography Properly: The Common Mistakes People Make When Using ...
How to Use Cryptography Properly: The Common Mistakes People Make When Using ...How to Use Cryptography Properly: The Common Mistakes People Make When Using ...
How to Use Cryptography Properly: The Common Mistakes People Make When Using ...POSSCON
 
Workshop on Network Security
Workshop on Network SecurityWorkshop on Network Security
Workshop on Network SecurityUC San Diego
 
Open source security
Open source securityOpen source security
Open source securitylrigknat
 
The Web Application Hackers Toolchain
The Web Application Hackers ToolchainThe Web Application Hackers Toolchain
The Web Application Hackers Toolchainjasonhaddix
 
BSides Hannover 2015 - Shell on Wheels
BSides Hannover 2015 - Shell on WheelsBSides Hannover 2015 - Shell on Wheels
BSides Hannover 2015 - Shell on Wheelsinfodox
 
Cryptography for developers
Cryptography for developersCryptography for developers
Cryptography for developersKai Koenig
 
How to Use Cryptography Properly: Common Mistakes People Make When Using Cry...
How to Use Cryptography Properly: Common Mistakes People Make When Using Cry...How to Use Cryptography Properly: Common Mistakes People Make When Using Cry...
How to Use Cryptography Properly: Common Mistakes People Make When Using Cry...All Things Open
 
Applied cryptanalysis - everything else
Applied cryptanalysis - everything elseApplied cryptanalysis - everything else
Applied cryptanalysis - everything elseVlad Garbuz
 
Vulnerability, exploit to metasploit
Vulnerability, exploit to metasploitVulnerability, exploit to metasploit
Vulnerability, exploit to metasploitTiago Henriques
 
Hacknbeers sqli and cryptography
Hacknbeers sqli and cryptographyHacknbeers sqli and cryptography
Hacknbeers sqli and cryptographyMiguel Ibarra
 
Using Cryptography Properly in Applications
Using Cryptography Properly in ApplicationsUsing Cryptography Properly in Applications
Using Cryptography Properly in ApplicationsGreat Wide Open
 
Passwords good badugly181212-2
Passwords good badugly181212-2Passwords good badugly181212-2
Passwords good badugly181212-2Iftach Ian Amit
 
Ncku csie talk about Spark
Ncku csie talk about SparkNcku csie talk about Spark
Ncku csie talk about SparkGiivee The
 
A Technical Dive into Defensive Trickery
A Technical Dive into Defensive TrickeryA Technical Dive into Defensive Trickery
A Technical Dive into Defensive TrickeryDan Kaminsky
 

Ähnlich wie Password Storage Sucks! (20)

Techniques for password hashing and cracking
Techniques for password hashing and crackingTechniques for password hashing and cracking
Techniques for password hashing and cracking
 
Data oriented design and c++
Data oriented design and c++Data oriented design and c++
Data oriented design and c++
 
Protect Your Payloads: Modern Keying Techniques
Protect Your Payloads: Modern Keying TechniquesProtect Your Payloads: Modern Keying Techniques
Protect Your Payloads: Modern Keying Techniques
 
How to Use Cryptography Properly: The Common Mistakes People Make When Using ...
How to Use Cryptography Properly: The Common Mistakes People Make When Using ...How to Use Cryptography Properly: The Common Mistakes People Make When Using ...
How to Use Cryptography Properly: The Common Mistakes People Make When Using ...
 
Workshop on Network Security
Workshop on Network SecurityWorkshop on Network Security
Workshop on Network Security
 
Open source security
Open source securityOpen source security
Open source security
 
The Web Application Hackers Toolchain
The Web Application Hackers ToolchainThe Web Application Hackers Toolchain
The Web Application Hackers Toolchain
 
Django at Scale
Django at ScaleDjango at Scale
Django at Scale
 
BSides Hannover 2015 - Shell on Wheels
BSides Hannover 2015 - Shell on WheelsBSides Hannover 2015 - Shell on Wheels
BSides Hannover 2015 - Shell on Wheels
 
Cryptography for developers
Cryptography for developersCryptography for developers
Cryptography for developers
 
How to Use Cryptography Properly: Common Mistakes People Make When Using Cry...
How to Use Cryptography Properly: Common Mistakes People Make When Using Cry...How to Use Cryptography Properly: Common Mistakes People Make When Using Cry...
How to Use Cryptography Properly: Common Mistakes People Make When Using Cry...
 
