Chapter-2 Cryptography.pdf
Document Details
Uploaded by RelaxedProsperity
Tags
Full Transcript
Chapter 2: Cryptography SPRING 2024 | CIT460 COMPUTER AND INFORMATION SECURITY Learning Objectives ▪Define cryptography ▪Describe hash, symmetric, and asymmetric cryptographic algorithms ▪List the various ways in which cryptography is used Defining Cryptography ▪Defining cryptography involves: ▪...
Chapter 2: Cryptography SPRING 2024 | CIT460 COMPUTER AND INFORMATION SECURITY Learning Objectives ▪Define cryptography ▪Describe hash, symmetric, and asymmetric cryptographic algorithms ▪List the various ways in which cryptography is used Defining Cryptography ▪Defining cryptography involves: ▪Understanding what it is ▪Understanding what it can do ▪Understanding how cryptography can be used as a security tool to protect data What is Cryptography ▪Cryptography ▪ Scrambling information so it cannot be read or understood ▪ Transforms information into a secure form so unauthorized persons cannot access it ▪ Should be used to secure data that needs to be protected ▪ Can be applied through either software or hardware ▪Steganography ▪ Hides the existence of data ▪ An image, audio, or video file can contain hidden messages embedded in the file ▪ Achieved by dividing data and hiding in unused portions of the file What is Cryptography ▪Origins of cryptography ▪ Used by Julius Caesar ▪Encryption ▪ Changing original text into a secret message using cryptography ▪Decryption ▪ Changing secret message back to original form ▪Cleartext data ▪ Data stored or transmitted without encryption What is Cryptography ▪Plaintext ▪ Cleartext data to be encrypted ▪Plaintext data is input into a cryptographic algorithm ▪ Consists of procedures based on a mathematical formula used to encrypt and decrypt the data ▪Key ▪ A mathematical value entered into the algorithm to produce ciphertext (encrypted data) ▪ The reverse process uses the key to decrypt the message Cryptography & Security ▪Cryptography can provide five basic protections ▪ Confidentiality ▪ Ensures only authorized parties can view it ▪ Integrity ▪ Ensures information is correct and unaltered ▪ Availability ▪ Ensures authorized users can access it ▪ Authentication ▪ Ensures sender can be verified through cryptography ▪ Non-repudiation ▪ Proves that a user performed an action Cryptographic Primitives Cryptographic Algorithm ▪A fundamental difference in cryptographic algorithms is the amount of data processed at a time ▪ Stream cipher - takes one character and replaces it with another ▪ Block cipher - manipulates an entire block of plaintext at one time ▪ Sponge function - takes as input a string of any length and returns a string of any requested variable length Block and Stream Ciphers Block Cipher Processes the input one block of elements at a time Produces an output block for each input block Can reuse keys More common Stream Cipher Processes the input elements continuously Produces output one element at a time Primary advantage is that they are almost always faster and use far less code Encrypts plaintext one byte at a time Pseudorandom stream is one that is unpredictable without knowledge of the input key Cryptographic Algorithm ▪Three categories of cryptographic algorithms ▪Hash algorithms ▪Symmetric cryptographic algorithms ▪Asymmetric cryptographic algorithms Hash Algorithm ▪Hash algorithms ▪ It is the most basic type of cryptographic algorithm ▪ Creates a unique “digital fingerprint” of a set of data and is commonly called hashing ▪ This fingerprint, called a digest (sometimes called a message digest or hash), represents the contents ▪ Its contents cannot be used to reveal the original data set ▪ Is primarily used for comparison purposes Hash Algorithm ▪Secure hashing algorithm characteristics: ▪Fixed size ▪ Short and long data sets have the same size hash ▪Unique ▪ Two different data sets cannot produce the same hash ▪Original ▪ Data set cannot be created to have a predefined hash ▪Secure ▪ Resulting hash cannot be reversed to determine original plaintext Hash Algorithm ▪Hashing is used to determine the integrity of a message or the contents of a file ▪Hashed Message Authentication Code (HMAC) ▪A hash variation providing improved security ▪Uses a “shared secret key” possessed by sender and receiver ▪Receiver uses a key to decrypt the hash Hashed Message Authentication Code (HMAC) Most Common hash algorithms ▪Message Digest (MD) ▪ One of the most common one-way hash algorithms ▪ Three different versions ▪Message Digest 2 (MD2) ▪ Takes plaintext of any length and creates a 128-bit hash ▪ Padding is added to make short messages 128 bits ▪ Considered too slow today and rarely used ▪Message Digest 4 (MD4) ▪ Has flaws and was not widely accepted