SlideShare a Scribd company logo

JavaScriptを使って学ぶEnd-to-Endセキュリティ 第2回

J
Jun Kurihara

The document presents a comprehensive overview of implementing end-to-end (E2E) security using JavaScript, focusing on AES (Advanced Encryption Standard) encryption methods. It covers topics like key derivation using PBKDF2 and HKDF, various encryption modes such as CBC, and practical execution of security tasks in a JavaScript environment. Code snippets and external references are provided to help developers apply these concepts in their applications.

Technology
1 of 50
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
JavaScript End-to-End 2 AES 1),2) 1) 2) January 26, 2020 Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 1 / 50
Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 2 / 50
( 1 ) End-to-End (E2E) Web E2E JavaScript (AES) E2E AES App AES Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 3 / 50
AES AES 1 ( )2 AES 3 1 RFC8018 PBES2 https://tools.ietf.org/html/rfc8018 AES 2 .env Base64 3 RFC5869 HKDF https://tools.ietf.org/html/rfc5869 AES Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 4 / 50
4 4 php hash hkdf() (2018 ) Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 5 / 50
: Web Web : Bash, Git Node.js, npm, yarn Google Chrome and/or Firefox Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 6 / 50
( ) 1 &JS 2 AES 3 4 MAC Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 7 / 50
AES Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 8 / 50
AES (Advanced Encryption Standard) AES NIST 3 : 128-bit, 192-bit, 256-bit NESSIE CRYPTREC Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 9 / 50
AES AES 3 1 AES 2 AES 5 3 AES 5 1 2 Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 10 / 50
: AES AES AES AES Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 11 / 50
1: AES ⇒ 6 6 Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 12 / 50
⇒ 1 1 Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 13 / 50
⇒ 7 7 PBKDF2 (RFC8018), HKDF (RFC5869) Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 14 / 50
2: AES ⇒ Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 15 / 50
8 8 628 < 248 ⇒ 48bits 1.5PB ⇒ 48bits 8 8 2009 60 GPU https://web.archive.org/web/20180412051235/http: //www.lockdown.co.uk/?pg=combi&s=articles Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 16 / 50
(Salt ) AES 9 9 PBKDF2 Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 17 / 50
Salt 1 1 AES Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 18 / 50
3: AES ⇒ AES API (’AES256-CBC’ ) AES AES 1 16bytes Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 19 / 50
AES 2 (IV) 10 CTR CBC ECB ECB ( ) 10 API (Nonce) Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 20 / 50
ECB ⇒ 11 ⇒ JavaScript ECB 11 1 16Bytes Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 21 / 50
ECB CBC 16Bytes 16Bytes 16Bytes CBC 16Bytes Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 22 / 50
AES : Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 23 / 50
REST API E2E Amazon S3 bucket Amazon S3 bucket JavaScript JavaScript Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 24 / 50
Node.js 1 12 2 AES-CBC 13 REST API 12 1,2 13 3 Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 25 / 50
: Node.js (> v10) yarn 14 Google Chrome ( ) Firefox Visual Studio Code WebStorm 14 : npm i -g yarn Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 26 / 50
JavaScript GitHub 15 Clone $ git clone https://github.com/junkurihara/slides-e2e-security-js.git $ cd sample02 $ yarn install $ yarn build 15 https://github.com/junkurihara/slides-e2e-security-js/ Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 27 / 50
REST API SSL (https://e2e.zettant.com/)16 $ yarn start localhost 3000 HTTP 16 2020/1/25 Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 28 / 50
Node.js AES AES jscu 17 API Code snippet 17 https://github.com/junkurihara/jscu Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 29 / 50
yarn execute post -r -p ‘ ’ ‘ ’ sample $ yarn execute post -r -p ’my password’ ’my private data’ // -r Register encrypted data to remote server Data: my private data Password: my password Derived key and its related params: // Derived key in Base64: fiP4flrlhd3Iwg5MOyln7zNNk4Au9If429n2uvfi43s= PBKDF2 Param - Salt in Base64: zyD7/TGDq3dig3l4zJ5SRzFKVnIjw2KG26XUrMZFkkw= PBKDF2 Param - Hash: SHA-256 PBKDF2 Param - Iteration: 2048 Registered id: 1 // id=1 S4lFVWrvLj4OjPfFRTgVJFfRUI+6LIlw1VooFzG2J5E= my password Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 30 / 50
https://e2e.zettant.com/data AES CBC IV Salt, iteration Hash Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 31 / 50
yarn execute get -r -p ‘ ’ ‘id ’ $ yarn execute get -r -p ’my password’ 1 // -r Retrieve encrypted data to remote server Id: 1 Password: my password Derived key and its related params: // Derived key in Base64: fiP4flrlhd3Iwg5MOyln7zNNk4Au9If429n2uvfi43s= PBKDF2 Param - Salt in Base64: zyD7/TGDq3dig3l4zJ5SRzFKVnIjw2KG26XUrMZFkkw= PBKDF2 Param - Hash: SHA-256 PBKDF2 Param - Iteration: 2048 Decrypted data: my private data // Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 32 / 50
