CompTIA Security+
Lecture Ten
Cryptographic Protocols and Applications
Review
Copyright 2011 -VTC
Steganography
Hiding inform
ation in a type of media
�No algorithm, key, or encryption
�Hides data
◦Places the bits in a wave file or graphic
�Digital watermarks are used to detect illegal
copied of item
s
�Messages can be passed back and forth
without anyone knowing
�Specialized tools used to carry this out
2
3
Icem
ark –
a digital
watermarking
software
Implementations of Cryptography
�Link encryption
�End-to-end encryption
�E-m
ail encryption
�Protocol encryption
4
Link versus End-to-End Encryption
Link encryption
�Full fram
es are encryption -payload, headers, and trailers
�Usualy provided by service providers over point-to-point
connections. Usually uses dedicated link encryption devices
�Each hop has to decrypt headers -if a hop is compromised, all
traffic going through that hop can be compromised
�Data link messaging is not encrypted
◦Control inform
ation used by dedicated link encryption devices
End-to-End encryption
�Only the payload of a fram
e is encrypted
�Usually takes places through e-m
ail clients
�Headers and trailers are not encrypted
◦Hops do not need to decrypt and re-encrypt headers
5
Pretty Good Privacy (PGP)
�Free email client that provides security
�Developed by Phil Zimmerman
�Uses passphrases instead of passw
ords
◦Key generation and private key protection
�Web of trust instead of hierarchy of CAs
◦Users decide how m
uch they will trust each other
�PGP provides:
◦Confidentiality via IDEA
◦Integrity via MD5
◦Authentication via public key certificates
◦Non-repudiation via cryptographically signed m
essages
6
7
Secure Protocols
HTTPS (port 443)
�HTTP runs on top of SSL
◦Provides a secure communication channel
◦Commonly used is online e-commerce transactions and
secure webmail
Secure Sockets Layer (SSL)
�Originally developed by Netscape
�Requires a PKI to use
�Server authenticates to client, optionally client can
authenticate to server
◦Client creates session key and sends to server
�Works at transport layer
8
Secure Sockets Layer (SSL)
9
SSL Connection Setup
1.
Server sends client its certificate
2.
Client checks to see if signing CA is in trusted list in browser
3.
Client computes hash of certificate and compares m
essage
digest of certificate by decrypting using CA's public key (CA
signed the certificate)
4.
Client checks validity dates in certificate
5.
Client will check URL in certificate compared to URL it is
communicating with
6.
Client extracts server's public key from certificate
7.
Client creates a session key (symmetric)
8.
Client encrypts session key with server's public key and sends
it over
9.
Server decrypts using its private key
10
Secure E-Mail Standard (S/MIME)
�Secure M
ultipurpose Internet M
ail Extensions
�Allows for encryption, hashing, and digital
signatures to take place in a unifo
rm m
anner
◦Provides data integrity, confidentiality, and
authentication
�Email client vendors follow this standard
◦This is why users can exchange e-m
ails even if they
are using different em
ail clients
11
Secure Shell (SSH)
�Secure access to rem
ote systems
◦Can run different protocols and applications through a SSH
tunnel
◦An end-to-end encryption technique
�Should be used instead of Telnet and rlogin
◦Server and client generate their own private/public key pairs
�Uses Diffie-H
ellman for its key agreem
ent protocol
�Like m
any other protocols, m
ust carry out a
handshake process
◦Agree upon param
eters to set up SSH
tunnel
12
Secure Electronic Transaction (SET)
�Developed by Visa and M
asterC
ard to allow
for more secure m
onetary transactions over
the Internet
◦Goal w
as to replace SSL in these transactions
◦Slow in acceptance and deploym
ent
�Uses PKI to protect sensitive data and
authenticates each hop in the transaction
series
13
Players in SET
�Issuer -Cardholder's bank
◦Financial institution provides an electronic credit card to
individual
�Cardholder
◦Individual authorized to use credit card
�Merchant
◦Entity providing goods via website
�Acquirer -Merchant's bank
◦Financial institution that processes payments on purchases
�Payment gateway
◦Processes m
erchant payment
14
IP Security (IPSec)
�Network layer security
�IPSec protocol provides a complete infrastructure
for secured network communications.
�Developed because IPv4 has no security m
echanisms
◦Integrated in IPv6
�Sets up a secure channel between computers instead
of applications
◦Application secure channels are usually provided with SSL
�Can provide host-to-host, host-to-subnet, and
subnet-to-subnet connections
15
Four Main Components to IPSec
�The Authentication H
eader (AH) provides assurances of
message integrity and nonrepudiation.
�The Encapsulating Security Payload (ESP) provides
confidentiality of packet contents.
�The IP Payload Compression (IPcomp) protocol allows IPSec
users to achieve enhanced perform
ance by compressing
packets prior to the encryption operation.
�The Internet Key Exchange (IKE) protocol provides for the
secure exchange of cryptographic keys between IPSec
participants.
�IPSec provides for tw
o discrete modes of operation
◦Transport m
ode: packet payload is encrypted, designed for peer-to-peer
communication.