Applied cryptanalysis - everything else
Applied cryptanalysis - everything elseApplied cryptanalysis - everything else
Applied cryptanalysis - everything else
 
Vulnerability, exploit to metasploit
Vulnerability, exploit to metasploitVulnerability, exploit to metasploit
Vulnerability, exploit to metasploit
 
P@ssw0rds
P@ssw0rdsP@ssw0rds
P@ssw0rds
 
Hacknbeers sqli and cryptography
Hacknbeers sqli and cryptographyHacknbeers sqli and cryptography
Hacknbeers sqli and cryptography
 
Using Cryptography Properly in Applications
Using Cryptography Properly in ApplicationsUsing Cryptography Properly in Applications
Using Cryptography Properly in Applications
 
Passwords good badugly181212-2
Passwords good badugly181212-2Passwords good badugly181212-2
Passwords good badugly181212-2
 
Ncku csie talk about Spark
Ncku csie talk about SparkNcku csie talk about Spark
Ncku csie talk about Spark
 
A Technical Dive into Defensive Trickery
A Technical Dive into Defensive TrickeryA Technical Dive into Defensive Trickery
A Technical Dive into Defensive Trickery
 
nabdullin_brcrdu_dark
nabdullin_brcrdu_darknabdullin_brcrdu_dark
nabdullin_brcrdu_dark
 

Kürzlich hochgeladen

Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialJoão Esperancinha
 
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...BookNet Canada
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...itnewsafrica
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfAarwolf Industries LLC
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...itnewsafrica
 
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...itnewsafrica
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
A Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxA Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxAna-Maria Mihalceanu
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integrationmarketing932765
 
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sectoritnewsafrica
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Karmanjay Verma
 

Kürzlich hochgeladen (20)

Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorial
 
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdf
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
 
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
A Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxA Glance At The Java Performance Toolbox
A Glance At The Java Performance Toolbox
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
 
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#
 

Password Storage Sucks!

