Vous êtes sur la page 1sur 12

Crypto Cheat Sheet

Technical Bulletin: Cryptography

Manu Carus
http://www.ethical-hacking.de/
mailto:manu.carus@ethical-hacking.de

Table of Content

1 CRYPTOGRAPHY ..................................................................................................................................... 3
2 SECURE ALGORITHMS ........................................................................................................................... 4
3 LIBRARIES AND FRAMEWORKS ......................................................................................................... 5
3.1
3.2
3.3
3.4

OPENSSL .................................................................................................................................................. 5
JAVA CRYPTOGRAPHY ARCHITECTURE ................................................................................................... 6
.NET ......................................................................................................................................................... 7
CRYPTOAPI AND CAPICOM ................................................................................................................... 8

4 BEST PRACTICES ..................................................................................................................................... 9


4.1
4.2
4.3
4.4
4.5
4.6
4.7
4.8

CRYPTOGRAPHY ....................................................................................................................................... 9
RANDOM NUMBERS .................................................................................................................................. 9
HASHING ................................................................................................................................................... 9
MESSAGE AUTHENTICATION CODES ....................................................................................................... 9
SYMMETRIC ENCRYPTION ........................................................................................................................ 9
ASYMMETRIC ENCRYPTION ................................................................................................................... 10
DIGITAL SIGNATURE .............................................................................................................................. 10
KEY AGREEMENT .................................................................................................................................... 10

5 WORST PRACTICES .............................................................................................................................. 10


5.1
5.2
5.3
5.4

CRYPTOGRAPHY ..................................................................................................................................... 10
HASHING ................................................................................................................................................. 10
SYMMETRIC ENCRYPTION ...................................................................................................................... 10
ASYMMETRIC ENCRYPTION ................................................................................................................... 10

6 RULES OF THUMB ................................................................................................................................. 11


6.1
6.2
6.3
6.4
6.5

RANDOM NUMBERS ................................................................................................................................ 11


HASHING ................................................................................................................................................. 11
SYMMETRIC ENCRYPTION ...................................................................................................................... 11
ASYMMETRIC ENCRYPTION ................................................................................................................... 11
KEY AGREEMENT .................................................................................................................................... 11

7 SEVERABILITY CLAUSES ..................................................................................................................... 11


8 LIST OF ABBREVIATIONS ................................................................................................................... 12

Cryptography

Definitions
Cryptography is the science of hiding information.
The term is contrasted with cryptanalysis where the objective is to analyze and break encryption
methods which have hitherto been considered secure.
Both these sciences are branches all cryptology.
Objectives of cryptography
Secrecy
"keeping information secret
Sensitive data must be concealed from others. Only explicity authorized persons must be able to read
confidential data or obtain knowledge about its content.
Integrity
knowing that information hasnt been tampered with
The recipient of a message must be able to ascertain wether the message was modified after it was
generated and before it was received.
Authentication
knowing the origin and destination of information
Both the originator and recipient of a message must be unambiguously identifiable.
Non-Repudiation
knowing that information, once sent, cannot be retracted or denied.
The originator of a message must not be able to repudiate his authorship. It must be possible to
substantiate authorship to third parties.
Requirement
A secure application must achieve these four objectives of cryptography!

Secure Algorithms
Length1

Algorithm
RSA-2048

Asymmetric Encryption

2048 bit

256 Bytes

3DES

Cipher

112 bit2

14 Bytes

AES-128

Cipher

128 bit

16 Bytes

AES-192

Cipher

192 bit

24 Bytes

AES-256

Cipher

256 bit

32 Bytes

Blowfish

Cipher

128 bit

16 Bytes

Twofish

Cipher

128, 192, 256 bit

16, 24, 32 Bytes

DSA

Digital Signature

1024 bit

128 Bytes

ECDSA

Digital Signature

256, 384, 512 bit

32, 48, 64 Bytes

RSA-2048

Digital Signature

2048 bit

256 Bytes

RIPEMD-160

Hash

160 bit

20 Bytes

SHA-256

Hash

256 bit

32 Bytes

SHA-384

Hash

384 bit

48 Bytes

SHA-512

Hash

512 bit

64 Bytes

Diffie-Hellman

Key Agreement

1024 bit

128 Bytes

AES-CMAC

Message Authentication Code

128 bit
192 bit
256 bit

16 Bytes
24 Bytes
32 Bytes

HMACSHA256

Message Authentication Code

256 bit

64 Bytes

MAC-3DES-CBC

Message Authentication Code

112 bit

14 Bytes

PBKDF2

Password-based Key Derivation

arbitrary

arbitrary
Last revised: 12/2012

(bold recommendation)

