Protecting Information Assets - Temple MIS · •An effective way of protecting sensitive ... S....
Transcript of Protecting Information Assets - Temple MIS · •An effective way of protecting sensitive ... S....
MIS 5206 Protecting Information Assets
Protecting Information Assets- Week 12 -
Cryptography, Public Key Encryption
and Digital Signatures
MIS 5206 Protecting Information Assets
MIS5206 Week 12
• Cryptography, Public Key Encryption and
Digital Signatures
• Team Presentations
– Team 3
– Team 4
• Test Taking Tip
• Quiz
MIS 5206 Protecting Information Assets
Cryptography, Public Key
Encryption and Digital Signatures
Cryptography allows people to carry over the confidence found in the physical world to the electronic world
It allows people to do business electronically without worries of deceit and deception
Every day hundreds of thousands of people interact electronically, whether it is through e-mail, e-commerce,
ATM machines or cellular phones using Cryptography
MIS 5206 Protecting Information Assets
Cryptography
• Method of transmitting and storing data in a form that only those it is intended for can read and process
• An effective way of protecting sensitive information as it is transmitted through untrusted network communication paths or stored on media
• Goal: Hide information from unauthorized individuals
• Complements physical and logical access controls
MIS 5206 Protecting Information Assets
Cryptanalysis
• The study of methods to break cryptosystems
• Often targeted at obtaining a key
• Attacks may be passive or active
5
Although the actual word "cryptanalysis" is relatively recent (it was coined by William Friedman in 1920),
methods for breaking codes and ciphers are much older. The first known recorded explanation of cryptanalysis was
given by 9th-century Arabian polymath, Al-Kindi (also known as "Alkindus" in Europe), in A Manuscript on
Deciphering Cryptographic Messages. This treatise includes a description of the method of frequency analysis
MIS 5206 Protecting Information Assets
Cryptanalysis
• Kerckhoff’s Principle
– The only secrecy involved with a cryptosystem should be the key
• Cryptosystem Strength
– How hard is it to determine the secret associated with the system?
6
MIS 5206 Protecting Information Assets
Terminology
• Plaintext – is the readable version of a message
• Ciphertext – is the unreadable results after an encryption process is applied to the plaintext
• Cryptosystem – includes all the necessary components for encryption and decryption
– Algorithms
– Keys
– Software
– Protocols
Harris, S. and Maymi, F. (2016) All-In-One CISSP Exam Guide, McGraw Hill Education
MIS 5206 Protecting Information Assets
Cipher = encryption algorithm2 main attributes combined in a cypher
1. Confusion: usually carried out through substitution
2. Diffusion: Usually carried out through transposition
Harris, S. and Maymi, F. (2016) All-In-One CISSP Exam Guide, McGraw Hill Education
MIS 5206 Protecting Information Assets
Example: Substitution cipher or algorithm
• A mono-alphabetic substitution cipher
• Poly-alphabetic substitution cipher
“SECURITY” <=> “HVXFIRGB”
Harris, S. and Maymi, F. (2016) All-In-One CISSP Exam Guide, McGraw Hill Education
MIS 5206 Protecting Information Assets
Services of cryptosystems
Repudiation – the sender denying he sent the message
Harris, S. and Maymi, F. (2016) All-In-One CISSP Exam Guide, McGraw Hill Education
MIS 5206 Protecting Information Assets
One-Time Pad a perfect encryption scheme
Uses a binary mathematical function called “exclusive OR”, abbreviated as XOR
One-Time Pad Requirements
Harris, S. and Maymi, F. (2016) All-In-One CISSP Exam Guide, McGraw Hill Education
MIS 5206 Protecting Information Assets
Dichotomies is cryptography
• Symmetric versus Asymmetric
• Stream versus block
• Synchronous versus Asynchronous
• 1-Way functions versus 2-Way functions
MIS 5206 Protecting Information Assets
Symmetric versus asymmetric algorithms
• Symmetric cryptography
– Use a copied pair of symmetric (identical) secret keys
– The sender and the receive use the same key for encryption and decryption functions
• Asymmetric cryptography
– Also know as “public key cryptography”
– Use different (“asymmetric”) keys for encryption and decryption
– One is called the “private key” and the other is the “public key”
MIS 5206 Protecting Information Assets
Symmetric cryptography
Two types: Stream and Block Ciphers• Stream Ciphers treat the message a
stream of bits and performs mathematical functions on each bit individually
• Block Ciphers divide a message into blocks of bits and transforms the blocks one at a time
Harris, S. and Maymi, F. (2016) All-In-One CISSP Exam Guide, McGraw Hill Education
MIS 5206 Protecting Information Assets
Symmetric Stream Ciphers
• Easy to implement in hardware• Used in cell phones and Voice Over Internet Protocol
Harris, S. and Maymi, F. (2016) All-In-One CISSP Exam Guide, McGraw Hill Education
MIS 5206 Protecting Information Assets
Symmetric versus asymmetric algorithms
• Symmetric cryptography
– Use a copied pair of symmetric (identical) secret keys
– The sender and the receive use the same key for encryption and decryption functions
• Asymmetric cryptography
– Also know as “public key cryptography”
– Use different (“asymmetric”) keys for encryption and decryption
– One is called the “private key” and the other is the “public key”
MIS 5206 Protecting Information Assets
Asymmetric cryptography
• Public and Private keys are mathematically related• Public keys are
generated from private key
• Private keys cannot be derived from the associated public key (if it falls into the wrong hands)
• Public key can be known by everyone
• Private key must be known and used only by the owner
Asymmetric cryptography is computational intensive and much slower than symmetric cryptography
Harris, S. and Maymi, F. (2016) All-In-One CISSP Exam Guide, McGraw Hill Education
MIS 5206 Protecting Information Assets
Asymmetric cryptography
• Do not get confused and think the public key is only for encryption and private key is only for decryption!
