Server and Account Security

From Nxtwiki
Jump to: navigation, search

How to verify SHA256

'This article briefly explains the motivations behind SHA256. If you just want to know how to check the SHA256 hash of the official Nxt client, skip straight to How do I find the SHA256 hash of a file?.

What is SHA256?

SHA256 is a hash function. That means it's a specific formula for turning a piece of digital data like a paragraph of text or a file, into a line of characters called a hash of the data. For example, this sentence

The quick brown fox jumps over the lazy dog.

has the following SHA256 hash

EF537F25C895BFA782526529A9B63D97AA631564D5D789C2B765448C8635FB6C

The SHA256 hash is always exactly 64 characters long, regardless of how large the original data is. Each character is either a digit or a letter from A to F, and represents 4 bits of information. So the entire hash represents 64 x 4 = 256 bits of information, which is where the 256 in SHA256 comes from.

Here the data is shorter than the hash, but usually the file or data will be much larger.

Why should I care about the SHA256 hash?

It's extremely unlikely that two different files have the same SHA256 hash, as there are over 1077 (that's 1 followed by 77 zeroes) possible hashes. It's designed to be extremely difficult to reverse; to date no one has found a way to make two different files with the same, or even mostly similar hash. And small changes in the original data almost always result in large changes to the SHA256 hash.

The hash lets you quickly check if two files are identical. Instead of comparing the entire contents of both files, you can just compare their hashes.

This gives a quick way to check that a file hasn't been corrupted or tampered with. The process usually goes like this:

  1. Author of the file uploads the file and announces its SHA256 hash.
  2.  ???? (The file may get uploaded to other places. Some of these uploads may get corrupted. And sometimes bad people insert viruses/malware into the file before uploading.)
  3. User downloads the file from somewhere.
  4. User finds the SHA256 hash of the file and compares it with the hash announced by the author.
  5. If they are the same, the user can be certain they've got the right file. If they are different, the user knows they've got a bad file and should re-download it, possibly from a different source.

Think of the hash as a short characterization of a large file.

How do I find the SHA256 hash of a file?

An easy way is to use an online hash calculator like online-convert.com. Upload your file using the "Browse" button, then click "Convert File". After a short while, the site will tell you the file's hash. If you do not want to use an "online" tool for checking an SHA256 hash, there are also free SHA256 calculators that you can run "offline for Windows and MacOS at Hashtab

It's a good idea to check the hash of sensitive files like the Nxt client before using them. These are the sort of files a malicious attacker would try to tamper with in order to gain control of your Nxt account and/or personal information.

After downloading the .zip file from https://www.jelurida.com/nxt-client.zip containing the official client, find it's SHA256 hash using the instructions above. If you see

d5d48729a1f32b8c11066bcdb203dd7760a582896afe8d2506feb93cf833f606 nxt-client-1.12.1.zip

(source: Jelurida Release) - How to verify SHA256 checksums

then you're safe and you can go ahead with the installation.

Does SHA256 have other uses?

Yes! In Nxt, your private key is calculated from your passphrase by taking the SHA256 hash of your passphrase, and then changing a few bits. Your (unencoded) account number is also the SHA256 hash of your public key. SHA256 is also used to generate the 'signing keys' used in each transaction.

Some proof-of-work currencies like Bitcoin use the difficulty of finding similar SHA256 hashes as the 'work' it requires.

Are there other hash functions?

Yes!

One other hash function you may have heard of is md5. Like SHA256, md5 produces a line of characters (but one that's half the length of SHA256). That still gives a huge number of possible hashes. So md5 is still useful in checking for unintended errors during downloads, and it's still widely used.

But unlike SHA256, md5 is not secure. People know clever ways to reverse it, it's feasible to make two different files that have the same md5 hash. So you shouldn't rely on md5 to confirm that a file hasn't been deliberately tampered with.

How to verify GPG

Nxt software is "fingerprinted" with GNU Privacy Guard (GPG) signatures.

Linux/UNIX

Note: You may need to install gpg from GNUPG.org.

  1. Point your web browser at https://bitbucket.org/JeanLucPicard/nxt/downloads/
    • The contents of the download directory will appear
  2. In this directory, you will see the latest software in a ZIP file, along with a corresponding .ASC file. The ZIP file contains the Nxt software, and the ASC file contains the GPG signature.
  3. Download both the clint ZIP file and its corresponding ASC file, and place them into the same directory on your UNIX/Linux system
  4. Execute the following command

    gpg --verify SIGFILE.asc

    ...where SIGFILE is the name of the ASC file

Mac OS X

Note: You may need to install GPG Suite from GPGTools.org.

