Password Based Key Derivation Function Iteration Counts

I have already spoken about Password Based Key Derivation Functions before on this blog and I have discussed secure password storage with PBKDF2 at length in my Pluralsight course, Practical Cryptography in .NET, but in this post I want to expand this a bit and talk about picking suitable iteration lengths for the PBKDF2 key derivation process.

Choosing a good number of iterations for PBKDF2
Choosing a good number of iterations for PBKDF2

A reader of this blog, Geoff Hirst, gave me a heads up to an episode of the Security Now podcast and specifically episode 512 where the recent security breach at LastPass was discussed. Luckily no one’s data was actually at risk due to their security policies and good use  of encryption, but the podcast talked about something that was interesting and that was, what should you set your PBKDF2 iteration count too?

I must admit I have always used round numbers like 50,000 or 100,000 but the podcast says this isn’t a good idea and you should use 5 figure number, beginning with a number larger than 2, but a random number which isn’t rounded up to specific whole number, as in 50,000 or 100,000.

By making this a random number that you do not disclose you are making an attackers life much harder as they have to get the iteration count correct. Of course you shouldn’t rely on this as a main piece of security information, but anything that can make an attackers life a little harder has to be a good thing.

If you are dealing with a system that has multiple users, why not randomly generate different iteration counts per user. Then if one user does get compromised and their password recovered, your other users are still safe as the attacker would still need to guess their number of iterations.

Advertisements

Practical Cryptography in .NET Course Released by Pluralsight

I am pleased to announce that my latest course, Practical Cryptography in .NET has been released by Pluralsight.

The course description is as follows:

As a software developer you have a duty to your employer to secure and protect their data. In this course you will learn how to use the .NET Framework to protect your data to satisfy confidentiality, integrity, non-repudiation and authentication.

This course covers random number generation, hashing, authenticated hashing and password based key derivation functions. The course also covers both symmetric and asymmetric encryption using DES, Triple DES, AES and RSA. You then learn how to combine these all together to product a hybrid encryption scheme which includes AES, RSA, HMACS and Digital Signatures.

The course is aimed at teaching developers about the importance of protecting sensitive data within their systems.

Practical Cryptography in .NET Coming Soon to Pluralsight
Practical Cryptography in .NET Coming Soon to Pluralsight

As-well as giving lots of technical background, the course will be very practical with lots of live code demonstrations. The course will be split into the following modules.

1. Course Outline and Introduction
2. Cryptographic Random Numbers
3. Hashing Algorithms
4. Secure Password Storage
5. Symmetric Encryption
6. Asymmetric Encryption
7. Hybrid Encryption
8. Digital Signatures
9. Secure String
10. Course Summary

Modules 2 – 6 covers a lot of theory and practical advice on using what is built into the .NET Framework. Module 7 on Hybrid Cryptography takes this a step further to combine a lot of the cryptographic primitives discussed into a cryptography scheme that gives the flexible key management benefits of RSA with the benefits and speed of algorithms like AES which includes full authenticated integrity checking.

Practical Cryptography in .NET Coming Soon to Pluralsight
Practical Cryptography in .NET Coming Soon to Pluralsight

This then gets expanded on further by introducing the concept of Digital Signatures to build in non-repudiation into the system.

Practical Cryptography in .NET Coming Soon to Pluralsight
Practical Cryptography in .NET Coming Soon to Pluralsight

The course has been a lot of fun to produce and I hope you find it useful. Protecting data is something that every developer should take very seriously and this course gives you all the tools you need to protect your companies data from ex-filtration by hackers or anyone else that wants to cause organisations harm.

Cryptography in .NET talk at the Derbyshire.Net User Group

Cryptography in .NET talk at the Derbyshire Dot Net User Group
Cryptography in .NET talk at the Derbyshire Dot Net User Group

I will be doing a talk at the Derbyshire Dot Net user group on March 26th 2015 in Derby. The talk will be on Cryptography in .NET.  The talk will be at Sadler Bridge Studios in the City Centre and start at 7pm.

The talk synopsis is:

Data security is something that we as developers have to take seriously when developing solutions for our organizations. Cryptography can be a deeply complicated and mathematical subject but as developers we need to be pragmatic and use what is available to us to secure our data without disappearing down the mathematical rabbit hole.

In this talk Stephen Haunts will take you through what is available in the .NET framework for enterprise desktop and server developers to allow you to securely protect your data to achieve confidentiality, data integrity and non-repudiation of exchanged data. Stephen will cover the following:

  • Cryptographically secure random number generation.
  • Hashing and Authenticated Hashes.
  • Secure Password Storage
  • Symmetric Encryption with DES, TripleDES, and AES.
  • Asymmetric Encryption with RSA.
  • Hybrid Encryption by using Symmetric and Asymmetric encryption together.
  • Digital Signatures.

Stephen Haunts is a Development Manager working in the healthcare division at Boots and has been developing code since he was 10. Stephen is also an author with Pluralsight and a book author writing for the Syncfusion Succinctly series of books.

Cryptography in .NET Talk : Slides and Sample Code

Cryptography in .NET Talk at Dot Net Notts
Cryptography in .NET Talk at Dot Net Notts

Today I did a talk on Cryptography in .NET. The talk synopsis is as follows :

Data security is something that we as developers have to take seriously when developing solutions for our organizations. Cryptography can be a deeply complicated and mathematical subject but as developers we need to be pragmatic and use what is available to us to secure our data without disappearing down the mathematical rabbit hole.