( ) yarn execute post -r -m ‘ ’ ‘ ’ 18 sample $ yarn execute gen-secret 32 // Base64 Generated master secret in Base64: mP95WFEv3G/iWsjQKC4mEuEmCkiS8dRK80Q6CpC1bc0= $ yarn execute post -r -m ’mP95WFEv3G/iWsjQKC4mEuEmCkiS8dRK80Q6CpC1bc0=’ ’my private data’ Register encrypted data to remote server Data: my private data Master secret: mP95WFEv3G/iWsjQKC4mEuEmCkiS8dRK80Q6CpC1bc0= Derived key and its related params: // Derived key in Base64: 1vgTfxp3FEi3kpJiQ6h0vxtDCkdz+u5XQUF1tPm1VMY= HKDF Param - Salt in Base64: 8SM9tyXJUX+JGwLswIUnnGyHPL+7hzkSHXaKY7z0AF0= HKDF Param - Hash: SHA-256 Registered id: 2 18 Base64 Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 33 / 50
AES CBC IV Salt, Hash Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 34 / 50
yarn execute get -r -m ‘ ’ ‘id ’ $ yarn execute get -r -m ’mP95WFEv3G/iWsjQKC4mEuEmCkiS8dRK80Q6CpC1bc0=’ 2 // -r Retrieve encrypted data to remote server Id: 2 Master secret: mP95WFEv3G/iWsjQKC4mEuEmCkiS8dRK80Q6CpC1bc0= Derived key and its related params: // Derived key in Base64: 1vgTfxp3FEi3kpJiQ6h0vxtDCkdz+u5XQUF1tPm1VMY= HKDF Param - Salt in Base64: 8SM9tyXJUX+JGwLswIUnnGyHPL+7hzkSHXaKY7z0AF0= HKDF Param - Hash: SHA-256 Decrypted data: my private data // Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 35 / 50
sample02/src/post-get-browser.html ( html ) Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 36 / 50
ECB API $ yarn execute aes-mode-compare ’0123456789ABCDEF0123456789ABCDEF’ 16bytes random key (Base64): 4gfrl+/OMyFt2ALLEp24sIXyHsyjvlYZZxRj4lkJe9M= data (Hex): 3031323334353637383941424344454630313233343536373839414243444546 AES-ECB (Hex): c871e345b92951236059676b0866c7af c871e345b92951236059676b0866c7af ... AES-CBC (Hex): d34ad4cc8816edcf3ad1a56c355c9067 69c4f525903b607960e377649abef648 ... 16bytes ECB ECB ⇒ Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 37 / 50
CBC 19 ECB WebCryptoAPI 20 ECB CBC CTR 19 ECB 20 CBC ECB Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 38 / 50
AES : Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 39 / 50
PBKDF2 in JavaScript AES PBKDF2: Password-based Key Derivation Function PKCS #5 v2.1 (RFC808121 ) PBKDF1 PBKDF2 (AES) Password-based Encryption Scheme 2 (PBES2) BCrypt 22 21 https://tools.ietf.org/html/rfc8018 22 Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 40 / 50
PBKDF2 WebCrypto API, Node.js Crypto API jscu sample/src/derive-key.js: deriveKeyFromPassword const jscu = getJscu(); // jscu script require if(!salt){ // salt Salt salt = jscu.random.getRandomBytes(32); // Uint8Array } else { salt = jseu.encoder.decodeBase64(salt); // Base64 Uint8Array } const key = await jscu.pbkdf.pbkdf2( // PBKDF2 password, // salt, // ( ) iterationCount, // 1000 ( ) len, // ( ) hash // HMAC Hash ’SHA-256’ ( ) ); Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 41 / 50
HKDF in JavaScript AES HKDF: HMAC-based Key Derivation Function RFC808123 PBKDF2 23 https://tools.ietf.org/html/rfc5869 Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 42 / 50
HKDF WebCrypto API jscu sample/src/derive-key.js: deriveKeyFromMasterSecret const jscu = getJscu(); // jscu script require if(!salt){ // salt Salt salt = jscu.random.getRandomBytes(32); // Uint8Array } else { salt = jseu.encoder.decodeBase64(salt); // Base64 Uint8Array } const keyObj = await jscu.hkdf.compute( masterSecret, // hash // HMAC Hash ’SHA-256’ ( ) len, // ( ) ’’, // ’info’ field for RFC5869. This could be always blank. salt // ( ) ); Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 43 / 50
jscu CBC CTR CTR GCM24 sample/src/encrypt.js: encrypt const jscu = getJscu(); // jscu script require const uint8iv = jscu.random.getRandomBytes(16); // IV CBC 16Bytes const encrypted = await jscu.aes.encrypt( // AES jseu.encoder.stringToArrayBuffer(data), // string data Uint8Array key, // HKDF/PBKDF { // CBC name: ’AES-CBC’, iv: uint8iv } ); 24 GCM(Galois/Counter Mode) CTR Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 44 / 50
sample/src/encrypt.js: decrypt const jscu = getJscu(); // jscu script require const decrypted = await jscu.aes.decrypt( // AES jseu.encoder.decodeBase64(data), // Base64 key, // HKDF/PBKDF { // CBC name: ’AES-CBC’, iv: jseu.encoder.decodeBase64(iv) // Base64 IV } ); Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 45 / 50
Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 46 / 50
AES Key Derivation Function ( PBKDF2/HKDF 25 ) CBC CTR JavaScript 25 e.g., JOSE Concat KDF with AESKW https://tools.ietf.org/html/rfc8037 Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 47 / 50
: RSA-OAEP EDCH-Ephemeral + AES Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 48 / 50
: iTransfy by Zettant Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 49 / 50
: : recruit@zettant.com URL: https://www.zettant.com Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 50 / 50

