Upload
others
View
7
Download
0
Embed Size (px)
Citation preview
.
CIS 3500 1
Cryptographic Concepts
Chapter #26:
Cryptography and Public Key Infrastructure
Chapter Objectives
n Identify the different types of cryptography
n Learn about current cryptographic methods
n Understand how cryptography is applied for security
n Given a scenario, utilize general cryptography concepts
n Compare and contrast basic concepts of cryptography
Cryptographic Concepts2
Cryptographic Concepts
n Cryptography is the science of encrypting, or hiding,
information
n These complicated methods are cryptographic algorithms,
also known as ciphers
n The word “cipher” comes from the Arabic word sifr,
meaning empty or zero
Cryptographic Concepts3
General Cryptographic Concepts
n Historical ciphers were simple to use, simple to break
n More advanced transposition and substitution ciphers
n Ciphers were automated (electro)mechanical device
n German Enigma machine from World War II
n When setting up a cryptographic scheme, it is important
Cryptographic Concepts4
.
CIS 3500 2
General Cryptographic Concepts
n Plaintext needs to be protected – it is encrypted into ciphertext
n We use an algorithm and a key
n Cryptanalysis – attempt to return the encrypted message to its
original form
n Differential cryptanalysis – comparing the input plaintext to the
output ciphertext to try to determine the key
n Linear cryptanalysis – uses both plaintext and ciphertext, puts the
plaintext through a simplified cipher to try to deduce what the key
is likely to be in the full version
Cryptographic Concepts5
Fundamental Methods
n The choice of algorithm depends on the type of cryptographic operation
that is desired
n Choice of key is then tied to the specific algorithm
n Cryptographic operations include
n encryption for the protection of confidentiality
n hashing for the protection of integrity
n digital signatures to manage non-repudiation, and
n specialty operations such as key exchanges
n Mathematical specifics can be very complex
n Data is characterized by its usage: data-in-transit, data-at-rest, or data-
in-use; block form or stream form
Cryptographic Concepts6
Cryptographic Concepts
Algorithms
n Encryption schemes are based upon an algorithm
n step-by-step problem-solving procedure
n made up of mathematical steps for encrypting and decrypting
information
n They are designed to use a key – a special piece of data used in
both the encryption and decryption processes
n The algorithms are the same, but every implementation uses a
different key
7
Symmetric Algorithms
n Usually use same key for encryption and decryption
n Require sender and receiver to agree on a key before they
communicate securely
n Security lies with the key
n Also called secret key algorithms, single-key algorithms, or
one-key algorithms
Cryptographic Concepts8
.
CIS 3500 3
Modes of Operation
n In symmetric or block algorithms, there is a need to deal
with blocks of identical data to prevent multiple blocks of
ciphertext that would identify the blocks of identical input
n There are five common algorithmic modes that are detailed
in NIST SP 800-38A, Recommendation for Block Cipher
Modes of Operation: Methods and Techniques
n Electronic Code Book (ECB), Cipher Block Chaining (CBC),
Cipher Feedback Mode (CFB), Output Feedback Mode
(OFB), and Counter Mode (CTR)Cryptographic Concepts9 Cryptographic Concepts
Asymmetric Algorithms
n Use different keys for encryption and decryption
n Decryption key cannot be calculated from the encryption
key
n Anyone can use the key to encrypt data and send it to the
host; only the host can decrypt the data
n Also known as public key algorithms
n RSA, Diffie-Hellman, ECC, and ElGamal are asymmetric
protocols
10
Cryptographic Concepts
ECC (Elliptic Curve Cryptography)
n ECC works on the basis of elliptic curves
n y2 = x3 + ax2 + b
n They have a special property — you can add two points on
the curve together and get a third point on the curve
n Users agree on a curve and a fix point
n With a secret random number calculate a public key
n That can be used to encrypt messages
11 Cryptographic Concepts
Symmetric vs. Asymmetric
Type of Algorithm Advantages Disadvantages
Symmetric Single key
Faster
Less computation
Requires sender and receiver to agree on a
key before transmission of data
Security lies only with the key
High costs
Asymmetric Encryption and decryption keys
are different
Decryption key cannot be
calculated from encryption key
Security of keys can be compromised when
malicious users post phony keys
Slower
Lots of computing power needed
12
.
