BAI514 – Security I. Cryptography The art and science of hiding the meaning of a communication from unintended recipients Comes from the Greek kryptos

CryptographyBAI514 – Security I

CryptographyThe art and science of hiding the meaning of a

communication from unintended recipientsComes from the Greek

kryptos – hiddengraphein – to write

An attacker may be able to decipher or decode a message using a variety techniquesWork Factor – the cost or time required to recover the

encrypted text

CryptographyCryptography

Can be used to provide integrity authentication non-repudiation

CryptographyCryptanalysis

The process of “cracking” a cryptographic algorithmCryptology

Encompasses both cryptanalysis and cryptography

Symmetric Key CryptographyMost familiar form of cryptography

Secret Key Private Key

Sender and recipient require the same keySender encrypts the message with the secret key

(cryptovariable) to produce ciphertextRecipient applies the same secret key to the ciphertext

to decrypt the messageSecret key must be shared in a secure manner

Symmetric Key CryptographySymmetric Key Encipherment

Many methods exist for scrambling a message Some date back more than 5000 years

Ciphers were also employed by the Romans Caesar cipher

Substitution cipher Letters of the alphabet are shifted n positions to the right If the key was 3, then A would encrypt to D, etc.

Symmetric Key CryptographySymmetric Key Encipherment (cont.)

Substitution Cipher Similar to Caesar Cipher Implemented numerically using modulo 26 addition Letters of alphabet given values of 0-25 Two parameters required

D – number or repeating letters representing the key K – the key


Substitution Cipher (cont.) Example: D=3, K=HAT, MSG=NO TIME

13 14 19 8 12 4 7 0 19 N O T I M E H A T

7 0 19 7 0 19 20 14 12 15 12 2313 14 19 8 12 4 U O M P M X20 14 38 15 12 23 (ciphertext) - 2620 14 12 15 12 23


Substitution Cipher (cont.) Can be attacked through frequency analysis

Most common letters (in order of frequency) e, t, a, o, i, n, s, r

This type of cryptanalysis possible with a monoalphabetic (simple substitution) cipher a char of ciphertext is substituted for a char of plaintext

Polyaphabetic cipher more difficult different alphabet is used for every char substitution


Vernam Cipher (One-Time Pad) Employs a truly random key as long as the message Key is used only once

Transposition (Permutation) Cipher Rather than substitution, the plaintext is scrambled by

permutation ex. NO TIME TI EONMT


Exclusive OR (XOR) Function Performs the Boolean operation of binary addition without

carry on the input bits Amenable to hardware implementations Used as part of encryption/decryption process in symmetric

key cryptography

INPUT A INPUT B OUTPUT

0 0 0

0 1 1

1 0 1

1 1 0

Symmetric Key CryptographySymmetric Key Cryptography Characteristics

Cryptosystems have information known to public and other data kept secret

Public known information Copies of plaintext and associated ciphertext Algorithm for enciphering the plaintext copy of the enciphered

message Possibly, an encipherment of the plaintext that was chosen by

an unintended receiverSecret information

Key (Cryptovariable) Specific transformation, out of all possible transformations

Symmetric Key CryptographySymmetric Key Cryptography Characteristics (cont.)

Generally, the larger the key, the more difficult it is to determine the key 128-bit keys are difficult to break

Issues Sender needs a different secret key for each recipient to

communicate securely with each individually Keys must be communicated between sender and recipient Does not provide authentication or non-repudiation


Examples DES – Data Encryption Standard Triple DES AES – Advanced Encryption Standard Blowfish Twofish IDEA RC5/RC6


Data Encryption Standard (DES) Derived from Lucifer cryptographic system developed by

Horst Feistel at IBM in the early 1970s Used for commercial and non-classified purposed Has been broken


Triple DES Data encrypted with DES three times

EDE (DES-EDE2) Encrypted with Key 1 Decrypted with Key 2 Encrypted with Key 1

EEE (DES-EEE3) Encrypted with Key 1 Encrypted with Key 2 Encrypted with Key 3


Advanced Encryption Standard (AES) Officially replaced DES as the official US standard on

November 1, 2001 Based on the Rijndael algorithm, developed by two Belgian

cryptographers Dr. Joan Daemen Dr. Vincent Rijmen

Supports 128-bit, 192-bit, and 256-bit keys


Blowfish Designed by Bruce Schneier Published in 1993 as a replacement for DES Keys range from 32-448-bits Available to public domain Predecessor to Twofish