More Related Content

PDF
JavaScriptを使って学ぶEnd-to-Endセキュリティ 第3回
Jun Kurihara
 
PDF
JavaScriptを使って学ぶEnd-to-Endセキュリティ 第4回
Jun Kurihara
 
PDF
JavaScriptを使って学ぶEnd-to-Endセキュリティ 第1回
Jun Kurihara
 
PDF
JavaScriptを使って学ぶEnd-to-Endセキュリティ Appendix
Jun Kurihara
 
TXT
File list
abduljalil96
 
PDF
93e23 msi ms-7101_rev_2b_sch
Domingo Arroyo
 
PDF
Windows exploitation-2016-a4
Andrey Apuhtin
 
PDF
Postgre sql custom datatype overloading operator and casting
Andrea Adami
 
JavaScriptを使って学ぶEnd-to-Endセキュリティ 第3回
Jun Kurihara
 
JavaScriptを使って学ぶEnd-to-Endセキュリティ 第4回
Jun Kurihara
 
JavaScriptを使って学ぶEnd-to-Endセキュリティ 第1回
Jun Kurihara
 
JavaScriptを使って学ぶEnd-to-Endセキュリティ Appendix
Jun Kurihara
 
File list
abduljalil96
 
93e23 msi ms-7101_rev_2b_sch
Domingo Arroyo
 
Windows exploitation-2016-a4
Andrey Apuhtin
 
Postgre sql custom datatype overloading operator and casting
Andrea Adami
 

Similar to JavaScriptを使って学ぶEnd-to-Endセキュリティ 第2回 (20)

