This shows you the differences between two versions of the page.
cns:lectures:lecture-09 [2014/11/30 19:16] razvan.deaconescu [RSA in the Shell] |
cns:lectures:lecture-09 [2019/12/07 14:08] (current) razvan.deaconescu |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== Lecture 09 - Encryption. Hashing. APIs ====== | + | ====== Lecture 09 - Code Reuse (part 2) ====== |
- | * [[http://elf.cs.pub.ro/cns/res/lectures/lecture-09.pdf | Slides]] | + | * [[http://elf.cs.pub.ro/cns/res/lectures/09-code-reuse-2-handout.pdf|Slides]] |
- | * **Keywords**: encryption, symmetric encryption, public key encryption, digital signatures, hash, fingerprinting, certificate, RSA, MAC, ''openssl'', ''gnutls'', ''crypt'', ''libgcrypt'', ''botan'', side channel attack, Heartbleed | + | * **Keywords**: multi-phase attack, ASLR bypass, ROP chain, stack pivoting |
<html> | <html> | ||
- | <iframe src="http://docs.google.com/viewer?url=http://elf.cs.pub.ro/cns/res/lectures/lecture-09.pdf&embedded=true" width="600" height="470" style="border: none;"></iframe> | + | <center> |
+ | <iframe src="https://docs.google.com/viewer?url=http://elf.cs.pub.ro/cns/res/lectures/09-code-reuse-2-handout.pdf&embedded=true" width="600" height="470" style="border: none;"></iframe> | ||
+ | </center> | ||
</html> | </html> | ||
- | ===== Demos ===== | + | ===== Demo ===== |
- | For demos, we will use the [[http://elf.cs.pub.ro/cns/res/lectures/lecture-09-demo.zip|demo archive]]. We will a Linux system to run the demos. We download the archive using the command<code bash> | + | [[http://elf.cs.pub.ro/oss/res/lectures/09-code-reuse-2-demo.zip|Demo archive]] |
- | wget http://elf.cs.pub.ro/cns/res/lectures/lecture-09-demo.zip | + | |
- | </code> | + | |
- | and then we unpack the archive<code bash> | + | |
- | unzip lecture-09-demo.zip | + | |
- | </code> | + | |
- | and then access the demo folder that resulted after the unpack operation<code bash> | + | |
- | cd lecture-09-demo/ | + | |
- | </code> | + | |
- | We will now pass through the demos below. | + | |
- | The demos show various ways of using the RSA algorithm: generating keys, encrypting a message and decrypting the message. | + | /* |
- | ==== RSA in the Shell ==== | + | ====== Lecture 09 - Strings ====== |
- | We will first start using RSA inside the shell. We will do key generation, key inspection, encryption and decryptions using shell commands embedded in a shell script. | + | * [[http://elf.cs.pub.ro/cns/res/lectures/lecture-09.pdf | Slides]] |
+ | * **Keywords**: string, character, ''char'', ''signed char'', ''unsigned char'', NTBS, null character, character operators, string operations, bounds, overflow, truncation, sanitization, ''gets'', exploit, input validation, memory model, | ||
- | We will go to the ''shell/'' subfolder in the lab archive folder:<code> | + | <html> |
- | student@mjolnir:~/lecture-09-demo$ cd shell/ | + | <center> |
