-
What is steganography?
- -Hides the existence of data
- -What appears to be a harmless image can contain hidden data embedded within the image
- -Can use image files, audio files, or even video files to contain hidden information
-
What is encryption?
- -It is the process of converting an original message into a form that cannot be understood by unauthorized individuals.
- -Encrypt/encipher: to encrypt or convert plaintext to cipher text.
-
What is decryption?
- -Change the secret message back to its original form
- -Decipher/decrypt: to decrypt or convert cipher text to plaintext
-
Encryption Definitions:
Plaintext?
the original unencrypted message that is encrypted and results from successful decryption. Readable data (by person or computer).
-
Encryption definitions:
Cipher?
The transformation of the individual components (characters, bytes, or bits) of an encrypted message into encrypted components.
-
Encryption definitions
Ciphertext or cryptogram
the unintelligible encrypted or encoded message resulting from an encryption. Neither human or machine can properly process it until it is decrypted.
-
Encryption definitions:
Algorithm
the mathematical formula or method used to convert an unencrypted message into an encrypted message. Set of rules that determines how enciphering and deciphering take place
-
Encryption definitions:
Key
the information used in conjunction with the algorithm to create the ciphertext from the plaintext; it can be a series of bits used in a mathematical algorithm, or the knowledge of how to manipulate the plaintext.
-
Encryption definitions:
Keyspace
A range or values that can be used to construct a key. Larger keyspace means more possible keys (and therefore harder to break).
-
Common Ciphers:
substition cipher
- you substitute one value for another:
- -a mono-alphabetic substitution used only one alphabet
- -a polyalphabetic substitution uses two or more alphabets
-
Common Ciphers: Transposition
- or permutation cipher simply rearranges as the values within a block to create the cipher
- -Caesar cipher
- Simple substitution and transposition ciphers are vulnerable to frequency analysis
-
Vernam Cipher
-Also known as the one-time pad, the Vernam cipher was developed at AT&T and uses a set of characters that are used for encryption operations only one time and then discarded
-the values from this one-time pad are added to the block of text, and the resulting sum is converted to text
-
One Time Pad
- Unbreakable if
- -pad must be used only one time (otherwise patterns are introduced)
- -pad must be at least as long as the message (again patterns)
- -pad much be securely distributed and protected at its destination
- Pad must be securely distributed & protected at its destination & must be made up of truly random values/OTP is impractical in most situations
-
Book or Running Key Cipher
Another method used in the occasional spy movie, its the use of text in a book as the algorithm to decrypt a message.
- The key relies on 2 components:
- -knowing which book to use
- -a list of codes representing the page #, line #, and word # of the plaintext word.
-
Stream cipher
- -Takes one character and replaces it with one character.
- -Subtraction cipher is the simplest type of stream cipher
- Advantages and Disadvantages:
- -fast when the plaintext is short
- -more prone to attach because the engine that generates the stream does not vary
-
What are the 3 categories of Cryptographic Algorithms?
- 1. Hashing algorithms
- 2. Symmetric encryption algorithms
- 3. Asymmetric encryption algorithms
-
Explain Hashing
- -also called one-way hash (you can hash, but you can't un-hash)
- -a process for creating a unique "signature" for a set of data (this signature called a hash or digest represents the contents)
- -hashing is used only for integrity to ensure that:
- -information is in its orginal form
- -no unauthorized person or malicious software has altered the data
- -hash created from a set of data cannot be reversed
- use of hashes: at ATM's
-
A hashing algorithm is considered secure if it has these characteristics:
- -the ciphertext hash is a fixed size (regardless of plaintext size)
- -two different sets of data cannot produce the same hash, which is known as a collision
- -it should be impossible to produce a data set that has a desired or predefined hash
- -the resulting hash ciphertext cannot be reversed-the hash serves as a check to verify the message contents.
- -hash values are often posted on Internet sites (in order to verify the file integrity of files that can be downloaded)
-
Hashing Algorithms and CIA+2
- Confidentiality: no
- Integrity: yes
- Availability: no
- Authenticity: no
- Non-repudiation: no
-
Secure Hash Algorithm (SHA)
- -A more secure hash than Message Digest, as a longer hash is harder to attack
- -A family of hashes (SHA-0, SHA-1, SHA-2)
- -SHA-3 is currently under development
-
Message Digest Algorithm
- -one common hash algorithm
- -three versions:
- 1. Message Digest 2 (MD2)-developed in 1989, now considered too slow
- 2. Message Digest 4 (MD4)-flawed, too easy to generate collisions
- 3. Message Digest 5 (MD5)-created in 1991. Successfully attacked in 2004.
-
Password Hashes
- Another use for hashes is in storing passwords
- -when a password for an account is created, the password is hashed and stored
- -not really a true hash, but really a one-way function
- -in LM hashes, the password itself is the key
-
Symmetric Encryption
- -Each of the methods of encryption and decryption described requires that the same algorithm and key are used to both encipher and decipher the message.
- -this is known as private key encryption, secret key, or symmetric encryption
- -in this approach to encryption, the same key-a secret key-is used to encrypt and decrypt the message
-
Symmetric Encryption
- -Symmetric encryption methods are usually extremely efficient, requiring easily accomplished processing to encrypt or decrypt the message.
