CompTIA Security+

Lecture Ten

Cryptographic Protocols and Applications

Review

Copyright 2011 -VTC

Steganography

Hiding inform

ation in a type of media

�No algorithm, key, or encryption

�Hides data

◦Places the bits in a wave file or graphic

�Digital watermarks are used to detect illegal

copied of item

s

�Messages can be passed back and forth

without anyone knowing

�Specialized tools used to carry this out

2

3

Icem

ark –

a digital

watermarking

software

Implementations of Cryptography

�Link encryption

�End-to-end encryption

�E-m

ail encryption

�Protocol encryption

4

Link versus End-to-End Encryption

Link encryption

�Full fram

es are encryption -payload, headers, and trailers

�Usualy provided by service providers over point-to-point

connections. Usually uses dedicated link encryption devices

�Each hop has to decrypt headers -if a hop is compromised, all

traffic going through that hop can be compromised

�Data link messaging is not encrypted

◦Control inform

ation used by dedicated link encryption devices

End-to-End encryption

�Only the payload of a fram

e is encrypted

�Usually takes places through e-m

ail clients

�Headers and trailers are not encrypted

◦Hops do not need to decrypt and re-encrypt headers

5

Pretty Good Privacy (PGP)

�Free email client that provides security

�Developed by Phil Zimmerman

�Uses passphrases instead of passw

ords

◦Key generation and private key protection

�Web of trust instead of hierarchy of CAs

◦Users decide how m

uch they will trust each other

�PGP provides:

◦Confidentiality via IDEA

◦Integrity via MD5

◦Authentication via public key certificates

◦Non-repudiation via cryptographically signed m

essages

6

7

Secure Protocols

HTTPS (port 443)

�HTTP runs on top of SSL

◦Provides a secure communication channel

◦Commonly used is online e-commerce transactions and

secure webmail

Secure Sockets Layer (SSL)

�Originally developed by Netscape

�Requires a PKI to use

�Server authenticates to client, optionally client can

authenticate to server

◦Client creates session key and sends to server

�Works at transport layer

8

Secure Sockets Layer (SSL)

9

SSL Connection Setup

1.

Server sends client its certificate

2.

Client checks to see if signing CA is in trusted list in browser

3.

Client computes hash of certificate and compares m

essage

digest of certificate by decrypting using CA's public key (CA

signed the certificate)

4.

Client checks validity dates in certificate

5.

Client will check URL in certificate compared to URL it is

communicating with

6.

Client extracts server's public key from certificate

7.

Client creates a session key (symmetric)

8.

Client encrypts session key with server's public key and sends

it over

9.

Server decrypts using its private key

10

Secure E-Mail Standard (S/MIME)

�Secure M

ultipurpose Internet M

ail Extensions

�Allows for encryption, hashing, and digital

signatures to take place in a unifo

rm m

anner

◦Provides data integrity, confidentiality, and

authentication

�Email client vendors follow this standard

◦This is why users can exchange e-m

ails even if they

are using different em

ail clients

11

Secure Shell (SSH)

�Secure access to rem

ote systems

◦Can run different protocols and applications through a SSH

tunnel

◦An end-to-end encryption technique

�Should be used instead of Telnet and rlogin

◦Server and client generate their own private/public key pairs

�Uses Diffie-H

ellman for its key agreem

ent protocol

�Like m

any other protocols, m

ust carry out a

handshake process

◦Agree upon param

eters to set up SSH

tunnel

12

Secure Electronic Transaction (SET)

�Developed by Visa and M

asterC

ard to allow

for more secure m

onetary transactions over

the Internet

◦Goal w

as to replace SSL in these transactions

◦Slow in acceptance and deploym

ent

�Uses PKI to protect sensitive data and

authenticates each hop in the transaction

series

13

Players in SET

�Issuer -Cardholder's bank

◦Financial institution provides an electronic credit card to

individual

�Cardholder

◦Individual authorized to use credit card

�Merchant

◦Entity providing goods via website

�Acquirer -Merchant's bank

◦Financial institution that processes payments on purchases

�Payment gateway

◦Processes m

erchant payment

14

IP Security (IPSec)

�Network layer security

�IPSec protocol provides a complete infrastructure

for secured network communications.

�Developed because IPv4 has no security m

echanisms

◦Integrated in IPv6

�Sets up a secure channel between computers instead

of applications

◦Application secure channels are usually provided with SSL

�Can provide host-to-host, host-to-subnet, and

subnet-to-subnet connections

15

Four Main Components to IPSec

�The Authentication H

eader (AH) provides assurances of

message integrity and nonrepudiation.

�The Encapsulating Security Payload (ESP) provides

confidentiality of packet contents.

�The IP Payload Compression (IPcomp) protocol allows IPSec

users to achieve enhanced perform

ance by compressing

packets prior to the encryption operation.

�The Internet Key Exchange (IKE) protocol provides for the

secure exchange of cryptographic keys between IPSec

participants.

�IPSec provides for tw

o discrete modes of operation

◦Transport m

ode: packet payload is encrypted, designed for peer-to-peer

communication.

