Cryptography 101 with .NET Core

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

Boni Robert hi hello Robert how are you good how are you I'm doing so good let's see if oh I don't know yep just working out this keyboard thing sorry about um so cryptography 101 with dotnet core what do you got yes a lot of school stuff school stuff great um do you want to go ahead and share your screen oh well why don't you introduce yourself first sorry what do you work on so I work full-time on an e-commerce website and author and do a lot of conference speaking and happy about it so if we like Robert there's plenty of content out there to go find there should be cryptography cool cool okay um so would you like to go ahead and share your screen and we can dive in yes we know when you can see it okay I'll let you know when we can see that let's see we're having some interesting Skype delays I see that let's see the camera he's melting yeah I think he was attempting to share his desktop and Skype might have crashed a bit just a little bit we're getting some very interesting melting graphics though everyone's saying to switch to teams okay we'll go ahead and restart Skype really quick and I'll just entertain and delay which is my main job happy years here in the studio with me we'll probably switch that's his hand will probably switch off throughout our interviews and whatnot Oh looks like we have Robert back but naturally as soon as I switch to the screen share uh it crashes again okay just switching back to me on camera so we're gonna figure out this in a second oh I think I see Robert again okay Robert can you share your screen I think I saw it for a sec okay that's me on Roberts screen and now I can press the live share and it's repeating it because all it sees is name sharing Skype and maybe minimize Skype and then we'll be able to see hey there we go okay now we can see your screen Robert awesome okay whew that was fun I did that we took them through the matrix there for a second okay all right 101 with.net core the principles will talk about cryptography you can use any platforms they're very familiar algorithms and things that you can take advantage of but we're gonna focus on the implementations and done that core so a little bit about myself is said Microsoft MVP part of the ASP insiders plural site author progress developer expert in Fiddler that's my Twitter handle so let's get started so some background cryptography is the science of keeping messages secure why do you want cryptography there's really four different things most people think about it for confidentiality so you're trying to protect data from being read so you just have something you don't want people to see that's what most people think of when they think of cryptography there's also integrity and so integrity is where I want to verify the data top of your screen we just like seeing all of your slides better yes okay so we've got authentication where you want to identify and validate who a user is and we're also going to have non-repudiation so a sender can't deny later that he sent a given message this is all in the system dot security dot cryptography namespace that's where all these classes will come from and most important thing if you get nothing else out of this talk don't try to write your own cryptography I mean this stuff is well vetted a lot of people have seen it a lot of people use it it's built into the framework for us already take advantage of what's built in don't try to write your own so first thing we'll look at is hashing so the idea with a hash function is you have a one-way function so it's easy to compute in one direction but significantly harder to reverse so hash functions going to convert a variable length input into a fixed length it creates what you could call a data fingerprint or a digest and it's okay to see it so if I have data that I don't care that somebody and I don't need to hide it from them it's okay for them to see but I don't want it to be tampered with that's the integrity that we talked about earlier that's where a hash function is useful so as you see on the left-hand side I've got some basic content and I can run a hash on it and it's going to create this data fingerprint or digest on the right hand side that the hash if I make even a single character change to the data that's on the left-hand side I'll get a vastly different hash so the ideas I can use it run a hash against the data see that the hashes match so I can see that things haven't been tampered with so let's take a look at a demo for hash functions don't know what's happening there okay so the pattern will be very familiar here for all the cryptography that we use in dotnet so I'll spend a little bit of time on this one but I start with some initial plaintext so I've just got a string here that stores in this case this is a simple demonstration of hashing I'm gonna use the sha-512 class to do the hashes that's part of the shot to family the sha-1 md5 s all of those are not considered safe anymore so you should use a sha to functions I'm going to use sha-512 and what I'm gonna do on this line you'll see is very familiar with all the other cryptography will do I have my string and I need to convert it into a byte array so I can use the cryptographic functions they just all operate on byte arrays so the first thing I'm gonna do is I'm going to call the get bytes so I past get bytes the plaintext string there's lots of different ways I could choose to encode this utf-8 is a pretty common encoding scheme to take strings so I'm going to convert that do the utf-8 encoding and then I'm gonna simply call the compute hash function and as you can see from the comments I'm gonna get back a byte array here that's got 512 bits that's just because I use sha-512 now I want to display that on the screen so I'm actually gonna use the bit converter class there's lots of different ways to do this I'll show you later how we can use base64 encoding there's times where I want to be able to use the hash on a query string and such so I want to use characters that aren't going to conflict with other things on my url so in this case I just call the big converter I say I wanted to go to