
DEF CON Training
Ruben Gonzalez - Hacking Cryptography $2,000
Hacking Cryptography
Cryptography is everywhere, whether you like it or not. Our laptops, phones, printers, cars, bank cards and washing machines use cryptography to authenticate, keep things confidential and make sure messages aren’t tampered with. However, very often developers, pentesters, system designers and code auditors are confronted with cryptography without having the gear to properly assess security of a specific use case.
During this training we'll deep-dive into modern cryptography. We'll learn how it works, how it is often times misused and how that leads to exploitable bugs.
Moreover, participants will learn how common cryptography screwups can be exploited. To foster skills, participants will write their own exploits and use them on real world systems provided by us.
The first day will prepare you for (ab)using cryptography in products and services by going over the basic terminology, explaining modern primitives and showing common misuses of those primitives. You'll learn about tools and techniques to abuse such misuses along the way. On day two, we'll move on to more advanced primitives used in asymmetric cryptography and see how everything we have learned is employed in protocols and standards (such as TLS, JWT and FIDO).
Outline
* Introduction to Cryptography
* Basic Terminology
* Security Guarantees
* Composition of Primitives
* Attack Categorization
* Working with Crypto Tools
* Manipulating Raw Bits and Bytes in the Terminal
* Using OpenSSL on the command line
* Introduction to Cyber Chef
* **Challenge Lab: OpenSSL and Cyber Chef**
* Symmetric Crypto
* Stream Ciphers
* Introduction to Stream Ciphers
* The One Time Pad and XOR Ciphers
* Leveraging Partially Known Plaintext
* Modern Stream Ciphers: Salsa20/Chacha, RC4
* Nonce Reuse Attacks
* **Challenge Lab: (Ab)using Stream Ciphers**
* Block Ciphers
* Introduction to Block Ciphers (AES, 3DES)
* Modes of Operation (ECB, CBC, CTR, XTS)
* Bit Flipping & Nonce Reuse Attacks
* Padding Oracle Attacks
* **Challenge Lab: (Ab)using Block Ciphers**
* Encrypting Data at Rest
* (Compression) Side Channel Attacks
* Hash Functions and Message Authentication Codes
* Introduction to Hash Functions
* Collision Attacks (SHA1/MD5)
* Length Extension Attacks
* Password Recovery with Rainbow Table Attacks
* SHA3, SHAKE and Sponge Constructions
* **Challenge Lab: (Ab)using Hash Functions and PW Cracking**
* Introduction to Message Authentication Codes
* Introduction to Message Authentication Codes
* Pitfalls on trivial constructions
* Authenticated Encryption Modes
* **Challenge Lab: (Ab)using MACs and AuthEnc**
* Entropy and Randomness
* Generating Secure Keys
* Introduction to the Linux Entropy Pool
* Misuse of Pseudo Random Number Generators
* Linear Congruential Generators
* Mersenne Twister
* Linear Feedback Shift Registers
* The Dual EC DRBG Backdoor
* **Challenge Lab: Keys and Randomness**
Day 2:
* Asymmetric Crypto / RSA
* Introduction to RSA
* Key Formats
* Basic Attacks on (Textbook) RSA
* Key Sizes and Brute Force
* RSA PKCS1.5 Signatures
* Padding/Bleichenbacher Attacks on RSA
* **Challenge Lab: RSA**
* Asymmetric Crypto / ECC
* Introduction to Elliptic Curve Cryptography
* The Java ECC Screwup
* Exploiting ecDSA Nonce Reuse
* Invalid Point Attacks
* **Challenge Lab: ECC**
* Public Key Infrastructure and Certificates
* Introduction to Certificates
* x509 Certificate Structure and Features
* Common Certificate Pitfall Examples
* Chain of Trust and PKI services
* TOFU Principle and Man-In-The-Middle Threats
* **Challenge Lab: Certificates and PubKeys**
* Crypto Applications / Protocols
* High-level view on TLS
* High-level view on VPNs: IKE and Wireguard
* Choosing Security Parameters for Protocols
* Crypto Applications / JWT
* Introduction to JWT
* Common JWT Implementation Bugs
* **Challenge Lab: Exploiting JWT**
* Crypto Applications / WebAuthn, FIDO and TOTPs
* Introduction to Password-Less Authentication
* TOTP Algorithms and Seeds
* Understanding and Deploying FIDO2 and WebAuthn
* Footguns Regarding Password-Less
* **Challenge Lab: (Ab)using FIDO**
* Outlook
* Sneak Peak at Post Quantum Crypto
* Upcoming Protocols and Primitives
* Farewell
* **Presentation of Take Home Challenges**
* Recap - Cryptography
Prerequisites
This is a beginner to intermediate course. The contents are compressed, but no prior knowledge of cryptography is needed. Every subject is introduced before attacks are presented.
Students should be familiar with at least one scripting language (e.g. Bash or Python) and have a basic understanding of computer networks.
Equipment Requirements
Participants should bring a laptop with administrator/root access to install software.
Certificate
At the end of the course participants can take a test to certify their knowledge.
Previous Training
This training was previously held at private corporations.
Trainers
Ruben Gonzalez (Lead Trainer, He/Him):
* 10 years in offensive security research
* Bug hunter for cryptography code
* Lead trainer at Neodyme.io
* Auditor of crypto code for multiple large industry projects
* Part-time PhD candidate for cryptographic implementations at the Max Planck Institute
* Multi-time DEFCON CTF finalist (team Sauercloud)
* Twitter: redrocket_ctf
Tim Schmidt (Support Trainer, He/Him):
* 5 years in vulnerability research
* Tinkerer and Hardware Hacker
* Profound interest in real-world attacks on cryptography
* Multi-time DEFCON CTF finalist (team Sauercloud)
* Trainer at Neodyme.io
DATE: August 14th-15th 2023
TIME: 8am to 5pm PDT
VENUE: Caesars Forum, Las Vegas, NV
TRAINER: Ruben Gonzalez
- 16 hours of training with a certificate of completion.
- 2 coffee breaks are provided per day
- Note: Food is not included
Registration terms and conditions:
Trainings are refundable before July 1st, the processing fee is $250.
Trainings are non-refundable after July 10th, 2023.
Training tickets may be transferred. Please email us for specifics.
Failure to attend the Training without prior written notification, will be considered a No-Show. No refund will be given.
By purchasing this ticket you agree to abide by the DCT Code of Conduct and the registration terms and conditions listed above.
DEF CON Communications, Inc.
1100 Bellevue way NE
8A-85
Bellevue, WA 98004