PDF
Metasepi team meeting #20: Start! ATS programming on MCU
Kiwamu Okabe
 
DOC
Licencias nod 32
Yessica Maceda Garrido
 
PDF
piotrowski-Benchmarking-Performance-Overhead-of-DTrace-on-FreeBSD-and-eBPF-on...
Svetlin Ivanov
 
PPTX
Best Practices in Handling Performance Issues
Odoo
 
PDF
Eta lang Beauty And The Beast
Jarek Ratajski
 
PPT
Bsides
m j
 
PDF
Microcontroller part 2
Keroles karam khalil
 
PDF
Summer Camp Live sessions.pdf
HCIA2020
 
DOCX
ใบงานที่ 4
KaRn Tik Tok
 
PPT
Fav
helloppt
 
PPT
&lt;img src="xss.com">
"&lt;u>aaa&lt;/u>
 
PDF
10 Excellent Ways to Secure Your Spring Boot Application - Devoxx Belgium 2019
Matt Raible
 
ODP
Scrypt Chacha by Travis Tolle (Ultracoin)
Hashers United
 
PDF
I made some more expansion board for M5Stack
Masawo Yamazaki
 
PDF
10 Excellent Ways to Secure Your Spring Boot Application - The Secure Develop...
Matt Raible
 
PDF
Krzysztof Mazepa - IOS XR - IP Fast Convergence
PROIDEA
 
PDF
Piwik elasticsearch kibana at OSC Tokyo 2016 Spring
Takashi Yamamoto
 
PDF
Webshield internet of things
Raghav Shetty
 
DOC
Capital onehadoopclass
Doug Chang
 
PPTX
Internet of Things Magic Show
Stephen Chin
 
Metasepi team meeting #20: Start! ATS programming on MCU
Kiwamu Okabe
 
Licencias nod 32
Yessica Maceda Garrido
 
piotrowski-Benchmarking-Performance-Overhead-of-DTrace-on-FreeBSD-and-eBPF-on...
Svetlin Ivanov
 
Best Practices in Handling Performance Issues
Odoo
 
Eta lang Beauty And The Beast
Jarek Ratajski
 
Bsides
m j
 
Microcontroller part 2
Keroles karam khalil
 
Summer Camp Live sessions.pdf
HCIA2020
 
ใบงานที่ 4
KaRn Tik Tok
 
Fav
helloppt
 
&lt;img src="xss.com">
"&lt;u>aaa&lt;/u>
 
10 Excellent Ways to Secure Your Spring Boot Application - Devoxx Belgium 2019
Matt Raible
 
Scrypt Chacha by Travis Tolle (Ultracoin)
Hashers United
 
I made some more expansion board for M5Stack
Masawo Yamazaki
 
10 Excellent Ways to Secure Your Spring Boot Application - The Secure Develop...
Matt Raible
 
Krzysztof Mazepa - IOS XR - IP Fast Convergence
PROIDEA
 
Piwik elasticsearch kibana at OSC Tokyo 2016 Spring
Takashi Yamamoto
 
Webshield internet of things
Raghav Shetty
 
Capital onehadoopclass
Doug Chang
 
Internet of Things Magic Show
Stephen Chin
 
Ad

More from Jun Kurihara (7)

PDF
プライバシ保護のためのインターネットアーキテクチャの進化 (2025-07-11)
Jun Kurihara
 
PDF
TLS 1.3におけるハイブリッド耐量子鍵交換 - Hybrid Post Quantum Key Exchange for TLS 1.3
Jun Kurihara
 
PDF
植松友彦先生 著 「研究読本」の2022年バージョン副読本
Jun Kurihara
 
PDF
Hybrid Public Key Encryption (HPKE)
Jun Kurihara
 
PDF
Mutualized Oblivious DNS (μODNS): Hiding a tree in the wild forest
Jun Kurihara
 
