Information Systems Security

Cryptography

Domain #3

Cryptography Now and Before

In the past – mainly used for confidentiality Today

– Still used for confidentiality– Data integrity– Source authentication– Non-repudiation

Definitions

Cryptography– Hiding the meaning of communication

Cipher– Transforms characters or bits into an

unreadable format Cryptographic Algorithm

– Procedure that turns readable data into an unreadable format (usually through mathematical formulas

More Definitions

Cryptanalysis– Science of studying and breaking encryption

mechanisms Cryptology

– Study of cryptography and cryptanalysis Key Clustering

– When two keys generate the same ciphertext from the same plaintext

MORE Definitions

Cryptosystem– Encompasses all of the components for encryption and

decryption Plaintext

– Readable format / decrypted Ciphertext

– Unreadable format / encrypted Work Factor

– Time, effort, and resources necessary to break a cryptosystem (should be too high for compromise)

Symmetric Cryptography

Two instances of the same key– One key used for encryption and decryption– Sender/receiver use same key (public/shared)

Key distribution a problem Secure 2nd channel needed or offline Does not implement non-repudiation

Historical Symmetric Keys

Hieroglyphics– Recorded in use in 2000 B.C.– 1st known type of cryptography– Only certain people knew the symbols– Used to glorify the life of deceased

Scytale Cipher

Paper or leather was wrapped around a rod Message was written on paper and

delivered by messenger Sender and receiver had to have rod of

same diameter Was used around 400 B.C. Transposition Cipher

Caesar Cipher

Symmetric cipher Keys shifted ‘n’ number of letters Also referred to as a shift cipher If one alphabet is used – monoalphabetic

substitution If two alphabets are used – polyalphabetic

substitution

Example

Decode the following messages:

UIJT POF JT FBTA

Vigenere Cipher

Polyalphabetic substitution cipher Proposed by court of King Henry III An extension of the Caesar Cipher Strength is no frequency analysis can be

performed

Enigma Machine

Rotor cipher used polyalphabetic substitution

Employed in WWII Symmetric – original setting of rotors and

how rotors moved must be the same Sender entered characters and the rotors

moved

Vernam Cipher

One-time pad– Only method that is completely secure– Still used today for backups encryption method– Senders uses one-time pad to encrypt and

receiver uses twin to decrypt

Vernam

Deemed unbreakable if:– Pad is truly random values– Used only once– Securely distributed– Securely stored– Pad is at least as long as message

Key & Algorithm Relationship

Key – long string of values Algorithm – group of mathematical

equations that can be used for the encryption process

Used together – key values are used by the algorithm to indicate which equations to use, in what order, and with what values

Breaking Cryptosystems

Brute Force– Attempts all possible combinations of a given key space

to derive the key Takes ciphertext, applies key, and sees if understandable

plaintext is derived

– How many possible keys? 40-bit key = 1 trillion 56-bit key = 72 quadrillion

– Easily breakable due to Moore’s Law– In 1998, broke DES in three days with 1536 PCs

running at 40 MHz

Frequency Analysis

Patterns in ciphertext are identified and matched back to plaintext

For example, the most common letters in the English language are “iron seat”

Allows attackers to reverse-engineer encryption process

Characteristics of Strong Algorithms

Confusion– Complexity of the process to increase the workfactor of

reverse engineering– Interceptor should not be able to predict what changing

one character will do to ciphertext

Diffusion– Component going through an encryption should have

MANY things take place– Change should affect many part of the ciphertext

Kerckhoff’s Principle

Only secrecy involved with cryptography should be the key

Should not base security on figuring out the algorithm

Algorithms should be publicly known Government does NOT agree

Type of Ciphers Used Today

Substitution Methods Transposition Methods Symmetric Ciphers

– Block– Stream

Asymmetric Ciphers

Encryption/Decryption

Substitution– Substitute one bit for another– Destination has to have the correct key to

indicate how to substitute Transposition

– Bits are moved to new place in stream– No new bits are introduced– Destination must have correct key to

unscramble

Symmetric – Block Cipher

Message is divided into blocks and put through mathematical function

Each block is encrypted separately While message is not encrypted as one

entity Best used in software implementation

S-Box

Substitution box is common component Table where a lookup using a few bits as an

index yields some other bits For example, in an 8 by 32 s-box, you enter

with 8 bits and come out with 32 DES uses 6 by 4 boxes Blowfish uses 8 by 32 boxes

Symmetric Stream Cipher

Encrypts individual bits of the message Bits are X-ORed with a bit from message Stream algorithms have keystroke

generators Best used in hardware implementations Caesar cipher is an example

Message Authentication Code (MAC)

MACs are computed and verified with same key Four types

– Unconditionally secure One time pad

– Has function-based MAC (HMAC) Uses key with hash function (MD5)

– Stream – broken into two substreams– Block – encrypt message and output final block of

ciphertext as checksum (DES)

Digital Signatures

Provide Authenticity and Non-Repudiation– After hashed, MD value is encrypted with

sender’s private key– Receiver validates the digital signature by

decrypting it with the sender’s public key– Provides data integrity, authenticity, and non-

repudiation

Digital Signature vs. MAC

Symmetric Cryptography– MAC = hash + symmetric key

Asymmetric Cryptography– DS = hash + asymmetric key

US Government Standard

Digital Signature Standard (DSS)– Secure hashing algorithm (SHA) must be used

for message digest creation.– DSA, RSA, and ECDSA asymmetric algorithms

can be used for digital signature creation ECDSA = elliptic curve digital signature algorithm

Symmetric Algorithms

Data Encryption Standard (DES) – Break work in half and XOR several times. Became standard in 1977.

