00:00:24.480
Hey, good morning everyone! Welcome to RubyConf Taiwan 2023, and I hope you have a great experience today. Can you raise your hand if this is your first time here? Oh, not only me, okay, thank you.
00:00:31.880
We are sorry for starting late due to the schedule. If you have any questions during the talk, you can go to the RubyConf Taiwan 2023 website, and under the speaker's avatar, there's a slider where you can write down your questions. I will address them later, or you can ask directly.
00:00:51.600
Our first speaker will talk about an adventure in the dungeons of OpenSSL. Without further ado, let’s start now. Thank you!
00:01:30.600
Welcome to my talk! I’m Ryo Kajiwara. Slides are available right here. Please make sure that the QR code is scanned, no malicious content here. I’ll wait for about 30 seconds so you can grab the slides. I believe there are around 82 pages of material that cover advanced topics you might want to look up later.
00:01:50.240
These slides will be available online, and I’ll start in about five seconds. Four, three, two, one, let's go! Hello everyone! I handle a lot of stuff. If anything piques your interest, let’s talk later.
00:02:10.879
I am a freelance web developer focusing on digital identity and security. I'm currently working at Coda, developing identity platforms for public schools. I have experience in writing, editing, and implementing internet standards.
00:02:38.879
I've worked with HTTPS and local network community groups and the web of things working group at W3C, as well as the Messaging Layer Security working group at IETF. Additionally, I served as an officer of the Internet Society Japan chapter for four years.
00:03:07.599
I hail from a region in Japan known as Shoku. Is there anything wrong with this map? There's an island missing here, and I’m from that island.
00:03:24.280
My ticket this time was from the mountain of the S, and this picture shows a clock that exists in this area, coming from the same region. I heard that direct flights from Tan Airport to Diama will resume operation next March, so if you have a chance, please visit us.
00:03:39.680
That's the introduction. Before I start talking about Dungeons, I must mention that there be dragons—Dungeons and Dragons, am I right? My first real game features a Chinese dragon character, so it's also reminiscent of that.
00:04:07.799
Today, I will be discussing cryptographic APIs. They can be very easy to misuse, and you may have heard of PAR, which is a demon castle. Unlike typical dungeons, the dangers here can lead to security breaches, which is something we definitely want to avoid.
00:04:29.520
I've done considerable research into cryptography. In my last talk at Ruby Taiwan, I discussed SHA-3 in another language, but I don’t consider myself a true cryptographic expert since I lack a PhD or an MA in this field. I like to think of myself as a cryptographer in the wild.
00:05:11.680
If you are unsure, I recommend having your system audited by a security expert before going into production. There are various levels of production readiness. The HPKE gem I’ll discuss is almost ready, although there could be minor API changes. It uses mostly safe and reviewed methods, but has not yet been audited by a security expert.
00:05:31.880
I will talk about OpenSSL extension parts later, which are still quite experimental. My inspiration comes from a RubyKagi 2021 talk by Yus Nakasan, known as Unas, titled 'Do Pure Ruby Dream of Ined Binary?' He discussed the challenges of implementing QUIC in Ruby.
00:06:06.560
So, I will talk about hybrid public key encryption (HPKE), RFC 9180 in Ruby, and provide a quick recap on how public key encryption works. Alice generates a public-private key pair, publishes her public key, and then Bob encrypts a message with it. Alice can then decrypt it using her private key.
00:06:21.160
I will be using a lot of cryptographic terminology during this presentation, and I won't explain most of them, so please look them up. HPKE allows us to use standardized and reviewed protocols for key exchanges and encryption. It employs high-level APIs to prevent misuse, which is a significant feature. If you use these high-level APIs, you are generally safe from common mistakes.
00:07:01.560
Essentially, HPKE is a one-way protocol from the sender to the receiver. The sender creates a public-private key pair, encapsulates the session key with the public key, and encrypts the message using that session key. The encapsulated key and the message are sent in two parts, and the receiver uses the encapsulated key to decrypt the message.