• Each key type can be use used to encrypt and decrypt– If data is encrypted with a private key it cannot be decrypted with the
same private key (but it can be decrypted with the related public key)
– If data is encrypted with a public key it cannot be decrypted with the same public key (but it can be decrypted with the related private key)
MIS 5206 Protecting Information Assets
Asymmetric cryptography
If Jill encrypts data with her private key, the receiver (Bill) must have a copy of Jill’s public key to decrypt it
– By decrypting the message with Jill’s public key Bill can be sure the message really came from Jill
– A message can be decrypted with a public key only if the message was encrypted with the corresponding private key – This provides authentication because Jill is only the only one who is supposed to have her private key
If Bill (the receiver) wants to make sure Jill is the only one who can read his reply, he will encrypt the response with her public key
Only Jill will be able to decrypt the message, because she is the only one who has the necessary private key
MIS 5206 Protecting Information Assets
Asymmetric cryptography
Why would Bill the receiver choose to encrypt his reply to Jill with his private key instead of using Jill’s public key?
– Authentication – Bill wants Jill to know that the message came from him and no one else
– If he encrypted the data with Jill’s public key, it does not provide authenticity because anyone can get Jill’s public key
– If he uses his private key to encrypt the data, then Jill can be sure the message came from him and no one else
– Symmetric keys do not provide authenticity – because the same key is used on both ends (using one of the secret keys does not ensure the message originated from a specific individual
MIS 5206 Protecting Information Assets
Asymmetric cryptography
• If confidentiality is the most important security service, the sender would encrypt the file with the receiver’s public key– This is called a “secure message format” because it can only be decrypted by the person
with the corresponding private key
• If authentication is most important, the sender would encrypt the data with his private key– This provides assurance to the receiver that the only person who could have encrypted the
data is the individual in possession of the private key
– If the sender encrypted the data with receivers public key, authentication is not provided because the public key is available to anyone
– Encrypting data with the senders private key is called an “open message format” because anyone with a copy of the corresponding public key can decrypt the message
– Confidentiality is not assured
MIS 5206 Protecting Information Assets
Hybrid Encryption (a.k.a. “digital envelope”)
Symmetric and asymmetric and algorithms are often used together
– Public key cryptography’s asymmetric algorithm is used to create public and private keys for secure automated key distribution
– Symmetric algorithm is used to create secret keys for rapid encryption/decryption of bulk data
Harris, S. and Maymi, F. (2016) All-In-One CISSP Exam Guide, McGraw Hill Education
MIS 5206 Protecting Information Assets
Hybrid Encryption
1
23
4
Symmetric algorithm uses a secret key to encrypt the block message and the asymmetric key encrypts the secret key for transmission (SSL/TLS uses hybrid)
Harris, S. and Maymi, F. (2016) All-In-One CISSP Exam Guide, McGraw Hill Education
MIS 5206 Protecting Information Assets
Quick review
1. If a symmetric key is encrypted with a receiver’s public key, what security service is provided?
MIS 5206 Protecting Information Assets
Quick review
1. If a symmetric key is encrypted with a receiver’s public key, what security service is provided?
– Confidentiality: only the receiver’s private key can be used to decrypt the symmetric key, and only the receiver should have access to this private key
