Security+All-In-One Edition

Chapter 4 – Cryptography

Brian E. Brzezicki

Cryptography (77)

Cryptography – science of encrypting information.– “scrambles” data so only authorized parties can

“unscramble” and read data using two methods• Can substitute – change one letter with a different letter• Can transpose – scramble the order of letters, without actually

changing one for another.

– The best cryptosystems both substitute and transpose.

Cryptanalysis* - science of studying, breaking, and reverse engineering algorithms and keys.

Visual next slide

Basic Idea

Cryptography History (78)

Romans used a shift cipher called a “CEASAR” cipher. Shift Ciphers simply shift characters in an alphabet.

(visual on next slide)

ROT13 / shift cipher

Go to http://www.rot13.com to try

Transposition Cipher

Jumbles up the ordering of characters in a message. The Spartans of Greece used a form of this called the “Scytale” Cipher.

(visual on next page)

Scytale (77)

Vigenere Cipher (79)

Polyalphabetic Substitution Cipher – A more advanced substitution cipher as it any letter can have multiple letters substituted for it!

That is an A will not always map to an N• Harder to break!

Visual next slide

Vigenere Cipher

Question

• So far which of the CIA triad does cryptography provide? (so far)

• Can Cryptography provide any more of the CIA triad?

Encryption algorithm design Best Practices (80)

• Algorithms should be open to review. Why?• assume the attacker knows your

encryption/decryption algorithm. Why?• The only thing that should be secret in a

cryptosystem is the “key”• The larger the key space is, the more secure

a cryptosystem is, this is called “Key Complexity” What is the key space (next slide)

(more)

Cryptosystem Definitions (670) (n/b)

• Key space – the range of possible values used to construct keysexample:

if a key can be 4 digits (0-9) key space = 10,000 (0000 – 9999)if it can be 6 digitskey space = 1,000,000 (000,000 – 999,999)

• Work factor – estimated time and resources to break a cryptosystem

Encryption algorithm design Best Practices (80)

• Keys should be randomly chosen from the entire key space. If I have a key that is six characters consisting of 0-9 and A-Z.– Why would the key “000001” be a bad key to use.

• Keys must be security distributed and storage / accessed. Why?

• A key should be retired after so many uses. Why?

Encryption Modes – Block (n/b)

Take the message and break it up into fixed sized blocks, encrypt each block using the given key.

Visual next page

Block (ECB encryption) (n/b)

Block Encryption (n/b)

Problems with Block Encryption?

• If a block has the same contents, the resulting cipher text block will have the same cipher text.

Block Encryption Problems

Solving Block Encryption Problems

• Often with block encryption, we include a value in addition to the key that changes for each block, so we don’t get repetitive cipher text blocks. This is called Cipher Block Chaining (see next slide)– Initialization Vectors are used with the first block

in CBC

Cipher Block Chaining (n/b)

IV

Replaces IV

XORing (n/b)XORing is a Boolean mathematical “function” which

creates an output bit based on two input bits. It outputs a 1 IF and ONLY if one bit of input is 1 and the other is a 0.

INPUT1 INPUT 2 XOR OUTPUT------------------------------------------------------------------

0 0 = 00 1 = 11 0 = 11 1 = 0

Stream Encryption (n/b)The “key” is used as a key stream generator, which

creates a series of bits each are is mathematically combined with the bit stream of plaintext to produce cipher text. This is done for small pieces of information, or information not in blocks.

• Keyboard input• Morse code• Any input that arrives one bit or byte at a time

(visual next slide)

Stream EncryptionCipher Text Bit Keystream Bit Output Bit

0 1

1 1

1 0

0 1

1 XOR 1 = 0

Cipher text = 0

Stream EncryptionCipher Text Bit Keystream Bit Output Bit

0 1

1 1

1 0

0 XOR 1 = 1

Cipher text = 0 1

Stream EncryptionCipher Text Bit Keystream Bit Output Bit

0 1

1 1

1 XOR 0 = 1

Cipher text = 0 1 1

Stream EncryptionCipher Text Bit Keystream Bit Output Bit

0 1

1 XOR 1 = 0

Cipher text = 0 1 1 0

Stream EncryptionCipher Text Bit Keystream Bit Output Bit

0 XOR 1 = 1

Cipher text = 0 1 1 0 1

One Time Pad (81)

1011 – plain text

0101 – pad

------ XOR

1110 – cipher text• In a one time pad you use a different

key/pad each time you send a message

One Time Pad (81)

• A “perfect cryptosystem”

• Unbreakable if implemented properly

• The key is a series of bits (0 and 1)

• The plain text is converted to bits

• The message is XORed with the pad/key to generated the cipher text

(more)

One Time Pad considerations

• The pad must be used only one time

• The pad must be shared by both sides.