Cryptography in .NET Talk at the DotNet Notts User Group by Stephen Haunts
Cryptography in .NET Talk at the DotNet Notts User Group by Stephen Haunts

In this talk Stephen Haunts will take you through what is available in the .NET framework for enterprise desktop and server developers to allow you to securely protect your data to achieve confidentiality, data integrity and non-repudiation of exchanged data. Stephen will cover the following:

  • Cryptographically secure random number generation
  • Hashing and Authenticated Hashes
  • Symmetric Encryption with DES, TripleDES, and AES
  • Asymmetric Encryption with RSA
  • Hybrid Encryption by using Symmetric and Asymmetric encryption together.
  • Digital Signatures

You can now download the Slides and Sample Code in C# from this talk. If you have any questions about the talk or the subject matter then please feel free to leave a comment on this article or contact me via the contact form on this blog.

RC4 Stream Cipher

I recently started to look at some other cryptography ciphers outside what is included in my development platform of choice, .NET, and started reading up on RC4. RC4 is a stream cipher.

Stream Ciphers

A stream cipher is a symmetric key cipher where plain-text digits are combined with a pseudo-random cipher digit stream (key-stream). In a stream cipher each plain-text digit is encrypted one at a time with the corresponding digit of the key-stream, to give a digit of the cipher-text stream. With a stream cipher a digit is typically a bit and the combining operation an exclusive-or (XOR).

RC4 Stream Cipher
RC4 Stream Cipher

The pseudo-random key-stream is typically generated serially from a random seed value using digital shift registers. The seed value serves as the cryptographic key for decrypting the cipher-text stream.

Stream ciphers represent a different approach to symmetric encryption from block ciphers. Block ciphers operate on large blocks of data n a fixed block size. Stream ciphers typically execute at a higher speed than block ciphers and have lower hardware complexity.

RC4 Stream Cipher

In cryptography, RC4 (also known as ARC4 or ARCFOUR meaning Alleged RC4) is the most widely used software stream cipher and is used in popular protocols such as Transport Layer Security (TLS) (to protect Internet traffic) and WEP (to secure wireless networks). While remarkable for its simplicity and speed in software, RC4 has weaknesses that argue against its use in new systems.

RC4 was designed by Ron Rivest of RSA Security in 1987. RC4 was initially a trade secret, but in September 1994 a description of it was anonymously posted to a mailing list. The leaked code was confirmed to be genuine as its output was found to match that of proprietary software using licensed RC4. Because the algorithm is known, it is no longer a trade secret. The name RC4 is trademarked, so RC4 is often referred to as ARCFOUR or ARC4 (meaning alleged RC4) to avoid trademark problems.

Cryptography in .NET Talk at the DotNet Notts Usergroup

Meetup at DotNet Notts
Meetup at DotNet Notts

On January 26th 2015 I will be doing a talk at the DotNet Notts usergroup in Nottingham UK. The talk will be on Pragmatic Cryptography in .NET. The talk synopsis is as follows.

Data security is something that we as developers have to take seriously when developing solutions for our organizations. Cryptography can be a deeply complicated and mathematical subject but as developers we need to be pragmatic and use what is available to us to secure our data without disappearing down the mathematical rabbit hole.

In this talk Stephen Haunts will take you through what is available in the .NET framework for enterprise desktop and server developers to allow you to securely protect your data to achieve confidentiality, data integrity and non-repudiation of exchanged data. Stephen will cover the following:

Cryptographically secure random number generation.

Hashing and Authenticated Hashes.

Symmetric Encryption with DES, TripleDES, and AES.

The pitfalls of key exchange

Asymmetric Encryption with RSA.

Hybrid Encryption by using Symmetric and Asymmetric encryption together.

Digital Signatures.

Cryptography in .NET : Digital Signatures

I have previously written a number of articles on Cryptography in .NET, like the following :

Part 1 – Advanced Encryption Standard (AES)

Part 2 – RSA

Part 3 – Random Numbers and Hashes

Part 4 – Hybrid Encryption Protocols

Block Encrypter .NET Library for secure AES Encryption

In this article I will show you how to create and use Digital Signatures in .NET.

A digital signature is a mathematical scheme that demonstrates the authenticity of a message or document. A valid digital signature gives the recipient reason to believe that the message was created by a known sender, such that the sender cannot deny having sent the message (authentication and non-repudiation) and that the message was not altered in transit (integrity). Digital signatures are commonly used for software distribution, financial transactions, and in other cases where it is important to detect forgery or tampering.

Digital signatures are often used to implement a digital analog to hand written signatures. In broader terms this refers to any electronic data that carries the intent of a signature. Digital signatures employ a type of asymmetric cryptography. For messages sent through a non-secure channel, a properly implemented digital signature gives the receiver reason to believe the message was sent by the claimed sender. Digital signatures are equivalent to traditional handwritten signatures in many respects, but properly implemented digital signatures are more difficult to forge than the handwritten type. Digital signature schemes, in the sense used here, are cryptographic based, and must be implemented properly to be effective. Digital signatures can also provide non-repudiation, meaning that the signer cannot successfully claim they did not sign a message, while also claiming their private key remains secret.

Example Digital Signature Flow
Example Digital Signature Flow

A digital signature scheme consists of three algorithms

  • A key generation algorithm that generates a private and public key, such as RSA.
  • A signing algorithm that, given a message and a private key, produces a signature.
  • A signature verifying algorithm that, given a message, public key and a signature, either accepts or rejects the message’s claim to authenticity.

Two main properties are required. First, the authenticity of a signature generated from a fixed message and fixed private key can be verified by using the corresponding public key. Secondly, it should be computationally infeasible to generate a valid signature for a party without knowing that party’s private key. A digital signature is an authentication mechanism that enables the creator of the message to attach a code that act as a signature. It is formed by taking the hash of message and encrypting the message with creator’s private key.