PDF
DNS におけるセキュリティ&プライバシ動向
Jun Kurihara
 
PDF
Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --
Jun Kurihara
 
プライバシ保護のためのインターネットアーキテクチャの進化 (2025-07-11)
Jun Kurihara
 
TLS 1.3におけるハイブリッド耐量子鍵交換 - Hybrid Post Quantum Key Exchange for TLS 1.3
Jun Kurihara
 
植松友彦先生 著 「研究読本」の2022年バージョン副読本
Jun Kurihara
 
Hybrid Public Key Encryption (HPKE)
Jun Kurihara
 
Mutualized Oblivious DNS (μODNS): Hiding a tree in the wild forest
Jun Kurihara
 
DNS におけるセキュリティ&プライバシ動向
Jun Kurihara
 
Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --
Jun Kurihara
 
Ad

Recently uploaded (20)

PDF
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
PDF
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PDF
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PDF
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
PPTX
Spectroscopy.pptx food analysis technology
nawahassan45
 
PPT
Teaching material agriculture food technology
LiaRayya
 
PDF
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
MYSQL Presentation for SQL database connectivity
Swati270511
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
Spectroscopy.pptx food analysis technology
nawahassan45
 
Teaching material agriculture food technology
LiaRayya
 
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 

JavaScriptを使って学ぶEnd-to-Endセキュリティ 第2回

  • 1. JavaScript End-to-End 2 AES 1),2) 1) 2) January 26, 2020 Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 1 / 50
  • 2. Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 2 / 50
  • 3. ( 1 ) End-to-End (E2E) Web E2E JavaScript (AES) E2E AES App AES Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 3 / 50
  • 4. AES AES 1 ( )2 AES 3 1 RFC8018 PBES2 https://tools.ietf.org/html/rfc8018 AES 2 .env Base64 3 RFC5869 HKDF https://tools.ietf.org/html/rfc5869 AES Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 4 / 50
  • 5. 4 4 php hash hkdf() (2018 ) Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 5 / 50
  • 6. : Web Web : Bash, Git Node.js, npm, yarn Google Chrome and/or Firefox Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 6 / 50
  • 7. ( ) 1 &JS 2 AES 3 4 MAC Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 7 / 50
  • 8. AES Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 8 / 50
  • 9. AES (Advanced Encryption Standard) AES NIST 3 : 128-bit, 192-bit, 256-bit NESSIE CRYPTREC Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 9 / 50
  • 10. AES AES 3 1 AES 2 AES 5 3 AES 5 1 2 Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 10 / 50
  • 11. : AES AES AES AES Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 11 / 50
  • 12. 1: AES ⇒ 6 6 Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 12 / 50
  • 13. ⇒ 1 1 Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 13 / 50
  • 14. ⇒ 7 7 PBKDF2 (RFC8018), HKDF (RFC5869) Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 14 / 50
  • 15. 2: AES ⇒ Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 15 / 50
  • 16. 8 8 628 < 248 ⇒ 48bits 1.5PB ⇒ 48bits 8 8 2009 60 GPU https://web.archive.org/web/20180412051235/http: //www.lockdown.co.uk/?pg=combi&s=articles Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 16 / 50
  • 17. (Salt ) AES 9 9 PBKDF2 Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 17 / 50
  • 18. Salt 1 1 AES Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 18 / 50
  • 19. 3: AES ⇒ AES API (’AES256-CBC’ ) AES AES 1 16bytes Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 19 / 50
  • 20. AES 2 (IV) 10 CTR CBC ECB ECB ( ) 10 API (Nonce) Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 20 / 50
  • 21. ECB ⇒ 11 ⇒ JavaScript ECB 11 1 16Bytes Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 21 / 50