- | student@mjolnir:~/lecture-09-demo/shell$ ls -F | + | <iframe src="https://docs.google.com/viewer?url=http://elf.cs.pub.ro/cns/res/lectures/lecture-09.pdf&embedded=true" width="600" height="470" style="border: none;"></iframe> |
- | rsa-ctl* | + | </center> |
- | </code> | + | </html> |
- | + | ||
- | The ''rsa-ctl'' file is an executable shell script that allows us to do common RSA operations. We run it with no arguments to check what arguments we can pass to it:<code> | + | |
- | student@mjolnir:~/lecture-09-demo/shell$ ./rsa-ctl | + | |
- | Provide one argument. | + | |
- | Usage: ./rsa-ctl genkey | encrypt | decrypt | inspect | + | |
- | </code> | + | |
- | + | ||
- | The arguments are quite clear: we can generate the RSA keys, we can encrypt messages, we can decrypt messages and we can inspect the keys. | + | |
- | + | ||
- | First, use an editor or pager (such as ''vim'' or ''less'') to explore the script. Check the four functions implementing the required functionality: ''rsa_genkey'', ''rsa_encrypt'', ''rsa_decrypt'' and ''rsa_inspect''. All fuctions use the ''openssl'' command, the front-end command for the OpenSSL library. | + | |
- | + | ||
- | First, let's generate the private and public keys:<code> | + | |
- | student@mjolnir:~/lecture-09-demo/shell$ ./rsa-ctl genkey | + | |
- | Generate private key in rsa.private ... | + | |
- | Generate public key in rsa.public ... | + | |
- | student@mjolnir:~/lecture-09-demo/shell$ ls | + | |
- | rsa-ctl rsa.private rsa.public | + | |
- | </code> | + | |
- | + | ||
- | The keys are generated in the ''rsa.private'' and ''rsa.public'' files. Two ''openssl'' commands are used in the ''rsa_genkey'' funciton in the ''rsa-ctl'' script. The first command generates all required parameters and saves them in the private key file (''rsa.private''). The second command extract the public key information (the modulus ''n'' and the public exponent ''e'') and places the public key in the ''rsa.public'' file. Both keys are stored in [[http://www.faqs.org/qa/qa-14736.html|PEM format]]:<code> | + | |
- | student@mjolnir:~/lecture-09-demo/shell$ cat rsa.private | + | |
- | -----BEGIN RSA PRIVATE KEY----- | + | |
- | MIICXAIBAAKBgQDfa9+gSRjtsHLNYo6fk4OHwp/ZkM2p7UQM9zMbQ3T8Ql+ST0li | + | |
- | /GWx02zGD085eqIzzofZYEEn8/qm2l3iH94QofrbArTrERre4QGrNwUxBehYJKwo | + | |
- | malJ0mvPJqY+rVt2lNYPXCgcnC4aDSMgFKsgf2UzGif9pI7sE9Xzlgo8WQIDAQAB | + | |
- | AoGAaQG4Xws8DirKKkHSKqoYPax5mLX4E4+SVk2w1XWE/DLt3EQrh7x8x3FJRGVZ | + | |
- | pPhAV/0P2FjnBrIi8lzblzXHFkUQyFGOH+oyizIwDhFznb/XBt6VpEJZXDe278PP | + | |
- | 2Mtr0pGzmUMTYdzDXLxg267C4zPRJyqI3z1my9Vdljj03KkCQQD7vFTOdjkN+HZK | + | |
- | hJN90leDuGE9HhyFR0nErfPJFbMtXUXHXn7/MsB0N3R61FD0zSR0RcHRouYkAUwk | + | |
- | JEUx7S6vAkEA4zTBZK24V7iyHmpXMQPILQ7hVP3oggsT14bXZzVzHwNo/WvFTK4K | + | |
- | 43Pqo6o27xNxMQkLSp0t7GG7S5ZCAllHdwJBALWyVqf6zu2Vg5P/oxFy6/XH9G+P | + | |
- | t1g/fzA1ujtOrVg19XKUcyexsxVvHWS2sIQxOXmvC9lLMb+VLCb+Au+pWUMCQDAN | + | |