  • 1. Password Storage Sucks! How to properly store passwords in your database
  • 2. Legal Disclaimers… Disclaimer 1: I make no guarantees about beard length. But a beard will always be attached to this sexy face. Disclaimer 2 I curse, frequently… sorry Disclaimer 3 Opinions are my own. Advice provided with no warranty. If you go back and implement an algorithm I told you to implement you do so at your own risk. In other words … Don’t come crying to me on twitter
  • 3. Oh yeah… twitter … @nerdybeardo http://www.nerdybeardo.com
  • 4. Who am I? • I am Software architect on the .NET Stack • I study cryptography for fun (WTF?!?) • I study application security but not for fun… it’s scary • Most of my life is spent on a keyboard with the following exceptions… • I managed to get married… • And against all odds… I somehow was able to pass on my genes
  • 5. Credentials…. • I have none… • Except I have a beard… • And because it’s so awesome people pay me a boat load of money to fix their shit • Wait I lied… I’m a certified Scrum master • Or as my clients call me… The Scum Master • I’ve also been called Dragon Master
  • 6. How to approach this talk •Don’t just look at this as a talk on password storage •Look at the approach we’re taking to secure our passwords •Use the same type of approach for all your PII Data
  • 7. Why are we here? •Because developers suck at security! •And our users are paying for our suckiness!
  • 8. How many people know what Angular is?
  • 9. How many people know what a CSRF is? • How important CSRF is becoming because of single page sites? • Do you know why it’s dangerous to allow your API’s to be hit as GET requests? • Are you protecting your API’s with request forgery tokens? • In other words CSRF is much more dangerous because of the use of frameworks like Angular with a REST API, yet it’s rarely brought up as a topic.
  • 10. I’m dizzy please stop! • The amount of new frameworks coming out is dizzying • We are WAY too focused on frameworks, and tools, and the next thing that’s going to make our site look super awesome.
  • 11. Newsflash! • Using Angular isn’t going to make you cool! (Is it still ok to say the word cool?) • We will still be nerds. (or in my case Nerdy) • There is going to be a new framework tomorrow. • Your apps will still be broken!
  • 12. Do you know who this is?
  • 13. Game Theory Player1 Player 2 Hawk Dove Dov e Hawk 0,V V,0
  • 14. Wild Wild West… • The internet is the Wild Wild West • “Cost” of playing hawk on the internet has gone down tremendously • 17 year old in Eastern Europe can be the cause of 40 million credit cards being stolen from Target
  • 15. Pshhhhhh…. “People will get their money back if my shit is owned, I don’t care…”
  • 16. Yeah except… People in this room control… •Health Records •Financial data •Legal Data •Buying habits •Most people use the same passwords for all their sites
  • 17. Oh the things I’ve seen…. •Password stored only as hash values •User tables susceptible to SQL Injection attacks •Backdoor “master” password access to all users •“Encrypted” in the famous base64 encryption algorithm •“Encrypted” in the famous plaintext algorithm •No Password - How’s anybody going to get to this admin page? Nobody knows the URL…
  • 18. So you think you’re secure…
  • 19. Not the kind of hash you may be used to Blast From the Past College Professor’s told me.. I can use a hash function to “map” my data to a “bucket” Mainly used in hash tables System.Collections.HashTable System.Collections.Generic.Dictiona ry Fast storage and retrieval (ooooh yeah) Example I have Bins buckets and 100 apples. I want to spread them evenly to all my bins. h(x) = x mod 10
  • 21. This ain’t yo mama’s Hash function Use cryptographically secure hash functions for passwords • It should be hard given h(m) to find m’ such that h(m’) = h(m) (pre-image resistance) • Should be difficult given a message m with hash h(m) to find a message m’ != m and h(m) = h(m’) (second pre-image) • It should be difficult to find two messages m and m’ where h(m) = h(m’) • Preferable to have a property called the avalanche effect • 1 bit difference causes at least 50% of the following bits to change
  • 23. We still have some problems Fact of life: All cryptographic hash functions are susceptible to collisions. • I’m lazy… so here’s my rule of thumb • Take the output size of the hash algorithm and divide by 2 and our security level is 2^n • Search Wikipedia for Birthday paradox for the proper math
  • 24. Merriam Webster I Shake My Fist At You! • Forget all the theory…. • We can just pre-hash a dictionary and match the hash to the original value. (Rainbow Tables)
  • 25. Rainbow Connection Rank Password MD5 SHA1 1123456 e10adc3949ba59abbe56e057f20f88 3e 7c4a8d09ca3762af61e59520943dc26494f89 41b 212345 827ccb0eea8a706c4c34a16891f84e 7b 8cb2237d0679ca88db6464eac60da96345513 964 3123456789 25f9e794323b453885f5181f1b624d0 b f7c3bc1d808e04732adf679965ccc34ca7ae34 41 4Password dc647eb65e6711e155375218212b39 64 8be3c943b1609fffbfc51aad666d0a04adf83c9 d 5iloveyou f25a2fc72690b780b2a14e140ef6a9e 0 ee8d8728f435fd550f83852aabab5234ce1da5 28 6princess 8afa847f50a716e64932d995c8e743 5a 775bb961b81da1ca49217a48e533c832c3371 54a 7rockyou f806fc5a2a0d5ba247160075845279 9c f1cf651ce1a2191a760c0b2f161234f7958e26 e4 81234567 fcea920f7412b5da7be0cf42b8c9375 9 20eabe5d64b0e216796e834f52d61fd0b7033 2fc 25d55ad283aa400af464c76d713c07 7c222fb2927d828af22f592134e8932480637c
  • 26. mmmm…. Salty • To get around the problem of rainbow tables add a random salt • Don’t just use random text! I see this time and time again. • Use Random bytes and add to the password before hashing • Generate with System.Security.Cryptography.RNGCryptoServiceProvider • PHP openssl_random_pseudo_bytes • Ruby: OpenSSL::Random • Longer and more random is better • Store the salt in a field in your db along with the username and password hash (can be unencrypted) • PasswordField == Hash(saltBytes + GetBytes(passwordEntered))
  • 27. Salty Hash is good but not that good… • Most cryptographic hash algorithms are made to perform over large files, so they are really fast • My PC (Core i7 3930k) can do almost 360 Mb/s for SHA-1 • So we can generate rainbow tables on the fly from password databases • Need to slow it down! So we’ll introduce a work factor • Work factor tells the algorithm how much “work” to perform • As computers get faster increase the work factor and re-hash as users log in • Good examples are BCrypt, SCrypt, PBKDF2
  • 28. PBKDF2 PROS •Uses standard Hash Functions •Takes Salt •Comes Standard in Many Frameworks (Rfc2898DeriveBytes) CONS • Possible to mis-configure if using anything other than the standard Hash • Standards for work factor are really unknown • Can be attacked using GPU Array • Can be attacked using FPGA Array
  • 29. BCrypt PROS • Very Old! • Open Source! • Has been used in many secure software programs • Much Easier to Configure and use •Salt, Iteration and Hash stored as one field • Difficult to brute force on GPU CONS • Open Source • Memory requirements make it vulnerable to things like FPGA
  • 30. SCRYPT PROS •Open Source •Much Easier to Configure and use •Salt, Iteration and Hash stored as one field • Difficult to brute force on GPU CONS • Relatively new • Open Source • Good implementations are harder to find
  • 31. OMG WTF Am I gonna do? • If you’re not using a salted hash update all passwords with a more secure algorithm. BCrypt(MD5(Password)) and store a version (Version 1). • When a user logs in simply upgrade on successful login and save to a new version (Version 2). string function VerifyPassword(string input, string hash, int version) if version is 1 then input = md5(input) result = bcrypt.verifypassword(input, storedhash) if result is true and version is 1 then updatepassword(bcrypt(input,workfactor), 2) return result end
  • 32. What if I don’t have a hash at all? • Even though you are less secure than someone who went through hashing you’re actually on an easier upgrade path • Simple compute the BCrypt hash (or whatever else you want to use) over your user database and store it back in the database • If you have a lot of users (> 100,000 users) this will take a long time, but you can take advantage of multi-threading and multiple cores. • Make your users change their password on first login
  • 33. Other recommendations • My #1 Recommendation for password storage •DON’T • If you can get away with it use an open API like OpenID (google, facebook, yahoo etc..) this removes the liability from your code and is safer for your users. • If you can use a standard authentication mechanism such as Active Directory, or a corporate standard approved by your security team then use that instead. • Run your entire application under the least privileges you can get away with. • I highly recommend putting restrictions on which users are able to read the user table, segregate that table away from the rest of the database if possible and only allow a single user to have read access, and a single user that has write access.
  • 34. Last thoughts… •Developers need to engage the Infosec community •OWASP Meeting’s •Local security meet ups!
  • 35. Ok I’m done now… Follow me on twitter: @nerdybeardo Blog: http://www.nerdybeardo.com