  1. Point your web browser at https://bitbucket.org/JeanLucPicard/nxt/downloads/
    • The contents of the download directory will appear
  2. In this directory, you will see the latest software in a ZIP file, along with a corresponding .ASC file. The ZIP file contains the Nxt software, and the ASC file contains the GPG signature.
  3. Download both the clint ZIP file and its corresponding ASC file, and place them into the same directory on your Mac
  4. Open Terminal (Applications -> Utilities -> Terminal)
  5. Change directory to the directory where your ZIP and ASC file are stored. For example, if you've placed the files on your desktop, you may type

    cd /users/BOB/Desktop

    ...where BOB is replaced with your account name
  6. Execute the following command

    gpg --verify SIGFILE.asc

    ...where SIGFILE is the name of the ASC file


How to generate strong password

How long should my password be?

Ideally 30+ characters, with a mixture of uppercase and lowercase letters, digits and special symbols.

Longer passwords are stronger. Less readable passwords with more varied character composition are also stronger. The harder it is to describe your password, the stronger it is. You can increase readability by making some tradeoffs.

30 characters??!? Isn't that too much?

For most applications, yeah. But Nxt works differently.

In most other applications, an attacker can only try to break into one account at a time. A smart attacker will not try passwords randomly. They will run through a prepared list of passwords and resulting hashes (that list is called a rainbow table), hoping to find the one password that can access your account.

As technology improves and processing power increases, attackers can prepare larger and larger rainbow tables. The key to creating a safe password is to stay ahead of the processing curve, to avoid being simple enough to be included in rainbow tables and so escape easy discovery.

Most applications are such that an attacker can go after only one account at a time. Your bank, e-mail, and online shopping accounts are like this. For such applications, a password of 15 varied characters that don't form readable words or patterns is currently very safe, well beyond what attackers can feasibly include in their rainbow tables.

Nxt works differently. In order to have the convenience of accessing your account through just a single passphrase, without a login name or wallet file, it also allows an attacker to try ALL accounts at the same time and greatly increases their chances of success. With everyone's account balance in the prize pot, the rewards become much higher, so there's compelling reason for them to focus a lot more resources on extending rainbow tables. It also means that someone else creating a new account, or trying to log into an existing account but mistyping their password, also behaves like an "attack"!.

Attackers haven't had much time to do this yet, so 15 highly varied characters are still safe. But technology and attacker attention and the number of Nxt users will continue to grow, and 15 characters may not remain safe for long. Another consequence of the convenience is that passphrases can't be changed. If you don't want to constantly keep ahead of the curve by creating new accounts with stronger passphrases and moving your funds to them, a passphrase of 30+ characters is strongly recommended.

How do I make a very strong password?

Easy. Download Google's Awesome Password Generator : http://code.google.com/p/awesome-password-generator/. For NXT, pick a password that is 50 characters in length. Seriously. Write it down and type it in manually as ten blocks of five characters. Don't use the clipboard or cut and paste.

With NXT, your biggest enemy is a keylogging virus. If you've got a large amount of NXT, don't trust antivirus software. If possible, isolate your NXT dealings onto a spare old computer you have sanitized with a new install of your operating system, and don't surf the internet with it after you've sterilized it.

How do I make a strong, yet easy to remember, password?

Unreadable passphrases are inconvenient! But we can trade length for readability and still maintain password strength. And we can use personal experiences and knowledge to keep passphrases understandable for ourselves, yet varied for anyone trying to break in.

Here's an example of how to develop a strong passphrase. We'll improve it over multiple steps.

1. I'm using my daughter's birthday party as the idea for my passphrase. It starts as

Tammy'sbirthdayparty

2. A decent start. It's got an uppercase letter and a special character. But it's made up of mostly English words and not long enough. Let's improve it

Tammy's18thbirthdayBIGparty

3. more varied now. We still need more length. What was memorable about the party?

Tammy's18thbirthdayBIGpartyDroppedpresentinpool

47 characters, this is a good password! It's readable, but we've compensated with length.