◦Tunnel m
ode: the entire packet, including the header, is encrypted,
designed for gateway-to-gatew
ay communication.
16
Attacks on Cryptosystems
�Ciphertext-Only Attack
◦Attacker only has ciphertext to work from
◦Goal of all of these attacks is to reverse the encryption
process and uncover encryption keys for all of these attacks
�Known-Plaintext Attack
◦Attacker has obtained ciphertext and plaintext
�Chosen-Plaintext Attack
◦Attacker can choose what plaintext is encrypted by the
victim's system
�Chosen-C
iphertext Attack
◦Attacker can choose the ciphertext that will be decrypted
by the victim's system
17
Attacks on Cryptosystems
�Replay Attack
◦Attacker obtains a set of credentials and sends them
to an
authentication service
�Captures usemam
e, passw
ord, token, and ticket
◦Timestamps and sequence numbers are used to protect
against this attack
�Man-in-the-Middle Attack
◦Attacker injects itself between two users and reads
messages going back and forth, or manipulates messages
◦Sequence numbers and digital signatures are used to
counterm
easure this type of attack
18
19
CompTIA Security+ Exam
�100 questions
�90 m
inutes
�Passing score is 750 on scale of 100-900
�Fee at US -$258
�Registration details at http://w
ww.comptia.org
20
Quick Tips
�A vulnerability is the absence of a safeguard that can
be exploited.
�A threat is the possibility that someo
ne or something
would exploit a vulnerability, intentionally or
accidentally, and cause harm to an asset.
�A risk is the probability of a threat agent exploiting a
vulnerability and the loss potential from that action.
�Reducing vulnerabilities and/or threats reduces risk.
�A counterm
easure, also called a safeguard, m
itigates
the risk.
�A counterm
easure can be an application, software
configuration, hardware, or procedure.
21
Quick Tips
�The objectives of security are to provide availability, integrity,
and confidentiality protection to data and resources.
�Security components can be technical (firew
alls, encryption,
and access control lists) or nontechnical (security policy,
procedures, and compliance enforcem
ent).
�Asset identification should include tangible assets (facilities and
hardware) and intangible assets (corporate data and
reputation).
�Assurance is a degree of confidence that a certain security
level is being provided.
�Risk can be transferred, avoided, reduced, or accepted.
�Ways to reduce risk include improving security procedures
and implementing safeguards.
22
Quick Tips
�A quantitative risk analysis attem
pts to assign m
onetary
values to components
�A purely quantitative risk analysis is not possible because
qualitative item
s cannot be quantified with precision.
�A qualitative rating would be expressed in high, m
edium,
or low, or on a scale of 1 to 5 or 1 to 10. A quantitative
result would be expressed in dollar am
ounts and
percentages.
�Single loss expectancy (SLE) is the am
ount that could be
lost if a specific threat agent exploited a vulnerability
�Single loss expectancy ×
frequency per year = annualized
loss expectancy (SLE ×
ARO = ALE).
23
Quick Tips
�A security policy is a statement by managem
ent dictating the
role security plays in the organization.
�Procedures are detailed step-by-step actions that should be
followed to achieve a certain task.
�A standard specifies how hardware and software are to be
used. Standards are compulsory.
�Guidelines are recommendations and general approaches that
provide advice and flexibility
�Separation of duties ensures no single person has total control
over an activity or task.
�Split knowledge and dual control are tw
o aspects of
separation of duties.
�Data is classified to assign priorities to data and ensure the
appropriate level of protection is provided.
24
Quick Tips
�A subject is an active entity that requests access to an object,
which is a passive entity. A subject can be a user, program
, …
�Confidentiality is the assurance that inform
ation is not
disclosed to unauthorized subjects.
�Discretionary access control (D
AC) enables data owners to
dictate what subjects have access to the files and resources
�Mandatory access control (M
AC) uses a security label system.
Users have clearances, and resources have security labels that
contain data classifications. M
AC compares these tw
o
attributes to determine access control capabilities
�Nondiscretionary access control uses a role-based m
ethod to
determine access rights and permissions
�Role-based access control is based on the user’s role and
responsibilities within the company.
25
Quick Tips
�Access control can be administered in two m
ain ways: centralized
and decentralized.
�So
me exam
ples of centralized administration access control
technologies are RADIUS, TACACS+
, and D
iameter.
�A decentralized administration exam
ple is a peer-to-peer
�Exam
ples of administrative controls are a security policy,
personnel controls, security-awareness training, and testing.
�Exam
ples of physical controls are network segregation, perimeter
security, computer controls, w
ork area separation, data backups,
and cable.
�Exam
ples of technical controls are system access, network
access, encryption and protocols, and auditing.
�Access control mechanisms provide one or more of the
following functionalities: preventive, detective, corrective,
deterrent, recovery, or compensative.
26
Quick Tips
�Fo
r a subject to be able to access a resource, it must be
identified, authenticated, and authorized, and should be held
accountable for its actions.
�Authentication can be accomplished by biometrics, a
passw
ord, a passphrase, a one-time passw
ord, or a token.
�Least-privilege and need-to-know principles lim
it users’
rights to only what is needed to perform
tasks of their job.