Hinweis der Redaktion

  1. I attribute that to the beard because I have no freaking idea why
  2. In some ways I don’t want to
  3. You can expose your users to identity theft even if you don’t hold any financial information
  4. Preimage resistance (database of passwords you only have the digest)Second pre-image resistance (HMAC or digital signature where you sign the document you have digest and document)Collission resistance (find me any two messages that have the same hash)The previous example we actually used the collision property to find which bucket data went to. This is a horrible Provide some additional features on top of the algorithms we’ve all developedKeccak pronounced catch-ack
  5. n/2 is approximately the number of tries it will take to get a collisionUse Wikipedia to get the real math (if you really want to)MD5 digest size is 128 bits. Therefore you can find a collision using the birthday paradox in approximately 2^64 triesSha-512 output size is 512 bits. Therefore it would take approximaltely 2^256 tries to come to find a collisionMerkle–Damgård construction
  6. I really don’t know about the RNGCryptoServiceProvider, when I initially made this presentation it wasn’t out that the NSA may have possibly put a back door in Microsofts RNG.
  7. These algorithms are not multi-threaded, I can utilize multiple cores to check multiple passwords at the same timePassword based key derivation function
  8. MostBcrypt implementations store the salt, and workfactor as delimited values in t
  9. Open Web Application Security Project