4. If I want to be extra safe, I could try to think a little beyond the party

Tammy's18thbirthdayBIGpartyDroppedpresentinpoolCollegesoon:(3yearsislong

5. and/or replace common words with specific facts that only I know

Tammy's18thbirthdayBIGpartyDroppedknittedshibesweaterinpool

You shouldn't rely on memory alone for the password. Memory is quick to access, but also fallible. It's a good idea to write your password down and hide it in a safe place where only you can find.

Other Methods

The above is just an example, there are other ways to generate strong, yet readable passwords. It's important to choose a balance of security and ease of remembering/typing that you're comfortable with.

  • Diceware - Generate passwords by rolling dice! No computer programs are involved, so you don't have to worry about a hacked program stealing your generated password.

Quick Tips

Do

  • Nxt supports spaces in passphrases. Use them to make your passphrase more readable.

Don't

  • Avoid using phrases that you may have seen elsewhere, like "going to the moon". People who construct rainbow tables write programs to find and collect groups of words from all around the Internet, so despite their length, such phrases become no more effective than a single word.
Here's a fine example of why you shouldn't do this.
  • Avoid seemingly random passwords that you can actually describe. For instance, qazwsxedcrfvtgb isn't random; if you're using a regular QWERTY keyboard, take a look at your keystrokes when you type that out. If you can easily describe it, you should assume that someone trying to break in has thought of the idea and will try it.

Use password managers

Password managers store your login information for all the websites you use and help you log into them automatically. They can generate unique random passwords for every site, so you don't have to use the same password on more than one site. They encrypt your password database with one master password – the master password is the only one you have to remember. Here are a couple of recommendation:

  • KeePass Password Safe Popular and free password manager, but it doesn't have auto backup option. Make sure you manually backup the encrypted database and keep the backup udated once you make changes to the your file.
  • Lastpass. Firefox/Chrome/IE plugin password manager. All your changes (and history of changes) are backed up on lastpass server. This might seem dangerous at first, but all the encryptions are done locally on your computer. The lasttpass server only sees the encrypted blob. Aside from having one very strong master password, you can also enable 2 factor authentication on lastpass.

See LastPass explained by Steve Gibson

Oh no, my password is too weak! What should I do?

The first thing to do is Don't Panic! If you haven't lost any nxt yet, then you're still safe for the next few minutes, while you calmly create a new password. Think about what kind of passphrase you'd like, and what kind of tradeoffs it'll involve: Something easier to remember but long? Something super safe but hard to type? Then pick one of the options above that will create that kind of passphrases.

Nxt doesn't allow passphrases to be changed, so you'll have to create a new account and move your existing nxt into it. First, login with your new passphrase. This will automatically create a new account associated with it. Note your new account number, and copy it down somewhere.

Before you transfer your nxt, you want to be absolutely sure that you've got the right account number. So login again to your new account with your new passphrase, and check that you see the same account number you wrote down earlier. Now that you're sure, you can safely transfer your nxt to your new account.

Advanced Considerations

In order to understand what phrases will likely be included in rainbow tables, we'll need to understand how an attacker thinks when they're constructing the table.


How to use SSL Certs

It is possible to use certificates other than the one included in the Jetty config of NRS. You can use an officially-signed certificate from a CA (rapidssl/verisign/etc) which costs money, or for free you can create a self-signed cert and use it. A self-signed cert will still give cert warnings, but since you generated it, you can trust it. It is a BAD PRACTICE to trust default self-signed SSL certs, especially since you dont know who all has the private key to a default self-signed cert!

Self-signed Certificate

1. Generate a self-signed certificate. This 'openssl' command will prompt you for some info, fill it in. Use whatever period in days you would like the cert to be valid for.

openssl req -new -x509 -out mycert.crt -days 1095

chmod 400 privkey.pem

chmod 400 mycert.crt

2. Convert certificates to pkcs12 format as required by Jetty web server. This command will prompt for an export password. This must not be null.

openssl pkcs12 -export -inkey privkey.pem -in mycert.crt -out mycert.pkcs12

chmod 400 mycert.pkcs12

3. Generate a new Jetty keystore file. NRS's Jetty config is set to use the default password of 'storepwd' for the keystore password, so we will use this. (It is a good idea for you to, on your own, set a different password, and to reconfigure Jetty with the new password, but this is beyond this scope of this wiki article, so we will use 'storepwd'. See https://wiki.eclipse.org/Jetty/Howto/Configure_SSL#Configuring_Jetty and the file jetty-ssl.xml inside the NRS distribution for using your own password. The keytool command will prompt for password.) Use 'storepwd' in every case.