Twofish Keys upto 156-bits Finalist in the competition for AES


IDEA Cipher International Data Encryption Algorithm Designed by James Massey and Xuejia Lai Published in 1992 Uses 128-bit key Uses the same modes of operation as DES Used in PGP (Pretty Good Privacy) email encryption


RC5/RC6 Patented family of symmetric cryptographic algorithms

introduced in 1994 Developed by Ronal Rivest Supports keys upto 2,048 bits RC6 in an upgrade to RC5 and operations faster

Public Key CryptosystemsAsymmetric keyAddresses problem of key distribution in symmetric key

cryptographyAll participants have a private key (secret)All participants have a public key (available to public)The two keys are mathematically related

Messages encrypted with one of the keys can only be decrypted with the other key

The private key cannot be derived from the public key

Public Key CryptosystemsOne-Way Functions

Used to generate the public key from the private keyRelatively simple to generate the public key Next to impossible to reverse the process

PK cryptography was advanced by Dr. W. Diffie and Martin Hellman Described a process of securely exchanging secret

keys over a non-secure mediumDiffie-Hellman key exchange

Public Key CryptosystemsPublic Key Algorithms

RSA Developed by Rivest, Shamir, and Addleman Can be used for

Encryption Key exchange Digital signatures

Based on the difficulty of factoring a number, N, which is the product of two large prime numbers The prime numbers may be ~200 digits each

Public Key CryptosystemsPublic Key Algorithms (cont.)

RSA (cont.) Choose two large prime numbers, p and q, and compute

p*q=n, which is the public modulus Choose a random public key, e, so that e and (p – 1)*(q – 1)

are relatively prime (the GCD is 1) Compute e*d = 1 mod [(p – 1)(q – 1)], where d is the public

key Therefore d = e-1 mod [(p – 1)(q – 1)] (d,n) is the private key (e,n) is the public key


El Gamal Expanded the Diffie-Hellman key exchange to apply to

encryption and digital signatures Uses the problem of finding the discrete logarithm of a

number as a hard, one-way function Not patented and is available for public use


Elliptic Curve (EC) Usually defined over finite fields, such as real and rational

numbers Novel approach to hard, one-way functions Can implement an analog to the discrete logarithm problem

where multiplication is the counterpart of modular exponentiation

Public Key CryptosystemsDigital Signatures

Intended to provide at least the same protection and guarantees as obtained when a person physically signs a document

Can also be used to detect unauthorized modifications of a document

Public Key CryptosystemsDigital Signatures (cont.)

Hash Function Digital signature protection is accomplished by transforming

a message or document into a smaller representation that is uniquely bound to the original

A change made to the original will also change the compressed representation

A digital signature is generated by passing the message or file through a one-way hash function

The hash function generates a fixed size output called a message digest


Hash Function (cont.) An ideal hash algorithm should have the following

characteristics Original file cannot be recreated from the message digest Two files should not have the same message digest


Developing the Digital Signature To complete the process, the message digest is encrypted

with the sender’s private key The encrypted message digest is attached to the original file

and the package is sent to the receiver The receiver decrypts the message with the sender’s public

key If the public key opens the message digest and it is the true

public key of the sender, verification of the sender is accomplished The sender’s public key is the only key that can decrypt the

message digest encrypted with the sender’s private key


MD5 Hash function that generates a fixed length message digest

of 128 bits from input files of arbitrary length Developed in 1991 by Ronald Rivest

Public Key CertificatesPossible attack of public key cryptography is an

attacker posting a public key with the name of another person

A counter to this attack would be to implement an analog to a notary public that would certify that a public key is that of the true individual

This is done in the digital world through digital certificates

Public Key CertificatesDigital Certificates

Certification mechanism used to bind individuals to their public keys

Trusted entity is need to guarantee the public key is the valid public key of the associated person

The entity is a Certificate Authority Acts as notary by verifying a person’s identity and issuing a

certificate that vouches for the public key of the named individual The CA signs the certificate with their own private key The certificate is then sent to a repository The repository holds the certificate and Certificate Revocation Lists To verify the CA’s signature, its public key must be cross-referenced

with another CA.

Public Key CertificatesDigital Certificates (cont.)

The X.509 standard defines the format for public key certificates

Digital Certificates and digital signatures are components of the larger field of electronic commerce that requires a public key infrastructure (PKI)

Public Key CertificatesPublic Key Infrastructure (PKI)

The integration of digital signatures, certificates, and the other services required for E-commerce.

PKI provides Integrity Access Control Confidentiality Authentication Non-repudiation

Public Key CertificatesPublic Key Infrastructure (PKI) (cont.)