MIS 5206 Protecting Information Assets
Quick review
2. If data is encrypted with the sender’s private key, what security services is provided?
MIS 5206 Protecting Information Assets
Quick review
2. If data is encrypted with the sender’s private key, what security services are provided?
– Authenticity of the sender and nonrepudiation. If the receiver can decrypt the encrypted data with the sender’s public key, then sender knows the data was encrypted with the sender’s private key
MIS 5206 Protecting Information Assets
Quick review
3. Why do we encrypt the message with the symmetric key?
MIS 5206 Protecting Information Assets
Quick review
3. Why do we encrypt the message with the symmetric key?
– Because the asymmetric key algorithm is too slow
MIS 5206 Protecting Information Assets
What is the difference between…
• Public Key Cryptography
Versus
• Public Key Infrastructure
MIS 5206 Protecting Information Assets
Session keysSingle-use symmetric keys used to encrypt messages between two users in an individual communication session
This is how secure web client applications communicate with server-side services
Harris, S. and Maymi, F. (2016) All-In-One CISSP Exam Guide, McGraw Hill Education
MIS 5206 Protecting Information Assets
Encryption Algorithms
Symmetric– Advanced Encryption
Standard (AES)
– Data Encryption Standard (DES)
– Triple-DES (3DES)
– International Data Encryption Algorithm (IDEA)
– Blowfish
– RC4, RC5, and RC6
Asymmetric– Rivest-Shamir-Adleman (RSS)
– Elliptic curve cryptosystem (ECC)
– Diffie-Hellman
– El Gamal
– Digital Signature Algorithm (DSA)
MIS 5206 Protecting Information Assets
One-way Hash• Assures message integrity
• A function that takes a variable-length string (i.e. message) and produces a fixed-length value called a hash value
• Does not use keys
1. Sender puts message through hashing function
2. Message digest generated3. Message digest appended to the
message4. Sender sends message to receiver5. Receiver puts message through hashing
function6. Receiver generates message digest
value7. Receiver compares the two message
digests values. If they are the same, the message has not been altered
Harris, S. and Maymi, F. (2016) All-In-One CISSP Exam Guide, McGraw Hill Education
MIS 5206 Protecting Information Assets
Digital Signature• A hash value encrypted with the sender’s private key
• The act of signing means encrypting the message’s hash value with the private key
Creating a digital signature for a message
Harris, S. and Maymi, F. (2016) All-In-One CISSP Exam Guide, McGraw Hill Education
MIS 5206 Protecting Information Assets
Message Authentication Codes
• Small block of data generated with a secret key and appended to a message
• HMAC (RFC 2104)
– Uses hash instead of cipher for speed
– Used in SSL/TLS and IPSec
35
MIS 5206 Protecting Information Assets
Cryptographic algorithms and their functions
Harris, S. and Maymi, F. (2016) All-In-One CISSP Exam Guide, McGraw Hill Education
MIS 5206 Protecting Information Assets
Reasons to Use Cryptography
37
Reason How achieved
Confidentiality The message can be encrypted
Integrity The message can be hashed and/or digitally signed
Authentication The message can be digitally signed
Nonrepudiation The message can be digitally signed
MIS 5206 Protecting Information Assets
More cryptography terms
38
TERM DEFINITION
Plaintext A message in its natural format readable by an attacker
Ciphertext Message altered to be unreadable by anyone except the
intended recipients
Key Sequence that controls the operation and behavior of
the cryptographic algorithm
Keyspace Total number of possible values of keys in a crypto
algorithm
Initialization
Vector
Random values used with stream ciphers to ensure no
patterns are created during encryption
MIS 5206 Protecting Information Assets
Public Key Infrastructure
• Not the same as public key encryption algorithm
• All components needed to enable secure communication
– Policies and Procedures
– Keys and Algorithms
– Software and Data Formats
• Assures identity to users
• Provides key management features
39
MIS 5206 Protecting Information Assets
PKI Components
Digital Certificates
• Contains identity and verification info
Certificate Authorities (CA)
• Trusted entity that issues certificates
Registration Authorities (RA)
• Verifies identity for certificate requests
Certificate Revocation List (CRL)
40
MIS 5206 Protecting Information Assets
PKI Cross Certification
• Organizations are setting up their own internal PKIs
• Without a “higher level” CA, the organizations need a way for two root CAs to trust each other
• PKI cross certification allows process to establish a trust relationship between CAs
• Allows each CA to validate certificates issued by the other CA
• Used in large organizations or business partnerships
41
MIS 5206 Protecting Information Assets
Encryption Management
• Key Distribution Center (KDC)
– Uses master keys to issue session keys
– Example: Kerberos
• ANSI X9.17
– Used by financial institutions
– Hierarchical set of keys
– Higher levels used to distribute lower
42
ANSI X9.17-1985, Financial Institution Key Management (Wholesale), is a voluntary standard that utilizes the Data Encryption Standard (DES)
to provide key management solutions for a variety of operational environments.
