PowerPoint

KUICS For 4th Incognito2015.08.27

, .1

2

KUICS 12 (http://kuics.korea.ac.kr)

Best of the Best 4 2015-08-27KUICS2

2 , KUICS 12 . Best of the Best 4 .2

Thanks toKUICS OpenCL .2015-08-27KUICS3

GPGPU OpenCL KUICS .

3

1) 2) 3) 4) 5) 6) 7) 2015-08-27KUICS4

. , , .4

! ! ! !2015-08-27KUICS5

vs .2015-08-27KUICS6

. .( ) .() .6

- .

Encrytion .

Hashing

2015-08-27KUICS7

, . , .Encryption , Hashing .7

==

DES, AESSEED, ARIARC4 !=

RSAECC ()2015-08-27KUICS8(== )

. .() , .( ) , () AES, () RSA .8

2015-08-27KUICS9

(Symmetric-key) .

, .

.

.2015-08-27KUICS10

. . . . , .10

(Stream Cipher) .

.

.

,

Ex) RC42015-08-27KUICS11

. , , . . . , . . RC4 .

11

(Block Cipher) () .

, .

Ex)DES, AES, SEED, ARIA2015-08-27KUICS12

. , . . DES, AES SEED, ARIA .

12

SEED1999 2 KISA 128 2005 ISO/IEC 2009 256 SEED 256

1990 40

-> SEED 128 .

2015-08-27KUICS13

. 1990 , 128 . , SEED . ( ) ARIA , .13

(Padding) , .

.

, .

2015-08-27KUICS14jovelerjoonji

jovelerjoonji333

, . . , . .14

Zero Padding

ANSI X.923

PKCS#7 (== PKCS#5)

2015-08-27KUICS15sleepyjovel\x00\x00\x00\x00\x00

sleepyjovel\x00\x00\x00\x00\x05

sleepyjovel\x05\x05\x05\x05\x05

( )PCKS#7 , PCKS#5 .15

(Cryptographic Mode) ?Mode of Operation () .

Ex) ECB, CBCEx) CFB, OFB, CTR

?2015-08-27KUICS16

, ? . ECB, CBC . , ?

16

- ECBElectronic Codebook .2015-08-27KUICS17

, . . ?17

Jang (J) - See Reference for the source - ECB .2015-08-27KUICS18

, . . ?18

Jang (J) - See Reference for the source - ECB?

. .-> !2015-08-27KUICS19

, ? . . ? ()( )() , ECB ., . .

19

- CBCCipher Block Chaining IV 2015-08-27KUICS20

Chaining , . , . ? (IV) . IV .

20

Jang (J) - See Reference for the source - CBC . .2015-08-27KUICS21

CBC , . .

21

Jang (J) - See Reference for the source - CBCECB vs CBC

. .-> -> CBC 2015-08-27KUICS22

ECB , CBC . . CBC , CBC .

.22

Jang (J) - See Reference for the source 2015-08-27KUICS23

(Public-key) .

, A-B A B B A .

.

Ex) RSA, ECC2015-08-27KUICS24==

. , . , A-B A B , B A . . , . RSA, ECC ( ) .

24

.

, .

, .

-> .

2015-08-27KUICS25

, , . . , . .

25

, .( !)

-> .

-> .

2015-08-27KUICS26

. . , / .26

.

.

.

Ex) SSL, https

2015-08-27KUICS27

? , , . , . SSL , .27

RSA .

, .

, .

2015-08-27KUICS28

, . RSA , . 1990 .28

RSA2015-08-27KUICS29

, .+ 29

2015-08-27KUICS30

.Hash .

?

2015-08-27KUICS31

, . Hash .() . , . .31

Ex) MD4, MD5, SHA1Ex) SHA256, SHA512, SHA3

(Collision) ?7f7eb2b2CrackMeXCrackME9fc8912aX2015-08-27KUICS32

Hash , . , Hash .( - )Hash . . ? . . . , .

32

Hash HelloHash ?

MD5b884835e390cca19ca121f9af942e786

SHA1af46d07e711fdd8d4821de03f30b1af8e9680555bfb4c4d2f21b7b11397648ab

Hash .2015-08-27KUICS33

HelloHash .