- | x11o1JVRDfMa4KgQObU18XiNXzCp8R9jeIlup5OGoB0BPzBxmwHyUU0eQhIclZMe | + | |
- | a5HzXnQhU4CwHfPrOA8CQD9TTziWkpYAvcFQNhyvjeJIBVODkBKZx9d3qoSzq9bn | + | |
- | ei0hbY6VL+gCkIHLuv4oBWqCl4EuN319amxzv+bJCAk= | + | |
- | -----END RSA PRIVATE KEY----- | + | |
- | + | ||
- | student@mjolnir:~/lecture-09-demo/shell$ cat rsa.public | + | |
- | -----BEGIN PUBLIC KEY----- | + | |
- | MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDfa9+gSRjtsHLNYo6fk4OHwp/Z | + | |
- | kM2p7UQM9zMbQ3T8Ql+ST0li/GWx02zGD085eqIzzofZYEEn8/qm2l3iH94Qofrb | + | |
- | ArTrERre4QGrNwUxBehYJKwomalJ0mvPJqY+rVt2lNYPXCgcnC4aDSMgFKsgf2Uz | + | |
- | Gif9pI7sE9Xzlgo8WQIDAQAB | + | |
- | -----END PUBLIC KEY----- | + | |
- | </code> | + | |
- | As the private key stores extensive information it is considerable larger than the public key. | + | |
- | + | ||
- | Let's also inspect the keys using the ''inspect'' argument to the ''rsa-ctl'' script. We will be able to see the modulus (''n''), the prime numbers (''p'' and ''q''), the public exponent (''e'') and the private exponent (''d'')). | + | |
- | + | ||
- | <spoiler Click to view command output> | + | |
- | <code> | + | |
- | student@mjolnir:~/lecture-09-demo/shell$ ./rsa-ctl inspect | + | |
- | + | ||
- | ==== Showing private key | + | |
- | + | ||
- | + | ||
- | Private-Key: (1024 bit) | + | |
- | modulus: | + | |
- | 00:df:6b:df:a0:49:18:ed:b0:72:cd:62:8e:9f:93: | + | |
- | 83:87:c2:9f:d9:90:cd:a9:ed:44:0c:f7:33:1b:43: | + | |
- | 74:fc:42:5f:92:4f:49:62:fc:65:b1:d3:6c:c6:0f: | + | |
- | 4f:39:7a:a2:33:ce:87:d9:60:41:27:f3:fa:a6:da: | + | |
- | 5d:e2:1f:de:10:a1:fa:db:02:b4:eb:11:1a:de:e1: | + | |
- | 01:ab:37:05:31:05:e8:58:24:ac:28:99:a9:49:d2: | + | |
- | 6b:cf:26:a6:3e:ad:5b:76:94:d6:0f:5c:28:1c:9c: | + | |
- | 2e:1a:0d:23:20:14:ab:20:7f:65:33:1a:27:fd:a4: | + | |
- | 8e:ec:13:d5:f3:96:0a:3c:59 | + | |
- | publicExponent: 65537 (0x10001) | + | |
- | privateExponent: | + | |
- | 69:01:b8:5f:0b:3c:0e:2a:ca:2a:41:d2:2a:aa:18: | + | |
- | 3d:ac:79:98:b5:f8:13:8f:92:56:4d:b0:d5:75:84: | + | |
- | fc:32:ed:dc:44:2b:87:bc:7c:c7:71:49:44:65:59: | + | |
- | a4:f8:40:57:fd:0f:d8:58:e7:06:b2:22:f2:5c:db: | + | |
- | 97:35:c7:16:45:10:c8:51:8e:1f:ea:32:8b:32:30: | + | |
- | 0e:11:73:9d:bf:d7:06:de:95:a4:42:59:5c:37:b6: | + | |
- | ef:c3:cf:d8:cb:6b:d2:91:b3:99:43:13:61:dc:c3: | + | |
- | 5c:bc:60:db:ae:c2:e3:33:d1:27:2a:88:df:3d:66: | + | |
- | cb:d5:5d:96:38:f4:dc:a9 | + | |
- | prime1: | + | |
- | 00:fb:bc:54:ce:76:39:0d:f8:76:4a:84:93:7d:d2: | + | |
- | 57:83:b8:61:3d:1e:1c:85:47:49:c4:ad:f3:c9:15: | + | |
- | b3:2d:5d:45:c7:5e:7e:ff:32:c0:74:37:74:7a:d4: | + | |
- | 50:f4:cd:24:74:45:c1:d1:a2:e6:24:01:4c:24:24: | + | |
- | 45:31:ed:2e:af | + | |
- | prime2: | + | |
- | 00:e3:34:c1:64:ad:b8:57:b8:b2:1e:6a:57:31:03: | + | |
- | c8:2d:0e:e1:54:fd:e8:82:0b:13:d7:86:d7:67:35: | + | |
- | 73:1f:03:68:fd:6b:c5:4c:ae:0a:e3:73:ea:a3:aa: | + | |