�Single sign-on technology requires a user to be
authenticated to the network only one time.
�Single sign-on capabilities can be accomplished through
Kerberos, SESA
ME, ...
�In Kerberos, a user receives a ticket from the KDC so they
can authenticate to a service
27
Quick Tips
�Types of access control attacks include denial of service,
spoofing, dictionary, brute force, and wardialing.
�Audit logs can track user activities, application events, and
system
events.
�Keystroke m
onitoring is a type of auditing that tracks each
keystroke m
ade by a user.
�User authentication is accomplished by what someo
ne knows,
is, or has.
�Strong authentication requires two of the three user
authentication attributes (w
hat someo
ne knows, is, or has).
�IDSs can be statistical (m
onitor behavior) or signature-based.
�Phishing is a type of social engineering with the goal of
obtaining personal inform
ation, credentials, credit card number,
or financial data.
28
Quick Tips
�Cryptography is the science of protecting inform
ation by
encoding it into an unreadable form
at.
�A readable m
essage is in a form
called plaintext, and once it is
encrypted, it is in a form
called ciphertext.
�Cryptographic algorithms are the mathem
atical rules that
dictate the functions of enciphering and deciphering.
�Nonrepudiation is a service that ensures the sender cannot
later falsely deny sending a message
�The range of possible keys is referred to as the keyspace.
�The tw
o basic types of encryption m
echanisms used in
symmetric ciphers are substitution and transposition.
Substitution ciphers change a character (or bit) out for
another, w
hile transposition ciphers scramble the characters
(or bits).
29
Quick Tips
�Steganography is a method of hiding data within another m
edia
type, such as a graphic, W
AV file, or document. This m
ethod is
used to hide the existence of the data.
�A key is a random string of bits inserted into an encryption
algorithm. The result determines what encryption functions
will be carried out on a m
essage and in what order
�In sym
metric key algorithms, the sender and receiver use the
same key for encryption and decryption purposes.
�In asymmetric key algorithms, the sender and receiver use
different keys for encryption and decryption purposes.
�Symmetric key processes provide barriers of secure key
distribution and scalability. H
owever, symmetric key algorithms
perform
much faster than asymmetric key algorithms.
30
Quick Tips
�Symmetric key algorithms can provide confidentiality, but not
authentication or nonrepudiation.
�Asymmetric algorithms are used to encrypt keys, and
symmetric algorithms are used to encrypt bulk data.
�Asymmetric key algorithms are much slower than sym
metric
key algorithms, but can provide authentication and
nonrepudiation services.
�Tw
o types of symmetric algorithms are stream
& block ciphers
�Stream
ciphers use a keystream
generator and encrypt a
message one bit at a time.
�A block cipher divides the message into groups of bits and
encrypts them
.
�Many algorithms are publicly known, so the secret part of the
process is the key.
31
Quick Tips
�RSA
is an asymmetric algorithm developed by Rivest, Sham
ir,
and Adleman and is the de facto standard for digital signatures.
�Elliptic curve cryptosystem
s (ECCs) are used as asym
metric
algorithms and can provide digital signature, secure key
distribution, and encryption functionality. They use m
uch less
resources, w
hich m
akes them
better for wireless device and
cell phone encryption use
�In a hybrid system. The asym
metric algorithm encrypts the
symmetric key,
and the symmetric key encrypts the data
�A session key is a symmetric key used by the sender and
receiver of messages for encryption and decryption purposes.
The session key is only good while that communication
session is active and then it is destroyed.
32
Quick Tips
�A public key infrastructure (PKI) is a fram
ework of program
s,
procedures, communication protocols, and public key
cryptography that enables a diverse group of individuals to
communicate securely
�A certificate authority (CA) is a trusted third party that
generates and m
aintains user certificates, which hold their
public keys.
�A certificate is the mechanism the CA uses to associate a
public key to a person’s identity.
�Hashing algorithms provide data integrity only
�W
hen a hash algorithm is applied to a m
essage, it produces a
message digest, and this value is signed with a private key to
produce a digital signature
33
Quick Tips
�Key m
anagem
ent is one of the most challenging pieces of
cryptography. It pertains to creating, m
aintaining,
distributing, and destroying cryptographic keys.
�The Diffie-H
ellman protocol is a key agreem
ent protocol
and does not provide encryption for data and cannot be
used in digital signatures
�Link encryption encrypts the entire packet, including
headers and trailers, and has to be decrypted at each hop.
�End-to-end encryption does not encrypt the headers and
trailers, and therefore does not need to be decrypted at
each hop.
34
Quick Tips
�Pretty Good Privacy (PGP) is an e-m
ail security program
that uses public key encryption. It em
ploys a web of trust
instead of the hierarchical structure used in PKI.
�HTTPS protects the communication channel.
�HTTPS is H
TTP that uses SSL for security purposes.
�Secure Electronic Transaction (SET) is a proposed
electronic commerce technology that provides a safer
method for customers and m
erchants to perform
transactions over the Internet
�IPSec protocols can work in transport m
ode (the data
payload is protected) or tunnel m
ode (the payload and
headers are protected).
35