Hash Algorithm ▪Message Digest 5 (MD5) ▪ Designed to address MD4’s weaknesses ▪ Message length padded to 512 bits ▪ Weaknesses in compression function could lead to collisions ▪ Some security experts recommend using a more secure hash algorithm ▪Secure Hash Algorithm (SHA) ▪ More secure than MD ▪ SHA-3 uses a sponge function instead of a stream or block ciphers Hash Algorithm ▪Whirlpool ▪ A recent cryptographic hash function ▪ Adopted by standards organizations, including the International Organization for Standardization (ISO) ▪ Creates a hash of 512 bits ▪Race Integrity Primitives Evaluation Message Digest (RIPEMD) ▪ The primary design feature is two different and independent parallel chains of computation ▪ The results are combined at end of process ▪To be useful for message authentication, a hash function (H) must have the following properties: 1. H can be applied to a block of data of any size. 2. H produces a fixed-length output. 3. H(x) is relatively easy to compute for any given x, making both hardware and software implementations Hash Function practical. Usefulness in 4. For any given code h, it is computationally infeasible to find x such that H(x)=h. A hash function with this Authentication property is called one-way or preimage resistant. 5. For any given block x, finding y ≠ x with H(y) = H(x) is computationally infeasible. A hash function with this property is referred to as second preimage resistant. This is sometimes referred to as weak collision resistant. 6. It is computationally infeasible to find any pair (x, y) such that H(x)=H(y). A hash function with this property is referred to as collision resistant. This is sometimes referred to as strong collision resistant. Hash Function Usefulness in Authentication ▪The first three properties are requirements for applying a hash function to message authentication. ▪The fourth property is the one-way property: It is easy to generate a code given a message but virtually impossible to generate a message given a code. ▪ This property is important if the authentication technique involves the use of a secret value. ▪ The secret value itself is not sent; however, if the hash function is not one way, an attacker can easily discover the secret value: If the attacker can observe or intercept a transmission, the attacker obtains the message M and the hash code MDM = H(K || M || K). ▪ The attacker then inverts the hash function to obtain K || M || K = H-1(MDM). ▪ Because the attacker now has both M and K || M || K, it is a trivial matter to recover K. Hash Function Usefulness in Authentication ▪The fifth property guarantees that it is impossible to find an alternative message with the same hash value as a given message. ▪ This prevents forgery when an encrypted hash code is used. ▪ If this property were not true, an attacker would be capable of the following sequence: First, observe or intercept a message plus its encrypted hash code; second, generate an unencrypted hash code from the message; third, generate an alternate message with the same hash code. ▪A hash function that satisfies the first five properties in the preceding list is referred to as a weak hash function. Hash Function Usefulness in Authentication ▪If the sixth property is also satisfied, then it is referred to as a strong hash function. ▪ A strong hash function protects against an attack in which one party generates a message for another party to sign. ▪ For example, suppose Bob gets to write an IOU message, send it to Alice, and she signs it. ▪ Bob finds two messages with the same hash, one of which requires Alice to pay a small amount and one that requires a large payment. ▪ Alice signs the first message and Bob is then able to claim that the second message is authentic. Security of Hash Function There are two Cryptanalysis Exploit logical weaknesses in the algorithm approaches to attacking Brute-force attack Strength of hash function depends solely on the length of the hash code produced by the a secure hash function: algorithm SHA most widely used hash algorithm Passwords Additional secure hash Hash of a password is stored by an operating system function applications: Intrusion detection Store H(F) for each file on a system and secure the hash values Symmetric Cryptographic Algorithms ▪Symmetric cryptographic algorithms - use the same single key to encrypt and decrypt a document ▪ Original cryptographic algorithms were symmetric ▪ Also called private key cryptography (the key is kept private between sender and receiver) ▪Common algorithms include: ▪ Data Encryption Standard (DES) ▪ Triple Data Encryption Standard (3DES) ▪ Advanced Encryption Standard (AES) ▪ Several other algorithms Symmetric Cryptographic Algorithms ▪Data Encryption Standard (DES) ▪ Originally designed in the early 1970s ▪ Uses a 56-bit key and is a block cipher ▪Triple Data Encryption Standard (3DES) ▪ Designed to replace DES ▪ Uses three rounds of encryption ▪ Ciphertext of the first round becomes the input for the second iteration ▪ Most secure versions use different keys used for each round Symmetric Cryptographic Algorithms ▪Advanced Encryption Standard (AES) ▪A symmetric cipher approved by the NIST in 2000 as a replacement for DES ▪Official encryption standard used by the U.S. government ▪Performs three steps on every block (128 bits) of plaintext ▪Designed to be secure well into the future Symmetric Cryptographic Algorithms ▪Other Algorithms ▪Rivest Cipher (RC) ▪ Family of cipher algorithms designed by Ron Rivest ▪International Data Encryption Algorithm (IDEA) ▪ Used in European nations ▪ Block cipher processing 64 bits with a 128-bit key with 8 rounds ▪Blowfish ▪ Block cipher operating on 64-bit blocks with key lengths from 32-448 bits ▪ No significant weaknesses have been identified Symmetric Cryptographic Algorithms ▪One-time pad (OTP) ▪Creates a truly random key to combine with the plaintext ▪Considered the only known method to perform encryption that cannot be broken mathematically ▪A “pad” is a long sequence of random letters Symmetric Encryption Symmetric Encryption Description Algorithms ▪ Data Encryption This is a legacy algorithm. It uses a short key length that makes it insecure. Standard (DES) This is the replacement for DES and repeats the DES algorithm three times. It ▪ 3DES (Triple DES) should be avoided as it is scheduled to be retired in 2023. If implemented, use very short key lifetimes. ▪ Advanced It offers combinations of 128-, 192-, or 256-bit keys to encrypt 128, 192, or Encryption 256 bit-long data blocks. Standard (AES) ▪ Software-Optimized It is a stream cipher that uses a 160-bit encryption key and has a lower impact Encryption on the CPU compared to other software-based algorithms. Algorithm (SEAL) RC4 is a stream cipher that was used to secure web traffic. It has been found ▪ Rivest ciphers (RC) to have multiple vulnerabilities which have made it insecure. RC4 should not series algorithms be used. Attacking Symmetric Encryption Cryptanalytic Attacks Brute-Force Attacks ⚫ Rely on: ⚫ Try all possible keys on ⚫ Nature of the algorithm some ciphertext until an ⚫ Some knowledge of the general characteristics intelligible translation of the plaintext into plaintext is ⚫ Some sample plaintext-ciphertext pairs obtained ⚫ Exploits the characteristics of the ⚫ On average, half of all possible keys must be tried to achieve algorithm to attempt to deduce a success specific plaintext or the key being used ⚫ If successful, all future and past messages encrypted with that key are compromised Practical Security Issues ▪Typically, symmetric encryption is applied to a unit of data larger than a single 64- bit or 128-bit block ▪Electronic codebook (ECB) mode is the simplest approach to multiple-block encryption ▪ Each block of plaintext is encrypted using the same key ▪ Cryptanalysts may be able to exploit regularities in the plaintext ▪Modes of operation ▪ Alternative techniques developed to increase the security of symmetric block encryption for large sequences ▪ Overcomes the weaknesses of ECB Asymmetric Cryptographic Algorithms ▪Weakness of symmetric algorithms ▪ Distributing and maintaining a secure single key among multiple users distributed geographically ▪Asymmetric cryptographic algorithms ▪ Also known as public key cryptography ▪ Uses two mathematically related keys ▪ Public key available to everyone and freely distributed ▪ Private key known only to individual to whom it belongs Asymmetric Cryptographic Algorithms ▪Important principles ▪ Key pairs ▪ Public key ▪ Private key ▪ Both directions - keys can work in both directions ▪Digital signature - an electronic verification ▪ Verifies the sender ▪ Prevents sender from disowning the message ▪ Proves message integrity Asymmetric Encryption ▪Asymmetric algorithms, also called public-key algorithms, are designed in a way that the encryption and the decryption keys are different. ▪Asymmetric algorithms use a public key and a private key. ▪Both keys can be encrypted, but the complementary paired key is required for decryption. ▪The process is also reversible. ▪Data that is encrypted with the public key requires the private key to decrypt. ▪Asymmetric algorithms achieve confidentiality and authenticity by using this process. ▪Asymmetric encryption can use key lengths between 512 to 4,096 bits. ▪Asymmetric algorithms are substantially slower than symmetric algorithms. Asymmetric Encryption Asymmetric Encryption: Confidentiality ▪Asymmetric algorithms are used to