DEF CON Training
Ruben Gonzalez - Hacking Cryptography $1,800 Early $1,450
Hacking Cryptography
Virtually all digital communication is secured using cryptography. Our laptops, phones, printers, cars, bank cards and washing machines use cryptography to keep things confidential, to make sure messages aren’t tampered with and to establish secure connections. However, even though modern security heavily relies on it, cryptography is complex and oftentimes fragile. This in-depth training shows how cryptography is misused in practice. Moreover, participants will learn how common cryptography screwups can be exploited. To foster skills, participants will write their own exploits and use them on real world systems provided by us.
Course Outline
Day 1:
- Basic Terminology
- Cryptography
- Primitives
- Security Guarantees
- “Oracles”
- Python
- Basics of Python
- Using Python on Raw Bits and Bytes
- Using Python for Bignum Computation
- Challenge Lab: Python
- Attacks on Symmetric Crypto
- Stream Ciphers
- Introduction to Stream Ciphers
- The One Time Pad and XOR Ciphers
- Salsa20/Chacha, RC4
- Exploiting Output Bias
- Leveraging Partialy Known Plaintext
- Nonce Reuse Attacks
- (Compression) Side Channels
- Challenge Lab: Hacking Stream Ciphers
- Block Ciphers
- Introduction to Block Ciphers
- AES, DES, 3DES
- Modes of Operation (ECB, CBC, CTR, XTS)
- Block Shuffling Attacks
- Nonce Reuse Attacks
- Bit-Flipping Attacks
- Padding Oracles
- Challenge Lab: Hacking Block Ciphers
- Stream Ciphers
- Hash Functions
- Introduction to Hash Functions
- Collision Attacks (SHA1/MD5)
- Length Extension Attacks
- Rainbow Table Attacks
- Challenge Lab: Hacking Hash Functions
- Attacks on Message Authentication Codes (might spill to day 2)
- Introduction to Message Authentication Codes
- Attacks on Primitive Constructs
- Forgery Attacks
- Authenticated Encryption
- GCM Forbidden Attack
- Challenge Lab: Hacking MACs
Day 2:
- Entropy Attacks
- Introduction to the Linux Entropy Pool
- Misuse of Pseudo Random Number Generators
- Predicting Linear Congruential Generators
- Predicting Mersenne Twister
- Predicting Linear Feedback Shift Registers
- The Dual EC DRBG Backdoor
- Challenge Lab: Hacking Randomness
- Attacks on Asymmetric Crypto / RSA
- Introduction to RSA
- RSA Key Formats
- Attacks on Textbook RSA
- Attacks on Short Keys
- Forging RSA Signatures
- RSA PKCS#1.5 Signatures
- Padding/Bleichenbacher Attacks on RSA
- Challenge Lab: Hacking RSA
- Attacks on Asymmetric Crypto / ECC
- Introduction to Elliptic Curve Cryptography
- The Java ECC Screwup
- Exploiting ecDSA Nonce Reuse
- Exploiting ed25519 Bad Public Keys
- Invalid Point Attacks
- Challenge Lab: Hacking ECC
- Further Attacks
- JWT Implementation Bugs
- TLS Weaknesses
- Challenge Lab: Exploiting JWT
- Farewell
- Presentation of Take Home Challenges
- Recap - Cryptography
Prerequisites
This is a beginner to intermediate course. The contents are compressed, but no prior knowledge of cryptography is needed. Every subject is introduced before attacks are presented.
Students should be familiar with at least one scripting language (e.g. Python) and have a basic understanding of computer networks.
Equipment Requirements
Participants should bring a laptop with administrator/root access to install software.
Certificate
At the end of the course participants can take a test to certify their knowledge.
Previous Training
This training was previously held at private corporations.
Trainers
Ruben Gonzalez (Lead Trainer, He/Him):
- 10 years in offensive security research
- Bug hunter for cryptography code
- Lead trainer at Neodyme.io
- Auditor of crypto code for multiple large industry projects
- Part-time PhD candidate for cryptographic implementations at the Max Planck Institute
- Multi-time DEFCON CTF finalist (team Sauercloud)
- Twitter: redrocket_ctf
Tim Schmidt (Support Trainer, He/Him):
- 5 years in vulnerability research
- Tinkerer and Hardware Hacker
- Profound interest in real-world attacks on cryptography
- Multi-time DEFCON CTF finalist (team Sauercloud)
- Trainer at Neodyme.io
$1,450.00