• The pad must be as long as the message

• The pad must be securely distributed

• The pad must be used up of truly random values

Symmetric Encryption

Idea same key is used to BOTH encrypt and decrypt data!

Symmetric Encryption (86)• Called Symmetric or “Private Key encryption”

• Must securely distribute keys to both parties. – Chicken in the egg situation with networks

• Anyone with the key can either encrypt or decrypt

• Very Fast to encrypt or decrypt

• Key Management is the big issue

Key Managementn: number of parties who want to securely communicate

# keys = (n*(n-1)) / 2

5 = (5*4)/2 = 10 keys

10 = (10*9)/2 = 45 keys

100 = (100*99)/2 = 4950 keys

1000 = (1000*999)/2 = 499500 keys

Symmetric Algorithms – DES (87)

Data Encryption Standard• Developed from at NIST request for an encryption

standard• Chosen algorithm was called “Lucifer” from IBM• Block Cipher• Fixed sized blocks of 64 bits• Key size 64 bits, effective size is 56 bits• 16 rounds of substitution and transposition• DES is no longer considered strong enough, can be

broken easily with distributed computing.

Triple DES (89)

Nothing but DES 3 times

• 3DES – EEE3

• 3DES – EDE3

• 3DES – EEE2

• 3DES – EDE2

Since it’s 3 x DES, 48 rounds of substitution and transposition.

AES (90)

Developed as a replacement to DES

• Actual algorithm is called “Rinjdael”

• Block cipher

• 128 bit blocks

• Key sizes of 128,192, 256

• Rounds depend on key size– 9: for 128 keys– 11: for 192 keys– 13: for 256 bit keys

RC5 and RC6 (92)RC5• Block cipher• Block size 32, 64, 128• Key Size up to 2048 bits• Rounds up to 255, minimum of 12 recommended

RC6• Block cipher based on RC5• Same attributes as RC5• Developed to be a AES candidate• Faster that RC5

Blowfish (94)

• Block cipher

• 64 bit blocks

• Keys 32 - 448 bits

• 16 rounds is the “full version”

• Free algorithm

IDEA (94)

International Data Encryption Algorithm

• Proposed AES candidate

• Block cipher

• 64 bit blocks

• 128 bit keys

• Not free, Patent expires soon though

• Used in PGP

RC4 (93)

• Stream cipher – what was that again?

• Was proprietary, but released on Internet in 1994, “ARC4” is the “open version of RC4”

• Key length 8 – 2048 bits

• Used in SSL and WEP communication

Symmetric (n/b)

That’s Symmetric EncryptionFor the exam• Understand the concept (shared keys)• Understand it’s strengths (fast for bulk

encryption and decryption)• Understand it’s weaknesses (key

management, non-repudiation)• Understand the different algorithm

“properties” on the slides.

Just seeing if you were still awake

Asymmetric Encryption (95)

Use 2 keys, public key to encrypt a message, private key can decrypt

Asymmetric Encryption (95)• Called Public key encryption• Requires 2 related keys

– Public key – given to anyone– Private key – kept secret

• Public key is used to encrypt message• Private key is used to decrypt message• Private key is used to sign messages• Public key is used to validate signed

messages(more)

Asymmetric Encryption (95)• Key exchange is simple!• Asymmetric Encryption is SLOW, not suitable for

encrypting large amounts of data• What is a problem with Asymmetric Encryption and

key exchange? (MiM)• Can be used to “digitally sign” a message (in a few

slides)– Provides integrity– Provides non-repudiation

• Can anyone see a use to Asymmetric encryption already?* (very important)

• Need a key exchange slide!

Diffie-Hellman (97)

• The original Asymmetric algorithm

• Used with SSL, VPNS, ssh

• Used ONLY for key exchange

• Generates session keys for secure SYMETRIC encryption communications

Asymmetric Algorithms – RSA (96)

• Can be 100 times slower than DES

• Can be used for encryption, key exchange and digital signatures

• Security based on difficulty of factoring large numbers.

• Was patented, has expired

DSA

• Designed for use in the Digital Signature Standard

• Can only be used for signing.

El-Gamal (98)

• Encryption or digital signatures• Free• Can be used for encryption, key exchange

and digital signatures• Security based on computing discrete

logarithms in a finite field?!? Yeah.. I don’t even know what that means… time to go back to math class.