Example: Data exchange between Bob and Alice provide confidentiality without pre- sharing a password. ▪The confidentiality objective of asymmetric algorithms is initiated when the encryption process is started with the public key. ▪The process can be summarized using the formula: Public Key (Encrypt) + Private Key (Decrypt) = Confidentiality ▪When the public key is used to encrypt data, the private key must be used to decrypt Alice acquires and uses Bob decrypts the message data. Bob’s public key to with the private key and as encrypt a message and he is the only one with the ▪Only one host has the private key; then send it to Bob. private key, confidentiality therefore, confidentiality is achieved. is achieved. Asymmetric Encryption: Authentication ▪The authentication objective of asymmetric algorithms is initiated with the private key encryption process. ▪The process can be summarized using the formula: Private Key (Encrypt) + Public Key (Decrypt) = Authentication ▪When the private key is used to encrypt the data, the corresponding public key must be used to decrypt the data. ▪Because only one host has the private key, only that host could have encrypted the message, providing authentication of the sender. ▪When a host successfully decrypts a message using a public key, it is trusted that the private key encrypted the message, which verifies who the sender is. This is a form of authentication. Requirements for Public-Key Cryptosystems ▪Computationally easy to create key pairs ▪Computationally easy for the sender knowing the public key to encrypt messages ▪Computationally easy for receiver knowing the private key to decrypt the ciphertext ▪Computationally infeasible for the opponent to determine the private key from the public key ▪Computationally infeasible for the opponent to otherwise recover the original message ▪Useful if either key can be used for each role Asymmetric Encryption - Authentication Let's see how the private and public keys can be used to provide authentication to the data exchange between Bob and Alice. Alice uses her private key Bob decrypts using the public key Alice encrypts a message using her After Bob obtains Alice’s public key, he uses it to decrypt private key and sends it to Bob. the message and authenticate that it has been received from Alice. Asymmetric Encryption - Integrity Combining the two asymmetric encryption processes provides message confidentiality, authentication, and integrity. In this example, a message will be ciphered using Bob’s public key and a ciphered hash will be encrypted using Alice’s private key. Alice uses Bob’s Public Alice encrypts a Bob uses Alice’s Bob uses his private Key hash using her public key to key to decrypt the private key decrypt the hash message Asymmetric Encryption Algorithms Asymmetric Encryption Key Length Description Algorithms This algorithm allows two parties to agree on a key that they can 512, 1024, use to encrypt messages they want to send to each other. The Diffie-Hellman (DH) 2048, 3072, security depends on the assumption that it is easy to raise a 4096 number to a certain power, but difficult to compute which power was used, given the number and the outcome. Digital Signature It specifies DSA as the algorithm for digital signatures. DSA is a Standard (DSS) and public key algorithm based on the ElGamal signature scheme. 512 – 1024 Digital Signature Signature creation speed is similar to RSA, but is 10 to 40 times Algorithm (DSA) slower for verification. Elliptic curve cryptography can be used to adapt many Elliptic curve 224 or cryptographic algorithms, such as Diffie-Hellman or ElGamal. The techniques higher main advantage of elliptic curve cryptography is that the keys can be much smaller. Asymmetric Encryption ▪RSA ▪ Published in 1977 and patented by MIT in 1983 ▪ Most common asymmetric cryptography algorithm ▪ Uses two large prime numbers ▪ Block cipher in which the plaintext and ciphertext are integers between 0 and n-1 for some n. ▪Elliptic Curve Cryptography (ECC) ▪ Users share one elliptic curve and one point on the curve ▪ Uses less computing power than prime number-based asymmetric cryptography ▪ Key sizes are smaller Asymmetric Encryption ▪Diffie-Hellman Key Exchange Algorithm ▪ Enables two users to securely reach an agreement about a shared secret that can be used as a secret key for subsequent symmetric encryption of messages ▪ Limited to the exchange of the keys ▪Digital Signature Standard (DSS) ▪ Provides only a digital signature function with SHA-1 ▪ Cannot be used for encryption or key exchange Diffie-Hellman Key Exchange Diffie-Hellman (DH) is an asymmetric mathematical algorithm that allows two computers to generate an identical shared secret without having communicated