◦Tunnel m

ode: the entire packet, including the header, is encrypted,

designed for gateway-to-gatew

ay communication.

16

Attacks on Cryptosystems

�Ciphertext-Only Attack

◦Attacker only has ciphertext to work from

◦Goal of all of these attacks is to reverse the encryption

process and uncover encryption keys for all of these attacks

�Known-Plaintext Attack

◦Attacker has obtained ciphertext and plaintext

�Chosen-Plaintext Attack

◦Attacker can choose what plaintext is encrypted by the

victim's system

�Chosen-C

iphertext Attack

◦Attacker can choose the ciphertext that will be decrypted

by the victim's system

17

Attacks on Cryptosystems

�Replay Attack

◦Attacker obtains a set of credentials and sends them

to an

authentication service

�Captures usemam

e, passw

ord, token, and ticket

◦Timestamps and sequence numbers are used to protect

against this attack

�Man-in-the-Middle Attack

◦Attacker injects itself between two users and reads

messages going back and forth, or manipulates messages

◦Sequence numbers and digital signatures are used to

counterm

easure this type of attack

18

19

CompTIA Security+ Exam

�100 questions

�90 m

inutes

�Passing score is 750 on scale of 100-900

�Fee at US -$258

�Registration details at http://w

ww.comptia.org

20

Quick Tips

�A vulnerability is the absence of a safeguard that can

be exploited.

�A threat is the possibility that someo

ne or something

would exploit a vulnerability, intentionally or

accidentally, and cause harm to an asset.

�A risk is the probability of a threat agent exploiting a

vulnerability and the loss potential from that action.

�Reducing vulnerabilities and/or threats reduces risk.

�A counterm

easure, also called a safeguard, m

itigates

the risk.

�A counterm

easure can be an application, software

configuration, hardware, or procedure.

21

Quick Tips

�The objectives of security are to provide availability, integrity,

and confidentiality protection to data and resources.

�Security components can be technical (firew

alls, encryption,

and access control lists) or nontechnical (security policy,

procedures, and compliance enforcem

ent).

�Asset identification should include tangible assets (facilities and

hardware) and intangible assets (corporate data and

reputation).

�Assurance is a degree of confidence that a certain security

level is being provided.

�Risk can be transferred, avoided, reduced, or accepted.

�Ways to reduce risk include improving security procedures

and implementing safeguards.

22

Quick Tips

�A quantitative risk analysis attem

pts to assign m

onetary

values to components

�A purely quantitative risk analysis is not possible because

qualitative item

s cannot be quantified with precision.

�A qualitative rating would be expressed in high, m

edium,

or low, or on a scale of 1 to 5 or 1 to 10. A quantitative

result would be expressed in dollar am

ounts and

percentages.

�Single loss expectancy (SLE) is the am

ount that could be

lost if a specific threat agent exploited a vulnerability

�Single loss expectancy ×

frequency per year = annualized

loss expectancy (SLE ×

ARO = ALE).

23

Quick Tips

�A security policy is a statement by managem

ent dictating the

role security plays in the organization.

�Procedures are detailed step-by-step actions that should be

followed to achieve a certain task.

�A standard specifies how hardware and software are to be

used. Standards are compulsory.

�Guidelines are recommendations and general approaches that

provide advice and flexibility

�Separation of duties ensures no single person has total control

over an activity or task.

�Split knowledge and dual control are tw

o aspects of

separation of duties.

�Data is classified to assign priorities to data and ensure the

appropriate level of protection is provided.

24

Quick Tips

�A subject is an active entity that requests access to an object,

which is a passive entity. A subject can be a user, program

, …

�Confidentiality is the assurance that inform

ation is not

disclosed to unauthorized subjects.

�Discretionary access control (D

AC) enables data owners to

dictate what subjects have access to the files and resources

�Mandatory access control (M

AC) uses a security label system.

Users have clearances, and resources have security labels that

contain data classifications. M

AC compares these tw

o

attributes to determine access control capabilities

�Nondiscretionary access control uses a role-based m

ethod to

determine access rights and permissions

�Role-based access control is based on the user’s role and

responsibilities within the company.

25

Quick Tips

�Access control can be administered in two m

ain ways: centralized

and decentralized.

�So

me exam

ples of centralized administration access control

technologies are RADIUS, TACACS+

, and D

iameter.

�A decentralized administration exam

ple is a peer-to-peer

�Exam

ples of administrative controls are a security policy,

personnel controls, security-awareness training, and testing.

�Exam

ples of physical controls are network segregation, perimeter

security, computer controls, w

ork area separation, data backups,

and cable.

�Exam

ples of technical controls are system access, network

access, encryption and protocols, and auditing.

�Access control mechanisms provide one or more of the

following functionalities: preventive, detective, corrective,

deterrent, recovery, or compensative.

26

Quick Tips

�Fo

r a subject to be able to access a resource, it must be

identified, authenticated, and authorized, and should be held

accountable for its actions.

�Authentication can be accomplished by biometrics, a

passw

ord, a passphrase, a one-time passw

ord, or a token.

�Least-privilege and need-to-know principles lim

it users’

rights to only what is needed to perform

tasks of their job.