1
2

Length of key resp. hash value


effective key length

Libraries and Frameworks

3.1 OpenSSL
Application

Command

Random Numbers

openssl rand

Hashing

openssl dgst alg

alg {sha256, sha384,


sha512, ripemd160}

Message
Authentication
Codes

openssl dgst alg hmac

alg {sha256,
sha384,
sha512,
ripemd160}

Symmetric
Encryption

openssl enc cipher

cipher {aes128,
aes192,
aes256,
aes-128-cbc,
aes-192-cbc,
aes-256-cbc,
bf,
bf-cbc,
blowfish,
des3}

Asymmetric
Encryption

openssl rsautl

Hybrid
Encryption

openssl smime cipher

cipher {aes128,
aes192,
aes256,
des3}

Digital Signature

openssl dsaparam

cipher {aes128,
aes192,
aes256,
des3}

openssl gendsa -cipher


openssl genrsa -cipher
openssl dsa
openssl rsa
openssl dgst alg

Key Agreement

openssl dhparam

Parameter

for DSA:
alg
{dss1}
for RSA:
alg
{sha256,
sha384,
sha512,
ripemd160}

3.2 Java Cryptography Architecture


Class

algorithm { }

javax.crypto.Cipher

AES
AESWrap
Blowfish
DESede
DESedeWrap
DSA
ECDSA
HmacSHA256
HmacSHA384
HmacSHA512
RSA
SHA1PRNG
SHA-256
SHA256withECDSA
SHA256withRSA
SHA-384
SHA384withECDSA
SHA384withRSA
SHA-512
SHA512withECDSA
SHA512withRSA

javax.crypto.KeyGenerator
javax.crypto.Mac
javax.crypto.SecretKeyFactory
java.security.AlgorithmParameters
java.security.AlgorithmParameterGenerator
java.security.KeyFactory
java.security.KeyPairGenerator
java.security.MessageDigest
java.security.SecureRandom
java.security.Signature

3.3 .NET
Class

Version

System.Security.Cryptography.AesManaged

.NET 3.0

System.Security.Cryptography.AesCryptoServiceProvider

.NET 3.0

System.Security.Cryptography.DSACryptoServiceProvider

.NET 2.0

System.Security.Cryptography.ECDiffieHellmanCng

.NET 3.0

System.Security.Cryptography.ECDsaCng

.NET 3.0

System.Security.Cryptography.KeyedHashAlgorithm.HMACRIPEMD160

.NET 2.0

System.Security.Cryptography.KeyedHashAlgorithm.HMACSHA256

.NET 2.0

System.Security.Cryptography.KeyedHashAlgorithm.HMACSHA512

.NET 2.0

System.Security.Cryptography.KeyedHashAlgorithm.MACTripleDES

.NET 2.0

System.Security.Cryptography.ProtectedData

.NET 2.0

System.Security.Cryptography.ProtectedMemory

.NET 2.0

System.Security.Cryptography.RijndaelManaged

.NET 2.0

System.Security.Cryptography.RIPEMD160Managed

.NET 2.0

System.Security.Cryptography.RNGCryptoServiceProvider

.NET 2.0

System.Security.Cryptography.RSACryptoServiceProvider

.NET 2.0

System.Security.Cryptography.SHA256Managed

.NET 2.0

System.Security.Cryptography.SHA384Managed

.NET 2.0

System.Security.Cryptography.SHA512Managed

.NET 2.0

System.Security.Cryptography.TripleDESCryptoServiceProvider

.NET 2.0

System.Security.SecureString

.NET 2.0

3.4 CryptoAPI and CAPICOM


Function

ALG_ID { }

CryptCreateHash()

CALG_3DES
CALG_3DES_112
CALG_AES
CALG_AES_128
CALG_AES_192
CALG_AES_256
CALG_DSS_SIGN
CALG_ECDSA
CALG_HMAC
CALG_MAC
CALG_RSA_SIGN
CALG_SHA_256
CALG_SHA_384
CALG_SHA-512

CryptDecrypt()
CryptEncrypt()
CryptDecryptAndVerifyMessageSignature()
CryptDecryptMessage()
CryptEncryptMessage()
CryptGenKey()
CryptGenRandom()
CryptHashData()
CryptHashMessage()
CryptHashPublicKeyInfo()

Provider for Diffie-Hellman:

CryptHashSessionKey()

CAPICOM_PROV_MS_DEF_
DSS_DH_PROV

CryptProtectData()
CryptProtectMemory()
CryptSignAndEncryptMessage()
CryptSignHash()
CryptSignMessage()
CryptSignMessageWithKey()
CryptUnprotectData()
CryptUnprotectMemory()
CryptVerifyDetachedMessageHash()
CryptVerifyDetachedMessageSignature()
CryptVerifyMessageHash()
CryptVerifyMessageSignature()
CryptVerifyMessageSignatureWithKey()
CryptVerifySignature()

Best Practices

4.1 Cryptography
Cryptographic agility: Configure and safeguard the used algorithms.

4.2 Random Numbers


Create GUIDs only on the basis of cryptographically secure random numbers.