  • 22. ECB CBC 16Bytes 16Bytes 16Bytes CBC 16Bytes Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 22 / 50
  • 23. AES : Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 23 / 50
  • 24. REST API E2E Amazon S3 bucket Amazon S3 bucket JavaScript JavaScript Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 24 / 50
  • 25. Node.js 1 12 2 AES-CBC 13 REST API 12 1,2 13 3 Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 25 / 50
  • 26. : Node.js (> v10) yarn 14 Google Chrome ( ) Firefox Visual Studio Code WebStorm 14 : npm i -g yarn Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 26 / 50
  • 27. JavaScript GitHub 15 Clone $ git clone https://github.com/junkurihara/slides-e2e-security-js.git $ cd sample02 $ yarn install $ yarn build 15 https://github.com/junkurihara/slides-e2e-security-js/ Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 27 / 50
  • 28. REST API SSL (https://e2e.zettant.com/)16 $ yarn start localhost 3000 HTTP 16 2020/1/25 Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 28 / 50
  • 29. Node.js AES AES jscu 17 API Code snippet 17 https://github.com/junkurihara/jscu Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 29 / 50
  • 30. yarn execute post -r -p ‘ ’ ‘ ’ sample $ yarn execute post -r -p ’my password’ ’my private data’ // -r Register encrypted data to remote server Data: my private data Password: my password Derived key and its related params: // Derived key in Base64: fiP4flrlhd3Iwg5MOyln7zNNk4Au9If429n2uvfi43s= PBKDF2 Param - Salt in Base64: zyD7/TGDq3dig3l4zJ5SRzFKVnIjw2KG26XUrMZFkkw= PBKDF2 Param - Hash: SHA-256 PBKDF2 Param - Iteration: 2048 Registered id: 1 // id=1 S4lFVWrvLj4OjPfFRTgVJFfRUI+6LIlw1VooFzG2J5E= my password Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 30 / 50
  • 31. https://e2e.zettant.com/data AES CBC IV Salt, iteration Hash Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 31 / 50
  • 32. yarn execute get -r -p ‘ ’ ‘id ’ $ yarn execute get -r -p ’my password’ 1 // -r Retrieve encrypted data to remote server Id: 1 Password: my password Derived key and its related params: // Derived key in Base64: fiP4flrlhd3Iwg5MOyln7zNNk4Au9If429n2uvfi43s= PBKDF2 Param - Salt in Base64: zyD7/TGDq3dig3l4zJ5SRzFKVnIjw2KG26XUrMZFkkw= PBKDF2 Param - Hash: SHA-256 PBKDF2 Param - Iteration: 2048 Decrypted data: my private data // Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 32 / 50
  • 33. ( ) yarn execute post -r -m ‘ ’ ‘ ’ 18 sample $ yarn execute gen-secret 32 // Base64 Generated master secret in Base64: mP95WFEv3G/iWsjQKC4mEuEmCkiS8dRK80Q6CpC1bc0= $ yarn execute post -r -m ’mP95WFEv3G/iWsjQKC4mEuEmCkiS8dRK80Q6CpC1bc0=’ ’my private data’ Register encrypted data to remote server Data: my private data Master secret: mP95WFEv3G/iWsjQKC4mEuEmCkiS8dRK80Q6CpC1bc0= Derived key and its related params: // Derived key in Base64: 1vgTfxp3FEi3kpJiQ6h0vxtDCkdz+u5XQUF1tPm1VMY= HKDF Param - Salt in Base64: 8SM9tyXJUX+JGwLswIUnnGyHPL+7hzkSHXaKY7z0AF0= HKDF Param - Hash: SHA-256 Registered id: 2 18 Base64 Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 33 / 50
  • 34. AES CBC IV Salt, Hash Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 34 / 50
  • 35. yarn execute get -r -m ‘ ’ ‘id ’ $ yarn execute get -r -m ’mP95WFEv3G/iWsjQKC4mEuEmCkiS8dRK80Q6CpC1bc0=’ 2 // -r Retrieve encrypted data to remote server Id: 2 Master secret: mP95WFEv3G/iWsjQKC4mEuEmCkiS8dRK80Q6CpC1bc0= Derived key and its related params: // Derived key in Base64: 1vgTfxp3FEi3kpJiQ6h0vxtDCkdz+u5XQUF1tPm1VMY= HKDF Param - Salt in Base64: 8SM9tyXJUX+JGwLswIUnnGyHPL+7hzkSHXaKY7z0AF0= HKDF Param - Hash: SHA-256 Decrypted data: my private data // Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 35 / 50