( x 2) . 33

DB

!

2015-08-27KUICS34

. , . , ., . . , DB DB . DB . , .() DB. DB . . , . ?() , . . 1bit , ., . . , . , , . , . . . , .

34

(Hash Collision) 30 , ?

?

70%!2015-08-27KUICS35

. . ?() 70%. .() , 128bit 10 38 , 10 19 75% . broken . MD5 , SHA1 .

35

2015-08-27KUICS36

sha256 , sha1 .

36

PKCS#8 ? 2015-08-27KUICS37

+

: signCert.der : signPri.key

Windows XPC:\Program Files\NPKIWindows Vista C:\Users\[]\AppData\LocalLow\NPKI

2015-08-27KUICS38

,() () ., ?

.38

2015-08-27KUICS39

, . 30 82 .39

X.509 v3, Binary DER

Encrypted PKCS#8 , Binary DER

2015-08-27KUICS40

X.509 3 , Binary DER . Encrypted PKCS#8 , Binary DER . . . , .40

- .

1) Salt2) Iteration3) Encrypted Private Key

3, SEED 128 CBC .

2015-08-27KUICS41

. Salt, Iteration, Encrypted Private Key. , 3 SEED 128 CBC .

41

- 1. ActiveX .2. .3. PBKDF1, SHA1 IV Key .4. Encrypted Private Key .5. .6. {// } .7. .2015-08-27KUICS42

1, 2 . . IV, Key , . , 1 4 .

42

2015-08-27KUICS43

1 : vs , .

2015-08-27KUICS44AB : !NC0GNI4O2015C . .

. , . .44

1 : vs

2015-08-27KUICS45ABA B AB(B ) ( ) KUICS

, . SSL .45

1 : vs MITM ( , Man in the Middle)

2015-08-27KUICS46ABA B C B ABA C C

, A B, B A A B . SSL . B! ? B !46

1 : vs MITM ( , Man in the Middle)

2015-08-27KUICS47ABA C C B CABC()

47

2 : ?

(Bruteforce)

.

? 2015-08-27KUICS48

. .() , .() , 000 999 . .() .() , .48

___11. A 2. , Hash 3. (A )4. Hash , FAIL5. 2015-08-27KUICS49

.() .() .() ,() .()49

3 : .

!

Dictionary

(...)

2015-08-27KUICS50

.() . .() DIctionary .()1q2w3e4r, password , .50

4 : Rainbow Table ,

.

2015-08-27KUICS51

, .() . (?) .()100 .A . . B . . , .() . , .( 2TB ) ., , . . , .51

___21. B 2. , Hash 3. (B )4. Rainbow Table 5. 6. ==

2015-08-27KUICS52

() .() .() () .()() .52

5 : Salt , ? , .2015-08-27KUICS53

SHA256(password + WjW9s34kdXSLic1)SHA256(password)vs

. ?() 20 .() .(), .(). () SALT DB . .53

___31. C 2. Hash 3. Rainbow Table 4. Salt Rainbow Table 5. , 2015-08-27KUICS54

() () .()Rainbow Table salt .() () .54

6 : (Iteration) ! ! .

Ex) Linux

SHA512(SHA512((SHA512(password+salt)));

2015-08-27KUICS55

5000!

. , . 0.5 , 0.5 . , Salt , SHA512 5000 . Salt, Iteration . 4 1 , 4 3 .55

1 : CPU .

100 1 4 4 .

CPU !

2015-08-27KUICS56

, ? CPU , 1 . , . 4 4 .

56

1 :

2015-08-27KUICS57

1 :

CPU 100% !2015-08-27KUICS58

1 : .

, .

.

OpenMP , !

2015-08-27KUICS59

. , . , , . OpenMP . OpenMP .59

2 : GPGPUCPU , .

GPU , . . -> !

2015-08-27KUICS60

CPU . . , GPU , .

60

2 : GPGPU

CPU GPU ?2015-08-27KUICS61

2 : GPGPU

GPU ! !2015-08-27KUICS62

2 : GPGPUGPGPU? GPU

CUDA : NVidia , .