before. ▪The new shared key is never exchanged between the sender and receiver. ▪An encryption algorithm can use the key to encrypt traffic between the two systems as both parties know it. ▪Following are two examples of instances when DH is commonly used: ▪ Data is exchanged using an IPsec VPN ▪ SSH data is exchanged ▪ The security of DH is based on the fact that it uses very large numbers in its calculations. DH operation ▪ Diffie-Hellman uses different DH groups to determine the strength of the key that is used in the key agreement process. The higher group numbers are more secure, but require additional time to compute the key. ▪ The following identifies the DH groups supported by Cisco IOS Software and Diffie-Hellman their associated prime number value: Key Exchange ▪ DH Group 1: 768 bits ▪ DH Group 2: 1024 bits ▪ DH Group 5: 1536 bits ▪ DH Group 14: 2048 bits ▪ DH Group 15: 3072 bits ▪ DH Group 16: 4096 bits Note: A DH key agreement can also be based on elliptic curve cryptography. DH groups 19, 20, and 24, are supported by Cisco IOS Software. ▪ NIST FIPS PUB 186-4 defines a digital signature as: ▪ “The result of a cryptographic transformation of data that, when properly implemented, provides a mechanism for verifying origin authentication, data integrity and signatory non-repudiation.” ▪ Thus, a digital signature is a data-dependent bit pattern generated by an agent as a function of a file, message, or other form of data block ▪ Digital signatures are a mathematical technique used to provide authenticity, integrity, and nonrepudiation. ▪ Digital signatures use asymmetric cryptography. Public Key ▪ Digital signatures are commonly used in the following two situations: Cryptography Using ▪ Code signing - Code signing is used to verify the integrity of executable files downloaded from a vendor website. It also uses signed digital Digital Signatures certificates to authenticate and verify the identity of the site that is the source of the files. ▪ Digital certificates - These are used to authenticate the identity of a system with a vendor website and establish an encrypted connection to exchange confidential data. ▪ The Digital Signature Standard (DSS) algorithms used for generating and verifying digital signatures are: ▪ Digital Signature Algorithm (DSA) ▪ Rivest-Shamir Adelman Algorithm (RSA) ▪ Elliptic Curve Digital Signature Algorithm (ECDSA) How a Digital Signature Works Digital Signatures for Code Signing Digital signatures are commonly used to provide assurance of the authenticity and integrity of software code. Executable files are wrapped in a digitally signed envelope, which allows the end user to verify the signature before installing the software. The code is authentic and is actually sourced by the publisher. Digitally signing code provides several The code has not been modified since it left the software publisher. assurances about the code: The publisher undeniably published the code. This provides nonrepudiation of the act of publishing. The purpose of digitally signed software is to ensure that the software has not been tampered with, and that it originated from the trusted source as claimed. Digital Signatures for Code Signing The properties of a file that has a digitally signed certificate are as follows: Properties Description This executable file was downloaded from the internet File Properties and it contains a software tool from Cisco Systems. This tab reveals that the file is from a trusted Digital Signatures organization, Cisco Systems Inc. This window reveals that the file was signed by Cisco Digital Signatures Systems, Inc mentioning the given year, month and Details time. The General tab provides information such as who the Certificate certificate was issued to, and who issued the Information certificate. It also displays the period for which the certificate is valid. In this tab, you can see the file was signed by Cisco Certificate Path Systems, as verified to DigiCert. Digital Signatures for Digital Certificates ▪ A digital certificate enables users, hosts, and organizations to securely exchange information over the Internet. ▪ It is used to authenticate and verify that a user sending a message is who they claim to be. ▪ Digital certificates can also provide confidentiality for the receiver with the means to encrypt a reply. ▪ Digital certificates are similar to physical certificates. ▪ Digital certificate independently verifies an identity. ▪ In other words, a certificate verifies an identity, and a signature verifies information from an identity. Digital Signatures for Digital Certificates ▪ This scenario will help you understand how a digital signature is used. ▪ Bob is confirming an order with Alice, which she is ordering from