CIS 3500 4
Hashing
n Hashing algorithm is a special mathematical function that performs one-
way encryption – no feasible way to retrieve the plaintext
n There is no feasible way to generate two different plaintexts that compute
to the same hash value
n Store computer passwords - the hash value is reproducible
n Can be compromised with a collision attack, in which an attacker finds
two different messages that hash to the same value
n Hash algorithms: Secure Hash Algorithm (SHA) series, the RIPEMD
algorithms, and the Message Digest (MD) hash of varying versions (MD2,
MD4, MD5)
Cryptographic Concepts13
Salt, IV, Nonce
n The term salt refers to addition of a high-entropy piece of
data concatenated with the material being hashed
n Salts are useful when the text is short and low in entropy
n An initialization vector, or IV, is used in several ciphers,
particularly in the wireless space
n IVs can add randomness and are used in block ciphers
n A nonce is similar to a salt or an IV, but it is only used
once
Cryptographic Concepts14
Weak/Deprecated Algorithms
n The challenge is understanding which algorithms have fallen to
attacks and avoiding their use
n Hash algorithms, such as MD5, should be considered inappropriate -
manufactured collisions have been achieved
n Even newer hash functions have issues, such as SHA-1 and soon SHA-
256
n The Data Encryption Standard, DES and 3DES, have fallen from favor
n There new forms of these functions are widely available, e.g. AES
that are computationally efficient
Cryptographic Concepts15
Key Exchange
n Cryptographic mechanisms use an algorithm and a key
n In symmetric encryption, the secrecy depends upon the secrecy of the key
n Key exchange is the central foundational elemen
n In asymmetric systems, the key exchange problem is one of key
publication
n Early key exchanges were performed by trusted couriers
n The Diffie-Hellman key exchange is one example of secure key exchange
n It depends upon two random numbers, each chosen by one of the parties
and kept secret
Cryptographic Concepts16
.
CIS 3500 5
Cryptographic Objectives
n Cryptographic methods exist for a purpose: to protect the
integrity and confidentiality of data
n There are many associated elements to enable a system-
wide solution
n Perfect forward secrecy, non-repudiation, key escrow, and
others enable successful cryptographic implementations
Cryptographic Concepts17
Digital Signatures
n A digital signature is a cryptographic implementation
designed to demonstrate authenticity and identity
associated with a message
n Digital signatures are based upon both hashing functions
and asymmetric cryptography
n User can decrypt the hash with the public key of the
originator, that user knows that the hash was encrypted by
the corresponding private key – nonrepudiation
Cryptographic Concepts18
Diffusion
n Diffusion is a principle that the statistical analysis of
plaintext and ciphertext results in a form of dispersion
n A change in one character of plaintext should result in
multiple changes in the ciphertext in a manner that
changes in ciphertext do not reveal information as to the
structure of the plaintext
Cryptographic Concepts19
Confusion
n Confusion is a principle to affect the randomness of an
output
n The concept is operationalized by ensuring that each
character of ciphertext depends on several parts of the key
n Confusion places a constraint on the relationship between
the ciphertext and the key employed, forcing an effect that
increases entropy
Cryptographic Concepts20
.
CIS 3500 6
Collision
n A collision is when two different inputs have the same output on a
cryptographic function such as a hash
n Inputs to a hash function are infinite (unlimited in length) and the
number of unique outputs is limited by hash size, collisions have to
occur
n The issue is whether one can manufacture a collision
n If two inputs can be generated that produce the same hash value, this
enables the movement of a digital signature from an original to a near
duplicate, resulting in the failure of the digital signature to protect an
original
Cryptographic Concepts21
Steganography
n Steganography gets its meaning from the Greek word
“steganos,” meaning covered
n Hide data inside other data
n The most common application is the concealing of a text
message in a picture file – difficult to detect
n They can also be hidden in video and audio files
n Editing the LSB (least significant bit)
Cryptographic Concepts22
Obfuscation
n Obfuscation is the masking of an item to render it
unreadable yet still usable
n Code obfuscation is the process of making the code
unreadable by adding complexity at the time of creation
n Makes it impossible to easily understand, copy, fix, maintain
n Using cryptographic functions to obfuscate materials is more
secure in that it is not reversible without the secret element
Cryptographic Concepts23
Stream vs. Block
n Block operations are performed on blocks of data, enabling both
transposition and substitution operations
n Stream data has become more common with audio and video
across the Web – bit by bit or byte by byte (substitution
Cryptographic Concepts24
.