Triple DES – Encrypted/decrypted with 3 separate keys. Strength of 2 112.

Advanced Encryption Standard (AES) - Adopted in 1997 by NIST. Had larger block size then DES

Advantages of Symmetric

Very fast and secure method for confidentiality

Implemented in either hardware or software Usually available at no cost to user

Disadvantages

Not able to provide non-repudiation Can not provide access control or digital

signatures Need to share key

Security in Hashing

Strength of Hashing Algorithm– The hash should be computed over the entire

message– Messages cannot be disclosed by MD value– Different messages should generate different

MD values Collision free Resistant to birthday attacks

Hashing Issue

It is easier to find 2 messages that have the same MD than looking for one particular MD value on a message

Hashing value (n) Brute force to find hash value (2n) Brute force to find any 2 matching hash values 2(n/2)

Crux – A hashing algorithm that generates a larger MD value is less vulnerable to a bday attack than one that creates a smaller one

Key Management

Responsibilities– Secure key creation and distribution– Secure key recovery– Secure key storage and destruction

Characteristics– Split knowledge and control– Length of key– Never available in clear text

Asymmetric Key AlgorithmsPublic Key Cryptography

No key exchange needed Users can generate their own public/private

key pairs and exchange them If you receive a public key from Bob, how do

you know it is really Bob? Need a trusted third party to vouch for the

identity of the owner of a public key

Asymmetric Keys

Allows non-repudiation and access control Extremely slow Output may be much larger than the

plaintext Hashing Integrity Digital Signatures

CA and RA Roles

Registration Authority– Accepts registration requests from users– Validates users identities– Passes request to CA

Certificate Authority– Creates digital signature– Binds identity to signature– Maintains certificate during lifetime

Verisign, Thawte, IP, Belsign, etc.

Example

Bob wants to participate in a PKI– Bob send request to RA– RA validates Bob’s identity– RA sends request to CA– CA generates certificate and sends to Bob– Bob’s identity is now bound to the public key

that is embedded in the digital certificate

Components of PKI

Certificate Revocation Lists (CRL)– Certificates can become revoked– CRL is list of revoked certificates signed by CA– Method to tell others not to trust (compromised)

Certificate Directory– Storage of certificates– Usually publicly accessible– Each certificate is digitally signed

Steganography

Hiding information in media– No algorithm, key or encryption required– Hides data– Digital watermarks are used to detect– Messages can be sent without knowledge– Specialized tools to carry this out

Hide and Seek Steg Detect

Email Standards

Pretty Good Privacy (PGP)– Free email client that provides security– Uses passphrases instead of passwords– Web of trust instead of hierarchy of CAs

PGP provides confidentiality via IDEA Integrity via MD5

Secure Protocols

Secure Hypertext (SHTTP)– Protects each message– Older less used

HTTPS– HTTP runs on top of SSL

Provides secure communication channel All messages are protected

Secure Socket Layer (SSL)– Netscape developed; requies PKI– Works at transport layer

Secure email Standard

Secure MIME (SMIME)– Secure Multipurpose Internet Mail Extension– Allows for encryption, hashing, and digital

signatures to take place in a uniform manner– Email client vendors follow this standard

Transparent between different email clients

Secure Electronic Transaction

SET– Developed by Visa and Mastercard for more

secure monetary transactions over the Internet– Uses PKI to protect sensitive data and

authenticates each ‘hop’ in the transaction Slow in acceptance and deployment Goal to replace SSL Slow the throughput of the transaction

Network Layer Protection

IPSec– Developed because IPv4 has no security– Sets up a secure channel between computers

instead of between applications Application secure channels provided by SSL

– Network layer security– Provides host-to-host, host-to-subnet, and

subnet-to-subnet connections

Key Issues with IPSec

Internet Key Exchange (IKE)– Used to negotiate the key exchange between two

entities– Suite of ISAKMP and Oakley protocols

Internet Security Association and Key Management Protocol (ISAKMP)– Framework for key negotiation

Oakley Protocol– Negotiates key information using Diffie-Hellman

algorithm

IPSec Modes of Operation

Transport Mode– Offers payload protection– Protects header up to the network layer

Tunnel Mode– Protects the whole packet– Includes payload and all headers– Creates a new IP header`

Attacks on Crypto

Ciphertext-only Attack– Attacker only has ciphertext– Goal to reverse the encryption process

Known plaintext attack– Attacker has ciphertext and plaintext

Chosen-plaintext attack– Attacker can choose what plaintext is encrypted

Chosen-ciphertext attack– Attacker can choose ciphertext to be decrypted

More Attacks

Replay Attack– Attacker obtains a set of credentials and sends them to

authentication source– Timestamps and sequence numbers protect against this

attack

Man in Middle Attack– Attacker injects itself between two users and reads

messages– Sequence numbers and digital signatures protect

against this attack