string and as you can see up above here it's going to give me back something that looks like this so I'm just gonna strip out all the dashes I just end up with a basic display so let's look at what that looks like so you can see here here's my initial string and then what it hashes to here so in the example if I go back you can see even if I were to go change this if I uncommented that and had a much larger string the actual hash will be a fixed size it's just based on what the hash is so that's basic hashing if we have some time later we'll talk about where you might want to use some of these techniques like I said it's common if you go to download from a given site they often list their hash so they'll say here's a sha-256 etc that way you know after you download it you could run the same algorithm it's going to do a hash even though it's a huge file it'll be a really small hash and you'll be able to compare and say that's what the site said they had that's what I had after I downloaded it so I know that nobody's tampered with that so that's a good use of hashing now we'll get into what most people expect for cryptography and that's encryption and decryption there's gonna be two different kinds so we'll talk about symmetric algorithms first and they're symmetric because the encryption and the decryption are going to use the same secret key so we're going to have a secret to share between the two partners that want to exchange data and we need to keep that key secret so if we follow along in the diagram on the left-hand side I've got the plaintext that's what I want to encrypt I'm gonna run my encryption algorithm with a secret key the result is the ciphertext that's just the encrypted stuff I want to send the person receiving the data will do the decryption and they're going to use the exact same secret key that's why it's called symmetric and if they do that they're going to get back to the original plaintext so the primary attack against this as far as if people are gonna try to break this they either are gonna try to determine what the secret key is and if they couldn't intercept that or otherwise determine what it is they're gonna try brute force key search they're just going to try all the different possible keys so the main problem with this it's really fast it's used a lot but the key distribution is difficult so we'll talk later about situations where I need to share with somebody on the internet that I haven't otherwise come in contact with it's hard to give them the secret key because how would you give it to them ahead of time in a secure manner so they'll be places for symmetric like we said there's a couple main classes built-in to.net and we're gonna focus on the primary one that most people use today is AES encryption so US government a lot of others this is just the common symmetric algorithm that everybody's using in dotnet the symmetric algorithms are called block ciphers so they're gonna take my string and break it up into individual blocks and encrypt each block one at a time that's why it's called a block cipher there's a couple different modes that you can use ECB or CBC I won't get into all the details of these but basically if we use CBC which we recommend that you use when you encrypt the first block of the data it wants to add more randomization into the symmetric algorithm so it wants to take some random data from the first block you encrypt it's going to use the result of that as input into the next block that it encrypts so essentially there's a some extra random that's done each time it's encrypting blocks of your original data so the question for that then becomes how do they get random data for the very first block that you're going to use that uses what's called an initialization vector so the idea with that again it's just some random data that's going to be used to seed the first block for your encryption it doesn't need to be a secret so you'll see when we look at the diagram that I'm going to transmitted that along with and I'm never gonna reuse it I'm just it's always gonna be unique for each set of data that's all that's important so let's take a look at a demo of symmetric algorithms so I've got a web page we'll look at the page first so I come out here and type in some random plain text I can hit n crypt we'll see that it created the cipher text but it also gave me the initialization vector so that's what was used to seed the first block of this encryption so I need to send both of these two things I'm going to send the cipher text and this initialization vector again now that the cipher text is encrypted it's safe for me to just send both of these pieces again the IV it's fine if that's visible to people if I hit decrypt we'll see that I get back the original plaintext like you'd expect so let's look at how this is implemented so when I do a post I happen to be using razor pages and so again you can use this console wherever you want I'm going to give sample code at the end that has a lot of examples of practical ways to use cryptography in an asp.net website so that's why I chose to host it in here but the first thing I'm going to do is I'm going to actually create an AES cipher so we'll go up and look at what that looks like it's pretty straightforward I just use that class and say create and I listed on the right-hand side what some of those defaults will be I'm gonna set the padding mode so for the padding mode it's fine to use the default I like to use this padding mode because what it does is you take your original string you're going to break it into blocks that very last block isn't gonna magically be the right size you know 128 bits so the algorithm needs to pad out the rest of that block by using this isoh padding mode it's going to put random data and the rest of that block which again it just helps with cryptography to be able to use more ran data when you're doing things so I like to use that for the padding mode I left this in here if you want to test later if you do a padding mode of zero and you use the wrong mode every time you encrypt the same piece of data it will always end up with the same encrypted cipher text by using these other defaults even if I encrypt the word yes 