CIS 3500 7
Key Strength
n The strength of a cryptographic function typically depends
upon the strength of a key
n Direct comparison of key strength is not easily done
n Some cryptographic systems have fixed key lengths, such
as 3DES, while others, such as AES have multiple lengths,
AES-128, AES-192, and AES-256
Cryptographic Concepts25
Session Keys
n A session key is a symmetric key used for encrypting messages
during a communication session
n It is generated from random seeds and is used for the duration of
a communication session
n Session keys provide significant levels of protection during the
communication session – perfect forward secrecy
n Offer the advantages of symmetric encryption, speed, strength
and simplicity, and, with key exchanges possible via digital
methods, significant levels of automated security
Cryptographic Concepts26
Ephemeral Key
n Ephemeral keys are cryptographic keys that are used only
once after generation
n When an ephemeral key is used as part of the Diffie-
Hellman scheme, it forms an Ephemeral Diffie-Hellman
(EDH) key exchange
n An EDH key exchange generates a temporary key for each
connection, never using the same key twice
n This provides for perfect forward secrecy
Cryptographic Concepts27
Secret Algorithm
n Algorithms: published details and those whose steps are
kept secret
n Secrecy has its uses in security: passwords, or how to
apply security elements, or use of multiple rounds of
multiple hash functions
n It makes reverse engineering difficult, if not impossible
n The drawback of keeping a cryptographic algorithm secret
is that it reduces the testing of the algorithm
Cryptographic Concepts28
.
CIS 3500 8
Data-in-Transit
n Transport encryption is used to protect data-in-transit, or
data that is in motion
n It is at risk of interception
n When utilizing the TCP/IP protocol, Transport Layer
Security (TLS) is one specific method of managing security
at the transport level
n Secure Sockets Layer (SSL) is another example
Cryptographic Concepts29
Data-at-Rest
n Protecting data-at-rest is the most prominent use of
encryption – referred to as data encryption
n Whole disk encryption of laptop data is an example of data-
at-rest protection
n The same concept applies to data being stored in the cloud,
where encryption can protect against unauthorized reading
Cryptographic Concepts30
Data-in-Use
n Data-in-use is the term used to describe data that is stored
in a non-persistent state of either RAM, CPU caches, or CPU
registers - concern
n RAM scraping malware are occurring
n This data can be encrypted
n New techniques, such as Intel’s Software Guard Extensions
(SGX), promise a future where sensitive data can be
protected from all other processes
Cryptographic Concepts31
Random/Pseudo-Random Number Generation
n Many cryptographic functions require a random number
n A true random number has no correlation to previous or
future random numbers, and has a uniform distribution
n The next number cannot be predicted
n True random numbers are virtually impossible to generate
Cryptographic Concepts32
.
CIS 3500 9
Random/Pseudo-Random Number Generation
n Pseudo-random numbers statistically appear to be random
with respect to frequency distribution, because they are
algorithmically generated, if one knows the algorithm and the
seeds, one can predict future values
n For cryptographic purposes unpredictability important
n Specialized random/pseudo-random number generation
algorithms that minimize the predictability element
n Use a cryptographically secure random number generator to
prevent introducing flaws into the encryption protections
Cryptographic Concepts33
Key Stretching
n Key stretching takes what would otherwise be weak keys
and “stretches” them to make the system more secure
n With computational power hash functions can be computed
very quickly
n To make the problem more difficult, either the keyspace
must be increased or the computation must be slowed down
n Key stretching: increasing the computational complexity by
adding iterative rounds of computations
Cryptographic Concepts34
Implementation vs. Algorithm Selection
n When using cryptography for protection of data, several
factors need to be considered
n One of the first decisions is which algorithm to select
n The algorithm must be matched to the intended use, and
deprecated algorithms must be avoided
Cryptographic Concepts35
Cryptographic Modules
n A cryptographic module is a hardware or software device
that performs cryptographic operations
n Crypto modules use a hardware, software, or hybrid
cryptographic engine, and cryptographic keys that do not
leave the boundary
n Maintaining all secrets within a specified protected
boundary is a foundational element of a secure
cryptographic solution
Cryptographic Concepts36
.
CIS 3500 10
Cryptographic Service Provider
n A cryptographic service provider (CSP) is a software library
that implements cryptographic functions – encoding and
decoding
n In Windows, the Microsoft CryptoAPI (CAPI) is a CSP for all
processes that need specific cryptographic function
n This provides a standard implementation of a complex set
of processes
Cryptographic Concepts37
Perfect Forward Secrecy
n Perfect forward secrecy is a property of a public key system
n A key derived from another key is not compromised even if
the originating key is compromised in the future
n This is especially important in session key generation:
if perfect forward secrecy were not in place, then past
messages that had been recorded could be decrypted
Cryptographic Concepts38
Security Through Obscurity
n Security through obscurity is the concept that security can
be achieved by hiding what is being secured
n This alone has never been a valid method of protecting
secrets
n But this does not mean obscurity has no role in security
n It can make hard for an attacker to easily guess critical
pieces of information
Cryptographic Concepts39
Common Use Cases
n Cryptographic services are being employed in more and
more systems
n There are many common use cases associated with them
n Examples include implementations to support low power,
low latency, high resiliency, confidentiality, integrity, and
non-repudiation
Cryptographic Concepts40
.
CIS 3500 11
Stay Alert!
There is no 100 percent secure system, and
there is nothing that is foolproof!