- -need separate key for each person you want to communicate with.
- -biggest challenge in symmetric key encryption:
- 1. getting a copy of the key to the receiver, process that must be conducted out-of-band to avoid interception
-
Symmetric encryption flow:
1. Plaintext to encryption (key) to cipher-text transmitted to remote user as cipher-text to decryption algorithm (key) to plaintext again.
-
Symmetric Cryptograhic Algorithums and CIA+2
- Confidentiality: yes
- Integrity: yes (by incorporating a hash)
- Availability: yes
- Authenticity: no (a true digital signature would give authenticity and non-repudiation)
- Non-repudiation: no (you can't tie it to a specific individual-do you know that it's John on the other end?)
-
Symmetric Cryptographic Algorithms, continued
Data Encryption Standard:
- -one of the first widely used popular symmetric cryptography algorithms
- -DES is a block cipher and encrypts data in 64-bit blocks
- -DES is a federally approved standard for nonclassified data, it was cracked in 1997 when the developers of a new algorithm, Rivest-Shamir-Aldeman offered a $10,000 reward for the first person or team to crack the algorithm, 14,000 users collaborated over the Internet to finally break the encryption, it took 3 days & 1536 microprocessors.
-
Symmetric Crypto Algorithm, cont.
Triple Data Encryption Standard (3DES)
- -designed to replace DES
- -uses 3 rounds of encryption instead of just one, 16 iterations within each round
- -2^56 times stronger than DES (Data Encryption Standard)
-
Symmetric Crypto Algorithms, cont.
Advanced Encryption Standard
- -approved by the NIST in late 2000 as a replacement for DES (data encryption standard)
- -AES (Advanced Encryption Standard) performs 3 steps on every block (128 bits) of plaintext
- -in 1998 it took a special computer designed by the Electronic Freedom Frontier more than 56 hours to crack DES
- -it would take the same computer approximately 4,698,864 quintillion years to crack AES.
-
What does it mean to say the algorithm is broken?
- -someone was unable to uncover a key that was used during the encryption process (one key used for one instance of encryption)
- -is the algorithm worthless if it has been broken?
- -depends on who your enemies are and how valuable your info is
-
Asymmetric Cryptographic Algorithms
- Asymmetric cryptographic algorithms
- -AKA: public key cryptography
- -uses two keys instead of one
- -the public key is known to everyone and can be freely distributed
- -the private key is known only to the recipient of the message
- -either key can be used to encrypt or decrypt the message
- -however, if Key A is used to encrypt the message, then only Key B can decrypt it; conversely, if Key B is used to encrypt a message, then only Key A can decrypt it
- -if the private key locks, the public key unlocks
- -if the public key locks, the private unlocks
-
Characteristics of Asymmetric Cryptographic Algorithms
- -slower than symmetric
- -better key distribution than symmetric
- -better scalability
- -can also provide authentication and nonrepudiation
-
Flow of Asymmetric Crypto Algorithms:
- Plaintext
- Encryption Algorithm (public key of receiver)
- cipher text
- transmitted to remote user
- in cipher text
- Decryption Algorithm (Private key of receiver)
- Plaintext message
-
Asymmetric Crypto can also be used to create a _____________signature.
- DIGITAL
- A digital signature can:
- -verify the sender (authentication)
- -prove the integrity of the message
- -prevent the sender from disowning the message (nonrepudiation)
-
Asymmetric Cryptographic Algorithms and CIA+2
- Confidentiality-yes
- Integrity-yes
- Availability-yes
- Authentication-yes
- Non-Repudiation-yes
-
Digital Signatures
- -When the asymmetric process is reversed, the private key encrypts a message, and the public key decrypts it. - The fact that the message was sent by the organization that owns the private key cannot be refuted
- -this nonrepudiation is the foundation of digital signatures
- -often a digital signature is a hash value that has been encrypted by a sender's private key
- -digital signatures are independently verified by a central facility (registry) as authentic
- -using a digital signature doesn't encrypt the message itself. To ensure privacy of the message, it must also be encrypted using the receivers public key.
- -with a digital signature, I'm not releasing/revealing my private key, I'm just using it to encrypt something.
-
Digital Signature Flow
- Bob sending Confidential email in plaintext
- Hash algorithm (key)
- Hash
- Encryption Algorithm ( Bob's private key)
- Digital Signature
- Transmitted to Alice
- Encryption algorithm (Bob's public key)
- Hash
- Hash Algorithm (key)
- Hash (they match)
- Alice receives
-
Action
B wants to send A encrypted msg.
A wants to read encrypted msg from B
B wants to send a copy to himself of e. msg he sent A
B receives an encrypted reply msg from A
B wants C to read A's reply that he received
B wants to send A a msg with a digital signature
A wants to see B's digital signature
- Whose key to use? Which key? Why?
- A's key public an encrypted msg is to be sent the recipients key is always used & never the senders'
- A's key private an encrypted msg can only be read by using the recipients' key
- B key public to encrypt, private to decrypt an encrypted msg can only be read by rec. private key.