�Single sign-on technology requires a user to be

authenticated to the network only one time.

�Single sign-on capabilities can be accomplished through

Kerberos, SESA

ME, ...

�In Kerberos, a user receives a ticket from the KDC so they

can authenticate to a service

27

Quick Tips

�Types of access control attacks include denial of service,

spoofing, dictionary, brute force, and wardialing.

�Audit logs can track user activities, application events, and

system

events.

�Keystroke m

onitoring is a type of auditing that tracks each

keystroke m

ade by a user.

�User authentication is accomplished by what someo

ne knows,

is, or has.

�Strong authentication requires two of the three user

authentication attributes (w

hat someo

ne knows, is, or has).

�IDSs can be statistical (m

onitor behavior) or signature-based.

�Phishing is a type of social engineering with the goal of

obtaining personal inform

ation, credentials, credit card number,

or financial data.

28

Quick Tips

�Cryptography is the science of protecting inform

ation by

encoding it into an unreadable form

at.

�A readable m

essage is in a form

called plaintext, and once it is

encrypted, it is in a form

called ciphertext.

�Cryptographic algorithms are the mathem

atical rules that

dictate the functions of enciphering and deciphering.

�Nonrepudiation is a service that ensures the sender cannot

later falsely deny sending a message

�The range of possible keys is referred to as the keyspace.

�The tw

o basic types of encryption m

echanisms used in

symmetric ciphers are substitution and transposition.

Substitution ciphers change a character (or bit) out for

another, w

hile transposition ciphers scramble the characters

(or bits).

29

Quick Tips

�Steganography is a method of hiding data within another m

edia

type, such as a graphic, W

AV file, or document. This m

ethod is

used to hide the existence of the data.

�A key is a random string of bits inserted into an encryption

algorithm. The result determines what encryption functions

will be carried out on a m

essage and in what order

�In sym

metric key algorithms, the sender and receiver use the

same key for encryption and decryption purposes.

�In asymmetric key algorithms, the sender and receiver use

different keys for encryption and decryption purposes.

�Symmetric key processes provide barriers of secure key

distribution and scalability. H

owever, symmetric key algorithms

perform

much faster than asymmetric key algorithms.

30

Quick Tips

�Symmetric key algorithms can provide confidentiality, but not

authentication or nonrepudiation.

�Asymmetric algorithms are used to encrypt keys, and

symmetric algorithms are used to encrypt bulk data.

�Asymmetric key algorithms are much slower than sym

metric

key algorithms, but can provide authentication and

nonrepudiation services.

�Tw

o types of symmetric algorithms are stream

& block ciphers

�Stream

ciphers use a keystream

generator and encrypt a

message one bit at a time.

�A block cipher divides the message into groups of bits and

encrypts them

.

�Many algorithms are publicly known, so the secret part of the

process is the key.

31

Quick Tips

�RSA

is an asymmetric algorithm developed by Rivest, Sham

ir,

and Adleman and is the de facto standard for digital signatures.

�Elliptic curve cryptosystem

s (ECCs) are used as asym

metric

algorithms and can provide digital signature, secure key

distribution, and encryption functionality. They use m

uch less

resources, w

hich m

akes them

better for wireless device and

cell phone encryption use

�In a hybrid system. The asym

metric algorithm encrypts the

symmetric key,

and the symmetric key encrypts the data

�A session key is a symmetric key used by the sender and

receiver of messages for encryption and decryption purposes.

The session key is only good while that communication

session is active and then it is destroyed.

32

Quick Tips

�A public key infrastructure (PKI) is a fram

ework of program

s,

procedures, communication protocols, and public key

cryptography that enables a diverse group of individuals to

communicate securely

�A certificate authority (CA) is a trusted third party that

generates and m

aintains user certificates, which hold their

public keys.

�A certificate is the mechanism the CA uses to associate a

public key to a person’s identity.

�Hashing algorithms provide data integrity only

�W

hen a hash algorithm is applied to a m

essage, it produces a

message digest, and this value is signed with a private key to

produce a digital signature

33

Quick Tips

�Key m

anagem

ent is one of the most challenging pieces of

cryptography. It pertains to creating, m

aintaining,

distributing, and destroying cryptographic keys.

�The Diffie-H

ellman protocol is a key agreem

ent protocol

and does not provide encryption for data and cannot be

used in digital signatures

�Link encryption encrypts the entire packet, including

headers and trailers, and has to be decrypted at each hop.

�End-to-end encryption does not encrypt the headers and

trailers, and therefore does not need to be decrypted at

each hop.

34

Quick Tips

�Pretty Good Privacy (PGP) is an e-m

ail security program

that uses public key encryption. It em

ploys a web of trust

instead of the hierarchical structure used in PKI.

�HTTPS protects the communication channel.

�HTTPS is H

TTP that uses SSL for security purposes.

�Secure Electronic Transaction (SET) is a proposed

electronic commerce technology that provides a safer

method for customers and m

erchants to perform

transactions over the Internet

�IPSec protocols can work in transport m

ode (the data

payload is protected) or tunnel m

ode (the payload and

headers are protected).

35