OpenCL : , .

2015-08-27KUICS63

CPU C , GPU GPGPU . , CUDA OpenCL. OpenCL , .(CPU .)

CUDA OpenCL .63

Bruteforcing : PKCS#8 ! !2015-08-27KUICS64

1 : .

Salt, Iteration, Decrypted Data .

, 2015-08-27KUICS65

, ., . .

65

2 : Binary DER EncodingEncrypted PKCS#8

DER .

SaltIterationEncrypted Private Key

2015-08-27KUICS66

, Binary DER Encrypted PKCS#8 . .

66

2 : Hex Editor .2015-08-27KUICS67

Binary DER, Length

, Binary DER Encrypted PKCS#8 . .Hex Editor . 30 82 DER .

67

2 : .2015-08-27KUICS68

NPKIPrivateKey NPK_Parse .

.68

3 : IV, Key ?2015-08-27KUICS69

IV SEED Key . ... ?

69

Jang (J) - See Reference for the source3 : IV, Key ??2015-08-27KUICS70

Jang (J) - See Reference for the source3 : IV, Key ?2015-08-27KUICS71

3 : IV, Key SHA1 : PBKDF1 : SHA1

1) Salt PBKDF1 Iteration Count !2) 20 16 Key 3) 4 SHA1 16 IV

2015-08-27KUICS72

, .72

3 : IV, Key 2015-08-27KUICS73

.

73

3 : IV, Key 2015-08-27KUICS74PasswordPBKDF1PBKDF1PBKDF1PBKDF1Returned 20Byte16Byte4ByteSaltstrcat(Password, Salt)KeyIVPBKDF1SHA1Returned 20Byte16Byte4Byte

PBKDF1 SHA1 . , Salt 2048 Iteration . .SHA1 160 . 20 . 20 Key , IV .

74

3 : IV, Key

C 2015-08-27KUICS75

C .75

4 : SEED 2015-08-27KUICS76PBKDF1PBKDF1PBKDF1SEED_CBC128_DecryptDecrypted DataKeyIVPBKDF1IsPaddingOKPBKDF1SEED_RoundKeyEncrypted DataSuccessFail

IV, Key, Encrypted Data SEED 128 CBC . , 0x30 , DER / .

76

4 : SEED C 2015-08-27KUICS77

5 : 2015-08-27KUICS78PBKDF1PBKDF1PBKDF1NPKI_DecryptDecrypted DataNth PasswordPBKDF1IsPaddingOKPBKDF1BruteForceIterateSuccessFail

BruteForceIterate .

78

5 : BruteForceIterate() ,

NPKI_Decrypt()

?Intel Core i7-4770 6800/ GPGPU .2015-08-27KUICS79

BruteForceIterate . i7 6800 . OpenCL .

79

2015-08-27KUICS80

, ()

80

2015-08-27KUICS81

. .81

CPU 2015-08-27KUICS82

! .82

CPU

2015-08-27KUICS83

CPU

2015-08-27KUICS84

CPU

2015-08-27KUICS85

CPU 2015-08-27KUICS86

CPU

2015-08-27KUICS87

CPU

2015-08-27KUICS88

GPU .CPU OpenMP GPGPU OpenCL OpenCL , .

20 2015-08-27KUICS89

2015-08-27KUICS90

: To ,

To Rainbow Table , GTX980 Ti GPGPU BruteForcing (, OpenCL CUDA )2015-08-27KUICS91

() (To )/ : : , .() (To ) , GPGPU .91

ReferenceECB, CBC (Encryption, Decryption)https://en.wikipedia.org/wiki/Block_cipher_mode_of_operationTux Image (ECB, CBC)Larry Ewing (lewing@isc.tamu.edu),The GIMPSEED [v1.21] https://seed.kisa.or.kr/iwt/ko/sup/EgovSeedInfo.dohttp://www.rootca.or.kr/kor/standard/standard01B.jsp

2015-08-27KUICS92

Source Codeied206/NPKICraker on GithubLicensed under MIT Licensehttps://github.com/ied206/NPKICracker

2015-08-27KUICS93

Q & A

2015-08-27KUICS94

2015-08-27KUICS