- | 36:ef:13:71:31:09:0b:4a:9d:2d:ec:61:bb:4b:96: | + | |
- | 42:02:59:47:77 | + | |
- | exponent1: | + | |
- | 00:b5:b2:56:a7:fa:ce:ed:95:83:93:ff:a3:11:72: | + | |
- | eb:f5:c7:f4:6f:8f:b7:58:3f:7f:30:35:ba:3b:4e: | + | |
- | ad:58:35:f5:72:94:73:27:b1:b3:15:6f:1d:64:b6: | + | |
- | b0:84:31:39:79:af:0b:d9:4b:31:bf:95:2c:26:fe: | + | |
- | 02:ef:a9:59:43 | + | |
- | exponent2: | + | |
- | 30:0d:c7:5d:68:d4:95:51:0d:f3:1a:e0:a8:10:39: | + | |
- | b5:35:f1:78:8d:5f:30:a9:f1:1f:63:78:89:6e:a7: | + | |
- | 93:86:a0:1d:01:3f:30:71:9b:01:f2:51:4d:1e:42: | + | |
- | 12:1c:95:93:1e:6b:91:f3:5e:74:21:53:80:b0:1d: | + | |
- | f3:eb:38:0f | + | |
- | coefficient: | + | |
- | 3f:53:4f:38:96:92:96:00:bd:c1:50:36:1c:af:8d: | + | |
- | e2:48:05:53:83:90:12:99:c7:d7:77:aa:84:b3:ab: | + | |
- | d6:e7:7a:2d:21:6d:8e:95:2f:e8:02:90:81:cb:ba: | + | |
- | fe:28:05:6a:82:97:81:2e:37:7d:7d:6a:6c:73:bf: | + | |
- | e6:c9:08:09 | + | |
- | Modulus=DF6BDFA04918EDB072CD628E9F938387C29FD990CDA9ED440CF7331B4374FC425F924F4962FC65B1D36CC60F4F397AA233CE87D9604127F3FAA6DA5DE21FDE10A1FADB02B4EB111ADEE101AB37053105E85824AC2899A949D26BCF26A63EAD5B7694D60F5C281C9C2E1A0D232014AB207F65331A27FDA48EEC13D5F3960A3C59 | + | |
- | + | ||
- | ==== Showing public key | + | |
- | + | ||
- | + | ||
- | Public-Key: (1024 bit) | + | |
- | Modulus: | + | |
- | 00:df:6b:df:a0:49:18:ed:b0:72:cd:62:8e:9f:93: | + | |
- | 83:87:c2:9f:d9:90:cd:a9:ed:44:0c:f7:33:1b:43: | + | |
- | 74:fc:42:5f:92:4f:49:62:fc:65:b1:d3:6c:c6:0f: | + | |
- | 4f:39:7a:a2:33:ce:87:d9:60:41:27:f3:fa:a6:da: | + | |
- | 5d:e2:1f:de:10:a1:fa:db:02:b4:eb:11:1a:de:e1: | + | |
- | 01:ab:37:05:31:05:e8:58:24:ac:28:99:a9:49:d2: | + | |
- | 6b:cf:26:a6:3e:ad:5b:76:94:d6:0f:5c:28:1c:9c: | + | |
- | 2e:1a:0d:23:20:14:ab:20:7f:65:33:1a:27:fd:a4: | + | |
- | 8e:ec:13:d5:f3:96:0a:3c:59 | + | |
- | Exponent: 65537 (0x10001) | + | |
- | Modulus=DF6BDFA04918EDB072CD628E9F938387C29FD990CDA9ED440CF7331B4374FC425F924F4962FC65B1D36CC60F4F397AA233CE87D9604127F3FAA6DA5DE21FDE10A1FADB02B4EB111ADEE101AB37053105E85824AC2899A949D26BCF26A63EAD5B7694D60F5C281C9C2E1A0D232014AB207F65331A27FDA48EEC13D5F3960A3C59 | + | |
- | </code> | + | |
- | </spoiler> | + | |
- | You can see the large modulus and prime numbers. We generated the key for 1024 bits, so the modulus uses 256 hexadecimal digits (each digit ocuppies 4 bits, for a total or ''256 * 4 = 1024'' bits). We know we have a valid key pair since both the private and public key are using the same modulus. | + | |
- | + | ||
- | <code> | + | |
- | student@mjolnir:~/lecture-09-demo/shell$ echo "anaaremere" | ./rsa-ctl encrypt > encrypted.msg | + | |
- | student@mjolnir:~/lecture-09-demo/shell$ ./rsa-ctl decrypt < encrypted.msg | + | |
- | anaaremere | + | |
- | </code> | + | |
- | ==== RSA in C ==== | + | |
- | + | ||
- | TODO | + | |
- | + | ||
- | ==== RSA in Python ==== | + | |
- | TODO | + | */ |