  • 36. sample02/src/post-get-browser.html ( html ) Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 36 / 50
  • 37. ECB API $ yarn execute aes-mode-compare ’0123456789ABCDEF0123456789ABCDEF’ 16bytes random key (Base64): 4gfrl+/OMyFt2ALLEp24sIXyHsyjvlYZZxRj4lkJe9M= data (Hex): 3031323334353637383941424344454630313233343536373839414243444546 AES-ECB (Hex): c871e345b92951236059676b0866c7af c871e345b92951236059676b0866c7af ... AES-CBC (Hex): d34ad4cc8816edcf3ad1a56c355c9067 69c4f525903b607960e377649abef648 ... 16bytes ECB ECB ⇒ Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 37 / 50
  • 38. CBC 19 ECB WebCryptoAPI 20 ECB CBC CTR 19 ECB 20 CBC ECB Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 38 / 50
  • 39. AES : Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 39 / 50
  • 40. PBKDF2 in JavaScript AES PBKDF2: Password-based Key Derivation Function PKCS #5 v2.1 (RFC808121 ) PBKDF1 PBKDF2 (AES) Password-based Encryption Scheme 2 (PBES2) BCrypt 22 21 https://tools.ietf.org/html/rfc8018 22 Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 40 / 50
  • 41. PBKDF2 WebCrypto API, Node.js Crypto API jscu sample/src/derive-key.js: deriveKeyFromPassword const jscu = getJscu(); // jscu script require if(!salt){ // salt Salt salt = jscu.random.getRandomBytes(32); // Uint8Array } else { salt = jseu.encoder.decodeBase64(salt); // Base64 Uint8Array } const key = await jscu.pbkdf.pbkdf2( // PBKDF2 password, // salt, // ( ) iterationCount, // 1000 ( ) len, // ( ) hash // HMAC Hash ’SHA-256’ ( ) ); Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 41 / 50
  • 42. HKDF in JavaScript AES HKDF: HMAC-based Key Derivation Function RFC808123 PBKDF2 23 https://tools.ietf.org/html/rfc5869 Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 42 / 50
  • 43. HKDF WebCrypto API jscu sample/src/derive-key.js: deriveKeyFromMasterSecret const jscu = getJscu(); // jscu script require if(!salt){ // salt Salt salt = jscu.random.getRandomBytes(32); // Uint8Array } else { salt = jseu.encoder.decodeBase64(salt); // Base64 Uint8Array } const keyObj = await jscu.hkdf.compute( masterSecret, // hash // HMAC Hash ’SHA-256’ ( ) len, // ( ) ’’, // ’info’ field for RFC5869. This could be always blank. salt // ( ) ); Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 43 / 50
  • 44. jscu CBC CTR CTR GCM24 sample/src/encrypt.js: encrypt const jscu = getJscu(); // jscu script require const uint8iv = jscu.random.getRandomBytes(16); // IV CBC 16Bytes const encrypted = await jscu.aes.encrypt( // AES jseu.encoder.stringToArrayBuffer(data), // string data Uint8Array key, // HKDF/PBKDF { // CBC name: ’AES-CBC’, iv: uint8iv } ); 24 GCM(Galois/Counter Mode) CTR Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 44 / 50
  • 45. sample/src/encrypt.js: decrypt const jscu = getJscu(); // jscu script require const decrypted = await jscu.aes.decrypt( // AES jseu.encoder.decodeBase64(data), // Base64 key, // HKDF/PBKDF { // CBC name: ’AES-CBC’, iv: jseu.encoder.decodeBase64(iv) // Base64 IV } ); Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 45 / 50
  • 46. Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 46 / 50
  • 47. AES Key Derivation Function ( PBKDF2/HKDF 25 ) CBC CTR JavaScript 25 e.g., JOSE Concat KDF with AESKW https://tools.ietf.org/html/rfc8037 Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 47 / 50
  • 48. : RSA-OAEP EDCH-Ephemeral + AES Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 48 / 50
  • 49. : iTransfy by Zettant Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 49 / 50
  • 50. : : recruit@zettant.com URL: https://www.zettant.com Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 50 / 50