00:07:37.639
Next, I’ll share my implementation goals for HPKE. I attempted to identify which parts were available in Ruby, such as elliptic curve support and hash functions like SHA-256. OpenSSL supports various cipher suits, but not all necessary cryptographic features were available in the versions I checked.
00:08:06.920
For standard symmetric ciphers, we had AES-128 GCM and ChaCha20-Poly1305 available, yet there is a concern with functions that are undocumented. Many APIs within OpenSSL are intentionally undocumented to prevent developers from misusing them.
00:08:40.800
These misuses can easily lead to severe security breaches. OpenSSL has a variety of classes that handle public cryptography operations including RSA, DSA, and ElGamal. It's critical to ensure you are using correct implementations to avoid vulnerabilities.
00:09:12.119
I encountered many challenges while working with these APIs, such as the need for precise control over data structures and the encapsulated keys. I realized that not only were we missing APIs, but also critical support in terms of creating the necessary public key pairs.
00:09:48.999
I began investigating how to create an OpenSSL key with a specific private key value, which involved obtaining a deep understanding of the underlying structures. It wasn’t easy given how complex these systems can be.
00:10:17.840
To achieve this, I used ASN.1 sequences and function calls in OpenSSL to generate the appropriate structures ensuring that I could handle them accurately. Although it seemed somewhat hacky, these methods worked effectively in practice.
00:10:53.960
The HPKE implementation is currently available on GitHub under the repository c01/hpkrb, where you can install it via gem. It's still in beta, though, and is subject to changes, but it functionally works.
00:11:16.160
I submitted a request for integrating HPKE into OpenSSL itself. My exploration into this area is still very experimental, and I encourage everyone to be cautious about using it in production environments.
00:11:41.440
I started looking into building C extensions, and I found documentation that hopefully guides others on how to convert C values to Ruby objects. It was enlightening to discover high-level integrations between Ruby and C programming.
00:12:11.960
To manage contexts and encapsulations effectively, I focused on how encapsulated contexts interact within Ruby. Notably, defining Ruby data types and garbage collection mechanics is vital to avoid memory leaks.
00:12:45.440
To generate keys and manage the internal states, using OpenSSL’s HPKE functionalities allowed me to bridge between C and Ruby seamlessly. This back-and-forth interaction is critical for efficient operations in cryptographic functions.
00:13:20.960
I'm excited about the growth of Ruby with these cryptographic enhancements. Modern developments push Ruby to remain relevant in cryptography and security, ensuring we don't miss out on critical implementations.
00:13:53.680
I continue to explore areas like messaging layer security and the importance of building these foundational blocks in Ruby to maintain its credibility in the programming community.
00:14:25.280
I want to thank everyone who inspired me throughout this journey, including the Ruby OpenSSL maintainers and those who contributed to discussions about networking protocols.
00:15:02.160
If you have any questions or comments, please feel free to connect with me on Twitter or through other platforms. Thank you all for your attention!
00:15:38.320
Now, we can open the floor for a Q&A session. I'll entertain some questions. As someone looking at all this from the outside, how does it feel to have cryptographic algorithms remain intentionally undocumented?
00:15:52.800
The intention behind undocumented algorithms is protection; it's crucial to understand cryptography before diving into Ruby OpenSSL. Developers should be well-versed in the fundamentals before attempting low-level integrations.
00:16:18.480
It’s vital to ensure that cryptography is not implemented without the background knowledge, as it can lead to severe security vulnerabilities. Thank you for this excellent question!
00:16:50.280
Are there any further questions? I’d be happy to delve into examples, particularly regarding the operations surrounding HPKE implementation.
00:17:16.440
If there are no more questions, I appreciate your participation. Let's wrap up as I know everyone may be eager for lunch.
00:17:44.160
Thank you again for your attention. I hope you enjoy the rest of the conference!