Bob’s website. ▪ Bob confirms the order, and his computer creates a hash of the confirmation. ▪ The computer encrypts the hash with Bob's private key. ▪ The encrypted hash, which is the digital signature, is added to the document. ▪ The order confirmation is then sent to Alice over the Internet. Digital Signatures for Digital Certificates ▪ When Alice receives the digital signature, the following process occurs: ▪ Alice's receiver accepts the order confirmation with the digital signature and obtains Bob's public key. ▪ Alice's computer then decrypts the signature using Bob's public key, which reveals the assumed hash value of the sending device. ▪ Alice's computer creates a hash of the received document without its signature and compares it to the decrypted hash. ▪ If the hashes match, the document is authentic. This means the confirmation was sent by Bob and has not changed since signing. Asymmetric Key Solutions ▪The SSL Handshake Protocol consists of two phases: server authentication and an optional client authentication ▪Digital signatures verify a person’s identity or that person’s association with a message ▪A certificate authority (CA) vouches for the validity of a credential, and maintains a list of invalid, or revoked, certificates in either a certificate revocations list (CRL) or by maintaining the data to support the newer online certificate status protocol (OCSP) Public Key Management When establishing an asymmetric connection between two hosts, the hosts will exchange their public key information. Trusted third parties on the Internet validate the authenticity of these public keys using digital certificates. The third-party issues credentials that are difficult to forge. From that point forward, all individuals who trust the third party simply accept the credentials that the third-party issues. The Public Key Infrastructure (PKI) consists of specifications, systems, and tools that are used to create, manage, distribute, use, store, Illustrates how a driver’s license is and revoke digital certificates. analogous to a digital certificate The Certificate Authority (CA) creates digital certificates by tying a public key to a confirmed identify, such as a website or individual. The Public Key Infrastructure PKI is needed to support large-scale distribution and identification of public encryption keys. The PKI framework facilitates a highly scalable trust relationship. It consists of the hardware, software, people, policies, and procedures needed to create, manage, store, distribute, and revoke digital certificates. The figure shows the main elements of the PKI. The Public Key Infrastructure The below figure shows how the elements of the PKI interoperate: Note: Not all PKI certificates are directly received from a CA. A Registration Authority (RA) is a subordinate CA and is certified by a root CA to issue certificates for specific uses. The PKI Authorities System Class Description Many vendors provide CA servers as a Used for testing in situations in which managed service or as an end-user 0 no checks have been performed. product. Used by individuals who require Organizations may also implement private 1 verification of email. PKIs using Microsoft Server or Open SSL. Used by organizations for which proof of CAs issue certificates based on classes 2 identity is required. which determine how trusted a certificate 3 Used for servers and software signing. is. Used for online business transactions 4 The class number is determined by how between companies. rigorous the procedure was that verified Used for private organizations or the identity of the holder when the 5 government security. certificate was issued. The higher the class number, the more Note: An enterprise can also implement trusted the certificate. PKI for internal use. PKI can be used to Some CA public keys are preloaded, such authenticate employees who are accessing as those listed in web browsers. the network. In this case, the enterprise is its own CA. The PKI Trust System PKIs can form different topologies of trust, which are as follows: Single-Root PKI Topology: The simplest is the single-root PKI topology. The root CA issues all the certificates to the end users within the same organization. On larger networks, PKI CAs may be linked using two basic architectures: Cross-certified CA topologies: A peer-to-peer model in which individual CAs establish trust relationships with other CAs by cross-certifying CA certificates. Hierarchical CA topologies: The root CA (highest level CA), can issue certificates to end users and to a subordinate CA. Single-Root PKI Cross-certified CA Hierarchical CA Topologies Topology Topologies Interoperability of Different PKI Vendors Interoperability between a PKI and