keytool -importkeystore -srckeystore mycert.pkcs12 -srcstoretype PKCS12 -destkeystore keystore

4a. (only for 0.7.x and earlier releases) Step 3 created the file called keystore in the local directory. Simply copy it over the default NRS keystore of nxt/etc/keystore then do the last step of editing the default NRS nxt/etc/jetty-ssl.xml file to remove 3 problem statements:

<Set name="KeyManagerPassword"><Property name="jetty.keymanager.password" default="OBF:1u2u1wml1z7s1z7a1wnl1u2g"/></Set>

<Set name="TrustStorePath"><Property name="jetty.base" default="." />/<Property name="jetty.truststore" default="etc/keystore"/></Set>

<Set name="TrustStorePassword"><Property name="jetty.truststore.password" default="OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4"/></Set>

4b. (only for 0.8.x and later releases) Step 3 created the file called keystore in the local directory. Simply copy it over to the nxt directory then do the last step of editing nxt/conf/nxt.properties (create this file if it doesnt exist) and putting in the following statements:

nxt.uiSSL=true
nxt.apiSSL=true
nxt.keyStorePassword=storepwd

CA-signed Certificate

1. Generate a CSR (certificate signing request). This 'openssl' command will prompt you for some info, fill it in.

openssl req -new -out mycert.csr

chmod 400 privkey.pem

chmod 400 mycert.csr

2. Send this CSR mycert.csr file to whoever you choose to be your certificate authority. They will send you back a certificate that they have signed. They may/maynot also sent you an intermediate and/or root certificate. Rename the cert they give you for your server to be mycert.crt and make sure you also chmod 400 all files they give you.

2b. IF your CA gave you additional certificates in the form of intermediate/root certificates to go along with your server certificate that they signed for you, use the following cat command and notice that the order of files HAS PRECEDENCE. First is your server certificate that the CA signed for you, then any intermediate certificates (intermediate certificates also have their own order), then last is a root certificate, if it was also provided by your CA.

cat mycert.crt intermediate1.crt intermediate2.cert rootCA.cert > cert-chain.txt

chmod 400 cert-chain.txt

3. Convert certificates to pkcs12 format as required by Jetty web server. This command will prompt for an export password. This must not be null. If there are no intermediate/root certs then you skipped 2b above and do not have a cert-chain.txt file, so in this case use mycert.crt as the '-in' option instead of cert-chain.txt

openssl pkcs12 -export -inkey privkey.pem -in cert-chain.txt -out mycert.pkcs12

chmod 400 mycert.pkcs12

4. Generate a new Jetty keystore file. NRS's Jetty config is set to use the default password of 'storepwd' for the keystore password, so we will use this. (It is a good idea for you to, on your own, set a different password, and to reconfigure Jetty with the new password, but this is beyond this scope of this wiki article, so we will use 'storepwd'. See https://wiki.eclipse.org/Jetty/Howto/Configure_SSL#Configuring_Jetty and the file jetty-ssl.xml inside the NRS distribution for using your own password.) The keytool command will prompt for password. Use 'storepwd' in every case.

keytool -importkeystore -srckeystore mycert.pkcs12 -srcstoretype PKCS12 -destkeystore keystore

5a. (only for 0.7.x and earlier releases) Step 4 created the file called keystore in the local directory. Simply copy it over the default NRS keystore of nxt/etc/keystore then do the last step of editing the default NRS nxt/etc/jetty-ssl.xml file to remove 3 problem statements:

<Set name="KeyManagerPassword"><Property name="jetty.keymanager.password" default="OBF:1u2u1wml1z7s1z7a1wnl1u2g"/></Set>

<Set name="TrustStorePath"><Property name="jetty.base" default="." />/<Property name="jetty.truststore" default="etc/keystore"/></Set>

<Set name="TrustStorePassword"><Property name="jetty.truststore.password" default="OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4"/></Set>

5b. (only for 0.8.x and later releases) Step 4 created the file called keystore in the local directory. Simply copy it over to the nxt directory then do the last step of editing nxt/conf/nxt.properties (create this file if it doesnt exist) and putting in the following statements:

nxt.uiSSL=true
nxt.apiSSL=true
nxt.keyStorePassword=storepwd