20 times every time it's going to turn out having something different because of the mode that we're using with CBC uses that initialization vector to get the original random text to use I'm doing this only for a demo I'm setting the key so obviously it's not a good decision to store my key directly in the code when I could have a lot of time today to talk about ways to store keys securely but for the demo code to be able to give it to you I wanted you to be able to see you can just generate some random bits and that's what I did to create that key so now what I have I've got the actual AES cipher as we saw before when I did the cipher it created some initialization data it created that first block of random data to use for encryption I wanted to be able to show that on the page and so I did a conversion to base64 it so that when I displayed it back in the webpage you would actually see it in a visible form because it started as a byte array to do the actual encryption I create an encrypted then do the utf-8 encoding that I did before that takes my plaintext string and converts it into a byte array and then I call this transform final block which does the actual encryption and then I chose in this case again to use base64 encoding so that I could display it on the screen as a string decryption is similar I create the same cipher I do kind of the reverse and then here I'm doing the create decryptor so again the main point is just you look very quickly this is a well-established algorithm that lots of people use that's highly secure and it really doesn't take much net code at all to be able to take advantage of it correctly to do mine Crypton so that is symmetric talk about asymmetric so the idea with asymmetric is you're going to the two partners are going to create their own public/private key pair and they're not the same that's why they call it asymmetric so in this case if I want to send to someone else I'm going to get their public key I'll take the plaintext I'm going to use the encryption using their public key once I do that I've got cypher text and the advantage of asymmetric is because I use their public key the only thing that can decrypt this now is their private key so obviously the receiver is going to hold on to their private key make sure nobody learns that but they're free to give out their public key wherever they want you'll see it on people's blogs you'll see it in email signatures anybody then can take that public key to encryption knowing that only the person who has the private key can do the decryption and get back to where they started problem with asymmetric so it's great because it's easy to distribute keys especially with people that you haven't even worked with before so for instance you came to my blog you'd be able to get my public key we wouldn't need to talk in advance for you to be able to send me things that are encrypted the bad news is it's about a thousand times slower than symmetric algorithms so you'll often see in practice like HTTPS and TLS they actually use a symmetric to encrypt a session symmetric key so in other words they generate a random symmetric key they will exchange that symmetric key using a symmetric encryption so that they can safely do that and then they continue again some of the very popular classes will talk and focus it on the RSA class so we'll do a quick demo on that so very similar to what we saw before I'm going to create I'll show you the page quick I can type in some text do an encryption and then I'll do the decrypt get back to where I started so very similar I'm going to create a cipher like I did before in this case I just used RSA I have created a set of public private keys that I have stored in this variable so now what I can do is take the plaintext I'll do my utf-8 again to do the encoding to get it into a byte array I'll call the encryption method which uses RSA and the public key from that keychain and then I will base64 it so I can show it on the screen Mme and a similar thing for decryption so again you'll see it's very simple to do this I've got examples in the code for how you can create RSA keys so later on you can see how to create keys for both asymmetric and symmetric by using some of these other classes and pages but basically that's how easy it is to do encryption when you're using dotnet core so talk quickly about digital signatures and this provides both integrity and non-repudiation the idea is I'm going to hash the contents of a message and then I'm gonna sign that hash with my private key by default it doesn't provide confidentiality but I'm going to show you in the diagram how you can do that as well so if we follow along here I've got some plain text I'm going to encrypt it using a symmetric just like I did before I'll use the receivers public key to do encryption I'll get ciphertext I'll use hashing to compute a hash once I have the hash I'll sign it with my private key and that will become my signature so now when I send the cipher text the person will be able to use the receivers private key to decrypt it they'll be able to use my public key to prove that I'm the person who signed it so again they have non-repudiation we've got integrity and we have confidentiality all in one big approach here as far as using this in dotnet core a couple cool things that are coming with dotnet core 3.0 we now will have authenticated encryption for the first time so we talked about AES encryption before and we've talked about hashing this combines the two of them so that I can come do the encryption send it to you and not only will you know that you can decrypt it but you'll also be able to use the hash to verify that it hasn't been tampered with so there's two new classes that come in net core 3 oh like you said this is the first time we've had access to authenticated encryption so that's cool they've also got an expanded list of cryptographic key formats that we can import an export compared to what we had in the past so in summary don't write your own encryption use trusted algorithms and implementations use hashing when you want to validate integrity of data or to prove that you both know the same secret and then generally with encryption you want to