PKI comprises the following elements: Certificate Authority (CA) Certificate revokation Digital certificates Lightweight Directory Access Protocol (LDAP) Non-repudiation support Policies and procedures Registration authorities Security-enabled applications Timestamping

CryptanalysisThe act of deciphering an encrypted message

without originally having the keyUsed to obtain valuable information and to pass on

altered or fake information in order to deceive the original intended recipient

CryptanalysisCommon Cryptanalysis Attacks

Known plaintext The adversary has a copy of the plaintext corresponding to

the ciphertextChosen plaintext

Selected plaintext is encrypted and produces corresponding ciphertext output

Brute Force Adversary conducts an exhaustive search of the key space

until the correct key is found

CryptanalysisCommon Cryptanalysis Attacks (cont.)

Ciphertext only Ciphertext alone is available to the attacker

Adaptive chosen plaintext Similar to chosen plaintext attack but the selection of the

plaintext is adjusted depending on previous resultsChosen ciphertext

Attacker attempts to decrypt selected portions of ciphertext while having access to the corresponding plaintext


Adaptive chosen ciphertext Attacker attempts to decrypt selected portions of ciphertext

based on the results of previous attemptsMeet-in-the-middle

Adversary attacks double encryption schemes by encrypting known plaintext from one end with each possible key (K) and comparing the results “in the middle” with the decryption of the corresponding ciphertext with each possible key (K)


Linear cryptanalysis Attacker generates a linear estimation of the key using pairs

of known plaintext and corresponding ciphertextDifferential cryptanalysis

Attack is normally applied to block cipher symmetric key cryptographic systems. Adversary looks at ciphertext pairs, which were generated through the encryption of plaintext pairs, with specific differences, and analyzes the effect of these differences


Differential linear cryptanalysis Attacker uses both differential and linear approaches

Factoring Attacker mathematically determines the prime factors of a

productAlgebraic

Applied to block ciphers that exhibit mathematical relationships when encrypted with different keys

Managing Encryption KeysKey destruction

Keys employed for extended periods of time should be disposed of so they cannot be used to read previously transmitted messages

Key distributionProblem with symmetric key cryptography

Keys can be distributed by public key cryptosystems, personal delivery, secure channels, other means?

Managing Encryption KeysKey Recovery

Recovering a key if it is lost, stolen, or misplacedIf an employee leaves an organization, encrypted

information on their computer must be accessible to the organization

Key Escrow can be used to assist in key recovery Key is subdivided into difference parts, each of which is

encrypted and then sent to a different trusted individual in an organization

Managing Encryption KeysKey renewal

Keys used for long periods of time are subject to interception and compromise

Keys should be changed at frequent intervalsKey revocation

Once a key has been compromised, it must be declared insecure and invalid

Can be accomplished through CRL lists provided by CAs

Email SecurityAddresses a number of issues

Message integrityRestricting accessNon-repudiationSource authentication

Email SecurityEmail Security Mechanisms

MIME Object Security Services (MOSS) Applied DES, MD2/MD5, and RSA public key for non-repudiation,

authentication, confidentiality, and integrityPretty Good Privacy (PGP)

Strong email encryption package which uses IDEA symmetric key cipher for email encryption and RSA for symmetric key exchange and digital signatures

Privacy Enhanced Mail (PEM) Uses RSA public key encryption for digital signatures and secure key

distribution and applies Triple DES-EDE to maintain message confidentialitySecure Multi-purpose Internet Mail Extensions (S/MIME)

Provides secure services to email in MIME format through digital signature authentication and public key message encryption

Disk EncryptionDisks can be protected by encryption to different degrees of

security.Tools available for disk encryption

True Crypt Provides disk or USB flash drive encryption for Linux and Windows

using AES, Serpent, or Twofish symmetric key algorithms PGP Whole Disk Encryption

Useful to protect desktops, laptops, USB flash drives, external drives, and swap files

WinMagic SecureDoc Applicable to hard disks, USB flash drives, CDs and DVDs on

Windows Employs a variety of access controls including hardware tokens,

passwords, smart cards, and biometrics

Hacking ToolsPGPCrack

Brute-force approach to finding a PGP passphrase to attack a PGP encrypted file

Magic LanternDeveloped by the FBI to capture keystrokesCan be delivered to the victim by email

WEPCrackUsed to break WEP keys

AirsnortUsed to audit wireless networks and break WEP keys

CypherCalcCryptographic and cryptanalysis programmable calculator that

performs mathematical operations used in many cryptosystems

FIN

Documents

BAI514 – Security I. Cryptography The art and science of hiding the meaning of a communication from unintended recipients Comes from the Greek kryptos