- B's key Private the recipients private key is used to decrypt received msgs.
- S's key public the msg should be encrypted w/ S's key for her to decrypt & read w/ her private key
- B's key private Bob's private key is used to encrypt the hash
- B's key public key because B's public & private keys are mathematically related Alice can use his public key to decrypt the hash.
-
RSA
- -the most common asymmetric cryptography algorithm
- -1st public key encryption algorithm developed for commercial use
-
Hybrid Crypto Systems
- -Pure asymmetric key encryption is not widely used except in the area of certificates, instead, it is typically employed in the area of conjunction with symmetric key encryption, creating a hybrid system.
- -the hybrid process in current use is based on the Diffie-Hellman key exchange method, which provides a way to exchange private keys using public key encryption without exposure to any third parties.
- -In this method, asymmetric encryption is used to exchange secret key securely over a public network.
- -Once the key has been shared, then both parties can use it to encrypt and decrypt messages using symmetric cryptography
- -Diffie-Hellman provided the foundation for subsequent developments in public key encryption.
-
Uses of Cryptology
- file encryption
- disk encryption
- e-mail security
- web browsing
- remote network access
-
Cryptology Summary
- -Cryptology is the science of transforming information into a secure form while it is being transmitted or stored so that unauthorized users cannot access it.
- -hashing creates a unique signature, called a hash or digest, which represents the contents of the original text
- -symmetric cryptography, also called private key cryptography, uses a single key to encrypt and decrypt a message
- -asymmetric cryptography, also known as public key cryptology, uses two keys instead of one.
- -cryptology can also be used to protect large numbers of files on a system or an entire disk
-
Digital Certificates
- -Digital Certificate is an electronic document, similar to a digital signature, attached to a file certifying that the file is from the organization it claims to be from and has not been modified from the original format.
- -a Certificate Authority (CA) is an agency that manages the issuance of certificates and serves as the electronic notary public to verify their origin and integrity
-
A digital signature typically contains the following information:
- -owner's name or alias
- -owner's public key
- -name of the issuer
- -digital signature of the issuer
- -serial number of the digital certificate
- -expiration date of the public key
-
Certificate Authority
- Certificate Authority
- -an entity that issues digital certificates for others
- -a user provides info to a CA that verifies her identity
- -the CA inserts this public key into the certificate
-
Registration Authority
- Registration Authority
- -handles some Certificate Authority tasks such as processing certificate requests and authenticating user
- -a sub-entity of the CA (Certificate Authority)
-
Certificate Revocation List (CRL)
- Certificate Revocation List
- -lists revoked certificates
- -can be assessed to check the certificate status of other users
- -most CRLs can either be viewed or downloaded directly into the user's Web browser
-
Certificate Repository
- Certificate repository
- -a publicly accessible directory that contains the certificates and CRLs published by a CA
- -CRs are often available to all users through a Web browser interface
-
3 types of Digital Certificates
- 1. Persona digital certificates (mostly used for email)
- 2. Server digital certificates
- 3. Software publisher digital certificates
-
Public Key Infrastructure
- -Public key infrastructure involves public-key cryptology standards, trust models, and key management.
- -a framework for all of the entities involved in digital certificates to create, store, distribute, and revoke digital certificates (includes hardware, software, people, policies, and procedures)
- -PKI is digital certificate management
- Certificate Life Cycle
- 1. Creation: certificate created & issued, user positively id'd
- 2. suspension
- 3. Revocation
- 4. Expiration-every certificate issued by a CA must have an expiration date.
-
Key Management
Proper Key Management includes key storage, key usage, and key handling procedures
-
Key Storage
- -public keys can be stored by embedding them within digital signatures
- -private keys can be stored on the user's local system
- -private keys can be stored on smart cards or in tokens
-
Key Handling Procedures
- Procedures include:
- -Escrow: keys are managed by a third party
- -Expiration
- -Renewal
- -Revocation
- -Recovery
- -Suspension
- -Destruction
-
Trust Models
- Trust may be defined as confidence in or reliance on another person or entity.
- Trust model
- -refers to the type of trusting relationship that can exist between individuals or entities
- Direct Trust
- -a relationship exists between 2 individuals because one person knows the other person
- Third Party Trust
- -refers to a situation in which two individuals trust each other because each trusts a third party
-
Trust Models
- Direct trust is not feasible when dealing with multiple users who each have digital certificates
- Three PKI trust models that use CA
- -Hierarchical Trust Model (I trust the certificates the CA issues)
- -Distributed trust model (CA issues certificates for other CA's, creating a trust chain)
- -Bridge Trust Model (creates a peer to peer relationship between root CA'/a CA exists that does not sign certificates, they just serve as a facilitator to interconnect other CA's)
-
Managing Cryptographic Controls
- -Don't lose your keys
- -Know who you are communicating with (verify keys)
- -It may be illegal to use a specific encryption technique when communicating to some nations
- -Every crypto-system has weaknesses
- -Give access only to those with a business need
- -When placing trust into a certificate authority, ask "who watches the watchers?"
|
|