use symmetric algorithms because they perform so much better unless you have special needs for a symmetric set things such as digital signatures you need to do key exchanges etc and again know your threats choose the proper countermeasure so you need to know what you're trying to do whether it's confidentiality or non-repudiation will help guide what the right type of algorithm and approach will be when you're doing down at core some quick resources I have a Pluralsight course that's an introduction to cryptography and net so it goes through the same contents and a lot more detail with a lot of practical examples using done that framework in that case here's four very good books that talk about cryptography so if you're interested in how AES actually functions or how RSA works and all the math and and the technical background you can look at those if you want to get background just on the history of different uses of cryptography what people did how it got broken both of these books are excellent books for that and that's my Twitter that's an email address we can reach me that's where I have the slides and the code available and we can either do some questions or I can show a couple examples if we have a little time okay thank you so much so a bit of can you hear me all right actually oh sorry can you hear me all right Robert okay we'll see if this works um we need to switch off our mics because there is an echo that we haven't solved yet because half of the team needs to sleep at some point that's the fun of doing 24 hour livestream so I will forward you the questions Robert and then I will let's see thank you and hey there we go okay and then I will be able to unmute you and then I'll mute myself so we avoid the echo okay so here we go so in general people really appreciate the advice about not writing your own hash functions do you have any more to say on that topic no I think like I said it's nice that we have open-source trusted well deployed well tested hashing and cryptography you know the encryption asymmetric all of that stuff built into the framework I just a lot of people have said that they can write their own cryptography and they think that by writing their own algorithm and keeping it secret that they'll be able to do a better job and be able to encrypt stuff and virtually every time that's been tried that's a lot of times when people go on an audit and and look at specific issues with breaches and such they find that people do things like that take advantage of the stuff that's built into the framework just don't try to write your own if you really want to be a cryptographer go to a place where you have other cryptographers work together on things like dotnet core and have other people that can help review it because it's it's complicated stuff to create hopefully we've seen that it's easy to use yes that would be the power of teamwork I like it a lot it's always good to have other people checking your work okay so normally when one is using an encryption or decryption it's ID not to store the encrypted cipher text on the database but just the encrypted hash no good example would be if you don't so for example on passwords you traditionally would store hashes you don't need to reverse that data to get their original password you'll take the new password they type you'll hash it you'll compare it to a hash that works in that situation when you're storing data that you need to be able to get back and retrieve and actually see the value of you're going to have to actually use encryption in which case you'll want to use decryption as well I've got some examples in the sample code you can look at a good example of a public website that needs to take data you could put a public private key put the public key only on your web server so if anybody got it who cares encrypt stuff on the front end using the public key stored encrypted in the backend and then the only system that needs to decrypt it and use it has the private key but it's fine I mean if you need to get the data back you need to be able to decrypt it so you have to use encryption it's fine to store that in the database passwords are an example of I don't really need to back it up and see it I just need to make sure it's the same and that's why they use hashes for that great ok sorry I have to like now tight for buttons while we transfer so when it was just a general question what is the best place to store the encryption key very end of that sorry I know ok I'm trying to ask again but I have to switch all of the buttons ok what sorry what is the best place to store the encryption key that's a long very long answer depending on what you have access to what kind of system you have I tend to like the example I just went through if I've got a public-facing web server I generally treat that web server like it's compromisable you know at any time I could have a zero-day exploit things like that so I really don't want to have a key stored on that machine that's where I think storing the public key makes a lot of sense so if I use asymmetric put a public key on there I can even put that in my code if I want it doesn't matter because if anybody sees that it doesn't help them only on my internal behind the firewall system what I actually have the private key that could do that decryption there's as your key vault there's other techniques depending on what your deployment environment is how paranoid you are what your threat models are how people attack you etc but in general I like doing the public key if it's a website all right well thank you so much for joining us Robert that was very interesting next up we have John what is John going to be talking about Xavier John is gonna be talking about xamarin and modern Android applications so we're gonna hang up here on Robert and we're gonna call him right up so it's stick to and Kendra now gonna switch because like we gotta take breaks from Dino dive and we'll go from there all right thanks so much thanks so much Robert all right

Info

Channel: Microsoft Visual Studio

Views: 34,299

Rating: undefined out of 5

Keywords:

Id: rLEJLuA3hd0

Channel Id: undefined

Length: 29min 12sec (1752 seconds)

Published: Thu Oct 03 2019