Cryptography with Zend Framework

Cryptography in Zend Framework 2

Enrico Zimuel
Senior PHP Engineer
Zend Framework Team
Zend Technologies

Uncon – 9th June, Dutch PHP Conference 2012

ZendCrypt
●
ZendCrypt is a new component of ZF2
(>= 2.0.0beta4)
●
Facilitates the usage of cryptography in PHP
projects
●
Supports strong cryptography (standards +
best practices)

ZendCrypt: main features
●
Symmetric encryption/decryption +
authentication
●
Public key cryptography
●
Key Derivation Function (PBKDF2, Salted2SK)
●
Secure password hashing (bcrypt)
●
Hash
●
Hash-based Message Authentication Code
(HMAC)

Supported algorithms
●
Mcrypt: AES (Rijndael-128), Rijndael-192/256,
Blowfish, Twofish, DES, 3DES, CAST-128/256,
Saferplus, Serpent,
●
OpenSSL: RSA, Diffie Hellman
●
PBKDF2, Salted2SK
●
Bcrypt
●
Hash/HMAC functions provided by PHP: MD5, SHA-
1/224/256/384/512, RIPEMD, TIGER, AVAL, ...

ZendCrypt components
●
ZendCryptSymmetricMcrypt
●
ZendCryptPublicKeyRsa
●
ZendCryptPublicKeyDiffieHellman
●
ZendCryptPassword
●
ZendCryptKeyDerivation
●
ZendCryptBlockCipher
●
ZendCryptHash
●
ZendCryptHmac

Encryption + authentication
●
ZendCryptBlockCipher
●
Default:
– AES encryption in CBC mode
– HMAC authentication (SHA-256)
– Random IV for each encryption
– PKCS7 padding (RFC 5652)
– PBKDF2 for key derivation (encrypt and auth)
– Prevent timing attacks

Example: encrypt/decrypt

use ZendCryptBlockCipher;
use ZendCryptBlockCipher;

$cipher = BlockCipher::factory('mcrypt',
$cipher = BlockCipher::factory('mcrypt',
array('algorithm' => 'aes')
array('algorithm' => 'aes')
);
);
$cipher->setKey('this is the encryption key');
$cipher->setKey('this is the encryption key');
$text
$text = 'This is the message to encrypt';
= 'This is the message to encrypt';
$encrypted = $cipher->encrypt($text);
$encrypted = $cipher->encrypt($text);

printf("Encrypted text: %sn", $encrypted);
printf("Encrypted text: %sn", $encrypted);
$text
$text = $cipher->decrypt($encrypted);
= $cipher->decrypt($encrypted);
printf("Decrypted text: %sn", $text);
printf("Decrypted text: %sn", $text);

Encryption format
Encryption = HMAC . IV . ENCRYPT

●
MSG is the message to encrypt
●
KEY is the encryption key (by PBKDF2)
●
AUTH is the authentication key (by PBKDF2)
●
ENCRYPT = AES(MSG, KEY)
●
HMAC = HMAC('sha256', AUTH, 'AES' . IV . ENCRYPT)
●
IV = random

How to store a password?
●
“More than 6 million LinkedIn passwords
stolen” 7th July 2012, cnnmoney.com
●
Don't use only an hash algorithm (dictionary
attacks)
●
Even using a salt is insecure (brute force
attacks)

How to safely store a password
●
bcrypt is an adaptive cryptographic hash
function for passwords
●
It's considered secure because is slow
(prevent dictionary attacks)
●
Implemented using crypt() of PHP
●
It uses a parameter, the workload (or cost)
that specify the amount of work
●
More work means more secure hash value

Example: usage of bcrypt

use ZendCryptPasswordBcrypt;

$bcrypt
$bcrypt = new Bcrypt();
= new Bcrypt();
$password = $bcrypt->create('password');
$password = $bcrypt->create('password');
printf ("Password: %sn", $password);
printf ("Password: %sn", $password);

●
The output ($password) is a string of 60 bytes
●
The default value of the working factor is 14

Check for valid passwords


$bcrypt
$bcrypt = new Bcrypt();
= new Bcrypt();
$password = $_POST['password'];
$password = $_POST['password'];
$hash
$hash = '…'; // i.e. get from a database
= '…'; // i.e. get from a database
if ($bcrypt->verify($password, $hash)) {
if ($bcrypt->verify($password, $hash)) {
echo “The password is valid”;
echo “The password is valid”;
} else {
} else {
Echo “The password is not valid”;
Echo “The password is not valid”;
}
}

Key Derivation Function
●
NEVER USE user's password as crypto key!
●
Key Derivation Function generates
cryptographic keys based on user's
passwords
●
PBKDF2 is a KDF (RFC 2898, PKCS #5 v2.0)

PBKDF2
“PBKDF2 applies a pseudorandom function,
such as a cryptographic hash, cipher, or HMAC
to the input password or passphrase along with
a salt value and repeats the process many times
to produce a derived key, which can then be
used as a cryptographic key in subsequent
operations. The added computational work
makes password cracking much more difficult,
and is known as key stretching” From Wikipedia

Example: Pbkdf2

use ZendCryptKeyDerivationPbkdf2,
use ZendCryptKeyDerivationPbkdf2,
ZendMathMath;
ZendMathMath;

$salt = Math::randBytes(32);
$salt = Math::randBytes(32);
$pass = 'this is the password of the user';
$pass = 'this is the password of the user';
$hash = Pbkdf2::calc('sha256', $pass, $salt, 10000, 32);
$hash = Pbkdf2::calc('sha256', $pass, $salt, 10000, 32);

●
It generates a crypto key of 32 bytes using
SHA-256 + random salt with an interation of
10'000 times

How many iterations we need?
●
It depends on the CPU power that you use
●
Suggestion: use at least 1 sec. of computation
●
Using an Intel Core i5 CPU at 3.3Ghz you need
at least 100’000 iterations to get about 1 sec.
of computation

ZF2 random number generator
●
ZendMathMath::randBytes($length, $strong = false)
●
ZendMathMath::rand($min, $max, $strong = false)
●
Fallback strategy:
1) If OpenSSL: openssl_random_pseudo_bytes()
2) If Mcrypt: mcrypt_create_iv()
3) If (!$strong): mt_rand()
4) else throwing exception “Cannot generate
strong random numbers”

Some references
●
Niels Ferguson, Bruce Schneier, and Tadayoshi Kohno “
Cryptography Engineering” John Wiley & Sons, 2010
●
Dan Boneh, Cryptography Course, Stanford University,
Coursera free online courses
●
Coda Hale, How to safely store a password
●
Zend Framework 2
●
Anthony Ferrara, PHP-CryptLib
●
E.Zimuel “Cryptography in PHP” Web & PHP Magazine, Issue
2/2012
●
E.Zimuel “Cryptography made easy with Zend Framework”

Thanks!
●
Contacts:
enrico@zend.com
@ezimuel

Cryptography with Zend Framework

More Related Content

What's hot

Similar to Cryptography with Zend Framework

More from Enrico Zimuel

Recently uploaded

Cryptography with Zend Framework