4.3 Hashing
Use SHA-256.
Use hash values that are 256 bits long or longer ( 32 Bytes).
Use hashing rather than encryption.
Use salted hashing rather than hashing when processing small input (e.g. passwords).
Compare long inputs by comparing the hash values.
Use hashing for integrity checks.
Transmit hash values only in encrypted form.
Use digital signature rather than hashing (whenever possible).

4.4 Message Authentication Codes


Use HMACSHA256.
Make use of long keys.
Generate keys on the basis of cryptographically secure random numbers.
Password as key: at least 16 characters; use strong passwords (passphrases).
Use digital signatures rather than MACs (whenever possible).

4.5 Symmetric Encryption


Use AES-256.
Use keys which are 128 bits long or longer ( 16 Bytes).
Recommended key length is 256 bit.
Use SSL rather than symmetric encryption.
Use hybrid encryption rather than symmetric encryption.
Generate keys on the basis of cryptographically secure random numbers.
Use initialization vectors (IV) on the basis of cryptographically secure random numbers.
Do not re-use initialisation vectors (IV).
Use Cipher Block Chaining (CBC).
Use PKCS #7 Padding.
Derive a key from password only by applying the PBKDF2 algorithm.
Password as key: at least 12 characters; use strong passwords (passphrases).

4.6 Asymmetric Encryption


Use RSA-2048.
Use hybrid encryption rather than asymmetric encryption.
Sending a message to several recipients: symmetric key must be encrypted asymmetrically once
per recipient.

4.7 Digital Signature


Use DSA rather than RSA.
Use signature algorithms with hash values which are 160 bits long or longer ( 20 Bytes).
Keep a log of all signed documents.

4.8 Key Agreement


Use Diffie-Hellman only in conjunction with mutual authentication (due to Man-in-the-MiddleAttack).

Worst Practices

5.1 Cryptography
Do not apply security by obscurity.
Do not make use of ad-hoc algorithms.

5.2 Hashing
Do not use MD5.
Do not use SHA-1.

5.3 Symmetric Encryption


Do not use DES.
Do not use Electronic Code Book (ECB).
Do not encrypt data twice on a transport layer which already has end-to-end-protection.
Do not compress encrypted data.

5.4 Asymmetric Encryption


Do not use RSA-1024.
Do not encrypt content asymmetrically.

Rules of Thumb

6.1 Random Numbers

Computing cryptographically secure random numbers requires approximately 10 times more effort
than computing classic random numbers.

6.2 Hashing

Hash values having a length of 256 bit can represent up to 10

76

different documents without

producing any collisions.

6.3 Symmetric Encryption

AES encrypts much faster than Triple DES.

Use Twofish rather than Blowfish.

The effective Triple DES key strength is only 112 bit.

Synchronize the character encoding between sender and receiver.

6.4 Asymmetric Encryption

Asymmetric encryption is at least 1.000 times slower than symmetric encryption.

6.5 Key Agreement

The calculation of appropriate Diffie-Hellman parameters takes much time and must therefore
take place long before a communication channel between sender and receiver is established.

Severability Clauses
If the underlying environment, the software, framework or library which is used does not support
any cryptographically secure algorithm and if, under the given circumstances, no other solution is
possible, a cryptographically weak algorithm should be used rather than dispensing with
protection entirely.

If algorithms which are classified as secure and recommended in this document are subsequently
broken, the recommendations of the Federal German Office for Information Security (BSI) and the
Commandment of caution apply until this document is next updated.

8 List of abbreviations
3DES

Triple Data Encryption Standard

AES

Advanced Encryption Standard

BF

Blowfish

CAPICOM

Cryptographic Application Programming Interface through Component Object Model

CBC

Cipher Block Chaining

CFB

Cipher Feedback Mode

CMAC

Cipher-based Message Authentication Code

CNG

Cryptography Next Generation

DESede

Synonym for 3DES / Triple DES

DH

Diffie-Hellman

DSA

Digital Signature Algorithm

DSS

Digital Signature Standard

ECB

Electronic Code Book

ECDH

Elliptic Curve Diffie-Hellman

ECDSA

Elliptic Curve Digital Signature Algorithm

GUID

Globally Unique Identifier

HMAC

key-Hashed Message Authentication Code

IV

Initialization Vector

JCA

Java Cryptography Architecture

MAC

Message Authentication Code

MD

Message Digest

MITM

Man-in-the-Middle

OFB

Output Feedback Mode

PBKDF

Password-Based Key Derivation Function

PGP

Pretty Good Privacy

PKCS

Public Key Cryptography Standards

PKI

Public Key Infrastructure

PRNG

Pseudorandom Number Generator

RC

Rivest Cipher oder Ron's Code

RIPEMD

RACE Integrity Primitives Evaluation Message Digest

RSA

Rivest Shamir Adleman

SHA

Secure Hash Algorithm

S/MIME

Secure Multipurpose Internet Mail Extension

SSL

Secure Sockets Layer

TLS

Transport Layer Security

TRNG

True Random Number Generator