• Slow• Based on / extended Diffie-Hellman

ECC (98)

• Encryption, key exchange or digital signatures

• Security based on analyzing elliptic curves in finite fields

• Does not require much computing overhead as such used in devices with low resources (PDAs, Cell phones etc)*

Asymmetric Overview• Uses 2 keys, one for encryption, one for decryption• This mitigates the key management, key distribution

problem (kind of…)• Is VERY slow (orders of magnitude slower)• Can provide integrity and proof of sender (non-

repudiation)• Often used in a hybrid system (along with private

key encryption)– Encrypt symmetric keys using asymmetric algorithms– Actually do large scale encryption with these asymmetric

keys!

Hashing (81)

• No.. Get your mind out of the gutter, your not in Amsterdam

Hashing (81)

Hashing is similar to encryption… but different.

Hashing is a one way operation.

1. Take input message

2. Put through hashing function

3. Retrieve fixed length value (hash digest)

Hash

Try for yourself at http://www.fileformat.info/tool/hash.htm

Hashes (81)

• Once hashed, no way to get back the original message

•Hash digests are fixed, so multiple messages theoretically could produce the same hash digest (collision) oh… no...

(more)

Hashes (81)• Hashing can provide integrity (assuming no MiM

(next slide))• Hashes can be combined with a private key to

provide protection against MiM attacks (visualization in a few slides next slide)

• The more bits in the digest, generally the more secure (less change for collision…generally)

• One Example of a hash that you are probably familiar with is called a “CRC”

visualization next

Normal use of Hash

Hash MiM attack (phase 1)

Hash MiM (phase 2)

HMAC (n/b)

Hash algorithms – SHA (82)

Secure Hash Algorithm• Designed/Published by NIST and NSA• Designed for use in the DSS• Modeled after MD4• SHA-1 (SHA-160) – 160 bit digest

– 512 bit blocks• SHA-256 – 256 bit digest

– 512 bit blocks• SHA-384 – 384 bit digest

– 1024 bit blocks• SHA-512 – 512 bit digest

– 1024 bit blocks

MD2 (84)

• Developed by Ronald Rivest (of RC and RSA fame)

• Optimized to run on 8 bit computers

• 128 bit digest

• 128 bit blocks

MD4 (85)

• Optimized for 32 bit computers

• 128 bit digest

• Collisions can be found in under 1 minute on a PC ;(

MD5 (85)

• Similar to MD4, but more secure

• Slower and more secure

• 128 bit digest

• 512 bit blocks

• Was part of the NTLM authentication protocol

• Collisions in 8 hours on a PC

• Moving away from, to SHA

Hash overview• Know what a hash is

– Concept– Fixed length digest– What is a hash used for– Know what a collision is– Know it’s susceptible to MiM– Know what HMAC is, and what it tries to

accomplish

• Be familiar with MDx, and SHA-x• Understand that SHA is considered the best

algorithm

Digital Signatures

NO!!!

Digital Signing (102)

Digital Signing (102)Generally when I digital sign something.. I don’t

encrypt the whole message. Instead

1. Run message through hash algorithm, generated message digest

2. Sign the “message digest”

3. Send both the original message and the encrypted message digest

Digital Signing (102)Provides

• Integrity

• Non repudiation (next slide)

• NOT confidentiality

Non-Repudiation (101)

Non-Repudiation – being able to definitively prove someone said or wrote something.

• Proves they actually sent a message• Proves the message was not altered

Digital Signatures provide NON repudiation because they

1)Ensure that a specific person created a message

2)Ensure that the message has not been altered (integrity)

Digital Signing

Do quick example using Linux and PGP

Steganography

Steganography (99)

Steganography (99)

Stenography (99)

• Donkey Kong is cool!

• Don’t believe me?– Go to http://www.paladingrp.com/splus/dk.png– Save that file– Go to http://www.imagecipher.com– Upload the file, and decrypt

Stenography (99)

Attempts to send a message “in plain sight”, by hiding it in another message (a picture)

• What is a picture as far as a computer is concerned?

• How does this work?

Stenography Overview

• Go home and play Donkey Kong, really you deserve it after today ;-)

Chapter Review

Q. Which of the CIA triad does a hash provide?

Q. An HMAC is used to try to prevent MiM attacks. Does a HMAC provide non-repudiation?

Q. Why don’t we just use Asymmetric Encryption for all encryption?

Q. What is Diffie-Hellman primarily used for?

Chapter ReviewQ. What is AES meant to replace, what is the

algorithm that was chosen to be AES?

Q. True or false, If I encrypt a message with someone's public key, anyone with the public key can decrypt it.

Q. What is the Asymmetric algorithm commonly used in PDAs and cell phones?

Q. How many rounds does triple DES have?