MIS 5206 Protecting Information Assets
Cryptanalysis Attacks
• Man-in-the-Middle attack
– Hacker intercepts traffic grabs two others’ public keys and replaces it with his/her own public key and uses his/her own private key to decrypt and monitors the traffic between the others
43
MIS 5206 Protecting Information Assets
Cryptanalysis Attacks
• Brute force– Trying all key values in the keyspace
• Frequency Analysis– Guess values based on frequency of occurrence
• Dictionary Attack– Find plaintext based on common words
• Replay Attack– Repeating previous known values
• Factoring Attacks– Find keys through prime factorization
• Known Plaintext– Format or content of plaintext available
44
MIS 5206 Protecting Information Assets
Cryptanalysis Attacks
• Chosen Plaintext
– Attack can encrypt chosen plaintext
• Chosen Ciphertext
– Decrypt known ciphertext to discover key
• Differential Power Analysis
– Side Channel Attack
– Identify algorithm and key length
45
MIS 5206 Protecting Information Assets
Cryptanalysis Attacks
• Social Engineering– Humans are the weakest link
• Random Number Generator (RNG) Attack– Predict initialization vector used by an algorithm
• Temporary Files– May contain plaintext
46
Early versions of Netscape's Secure Socket Layer (SSL) encryption protocol used pseudo-random quantities derived from a
pseudorandom number generator (PRNG) seeded with three variable values: the time of day, the process ID, and the parent process ID. These quantities are often relatively predictable, and so have little entropy and are less than random, and so that version of SSL was
found to be insecure as a result.
MIS 5206 Protecting Information Assets
Birthday Attack
• Collisions
– Two messages with the same hash value
• Based on the “birthday paradox”
• Hash algorithms should be resistant to this attack
47
The birthday paradox, also known as the birthday problem, states that in a random group of 23
people, there is about a 50 percent chance that two people have the same birthday.
MIS 5206 Protecting Information Assets
Is the Birthday Attack Real?
• There are multiple reasons why this seems like a paradox.
• One is that when in a room with 22 other people, if a person
compares his or her birthday with the birthdays of the other
people it would make for only 22 comparisons—only 22 chances
for people to share the same birthday.
48
When all 23 birthdays are compared against each other, it makes for much more than 22 comparisons. How much more? Well, the first person has 22 comparisons to make, but the second person was
already compared to the first person, so there are only 21 comparisons to make. The third person then has 20 comparisons, the fourth person has 19 and so on. If you add up all possible comparisons (22 + 21 + 20
+ 19 + … +1) the sum is 253 comparisons, or combinations. Consequently, each group of 23 people involves 253 comparisons, or
253 chances for matching birthdays.
MIS 5206 Protecting Information Assets
49
Practical Cryptanalysis
• DES Cracker:
– A DES key search machine
– contains 1,536 chips
– Cost: $250,000
– could search 88 billion keys per second
– won RSA Laboratory’s “DES Challenge II-2” by
successfully finding a DES key in 56 hours
MIS 5206 Protecting Information Assets
E-mail Security Protocols
• Privacy Enhanced Email (PEM)
• Pretty Good Privacy (PGP)
– Based on a decentralized trust model (alternative to Public Key Infrastructure PKI which relies on CAs)
– Each user generates a key pair
• S/MIME
– Requires public key infrastructure
– Supported by most e-mail clients
50
MIS 5206 Protecting Information Assets
Network Security
Link Encryption
– Encrypt traffic headers + data
– Transparent to users
End-to-End Encryption
– Encrypts application layer data only
– Network devices need not be aware
51
MIS 5206 Protecting Information Assets
Network Security
SSL/TLS
• Supports mutual authentication
• Secures a number of popular network services
IPSec
• Security extensions for TCP/IP protocols
• Supports encryption and authentication
• Used for VPNs
52
MIS 5206 Protecting Information Assets
Test Taking Tip
53
When one of the answer choices is “all of the above” and at least two statements are unquestionably true
then choose “all of the above.”
• If 2 answers are true, then the additional effort required to certify the answer is not the best use of your time
• Moving quickly through questions you can easily answer saves time for questions that require additional scrutiny
MIS 5206 Protecting Information Assets
Quiz
54