its supporting services is a concern because many CA vendors have proposed and implemented proprietary solutions. To address this interoperability concern, the IETF published the Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework (RFC 2527). The X.509 version 3 (X.509 v3) standard defines the format of a digital certificate. Note: LDAP and X.500 are protocols that are used to query a directory service, such as Microsoft Active Directory, to verify a username and password. X.509v3 Applications Certificate Enrollment, Authentication and Revocation All systems that leverage the PKI must have the CA’s public key, the self-signed certificate. The CA public key verifies all the certificates issued by the CA and is vital for the proper operation of the PKI. The certificate enrollment process is used by a host system to enroll with a PKI. To do so, CA certificates are retrieved in-band over a network, and the authentication is done out- of-band (OOB) using the telephone. The system enrolling with the PKI contacts a CA to request and obtain a digital identity certificate for itself and to get the CA’s self-signed certificate. The final stage verifies that the CA certificate is authentic and is performed using an out- of-band method such as the POTS to obtain the fingerprint of the valid CA identity certificate. A digital certificate can be revoked if the key is compromised or no longer needed. Note: Only a root CA can issue a self-signed certificate that is recognized or verified by other CAs within the PKI. Key Distribution Centers ▪Rather than each organization creating the infrastructure to manage its own keys, a number of hosts could agree to trust a common key distribution center (KDC) ▪All parties must trust the KDC ▪With a KDC, each entity requires only one secret key pair— between itself and the KDC ▪Kerberos and ANSI X9.17 use the concept of a KDC Encryption Through Software ▪File and File System Cryptography ▪ Encryption software can be used to encrypt or decrypt files one-by-one ▪Protecting groups of files through file system cryptography can be performed using: ▪ Pretty Good Privacy (PGP) ▪ Widely used asymmetric cryptography system ▪ Used for files and e-mails on Windows systems ▪ GNU Privacy Guard (GPG) ▪ Runs on Windows, UNIX, and Linux operating systems Encryption Through Software ▪Microsoft Windows Encrypting File System (EFS) ▪ Cryptography system for Windows ▪ Uses NTFS file system ▪ Tightly integrated with the file system ▪ Encryption and decryption are transparent to the user ▪ Users can set encryption attribute for a file in the Advanced Attributes dialog box ▪ Storing the file in a file folder set for encryption will automatically encrypt the file ▪ Use the Cipher.exe command-line utility to encrypt files Encryption Through Software ▪Whole disk encryption ▪ Protects all data on a hard drive ▪ Example: BitLocker drive encryption software that is included in Microsoft Windows ▪ BitLocker encrypts the entire system volume, including the Windows Registry ▪ Prevents attackers from accessing data by booting from another OS or placing the hard drive in another computer Encryption Through Hardware ▪Software encryption can be subject to attacks to exploit its vulnerabilities ▪Cryptography can be embedded in hardware ▪ Provides a higher degree of security ▪ Can be applied to USB devices and standard hard drives ▪Hardware encryption options include: ▪ Trusted platform module ▪ Hardware security model Encryption Through Hardware ▪USB device encryption ▪Encrypted hardware-based flash drives can be used ▪ Will not connect a computer until correct password has been provided ▪ All data copied to the drive is automatically encrypted ▪ Tamper-resistant external cases ▪ Administrators can remotely control and track activity on the devices ▪ Stolen drives can be remotely disabled Encryption Through Hardware ▪Hard disk drive encryption ▪Self-encrypting hard disk drives protect all files stored on them ▪The drive and host device perform authentication process during initial power up ▪If authentication fails, the drive can be configured to deny access or even delete encryption keys so all data is permanently unreadable Encryption Through Hardware ▪Trusted Platform Module (TPM) ▪ A chip on a computer’s motherboard that provides cryptographic services ▪ Includes a true random number generator ▪ Entirely done in hardware so it cannot be subject to software attack ▪ Prevents computer from booting if files or data have been altered ▪ Prompts for password if hard drive moved to a new computer Encryption Through Hardware ▪Hardware Security Module (HSM) ▪ A secure cryptographic processor ▪ Includes an onboard key generator and key storage facility ▪ Performs accelerated symmetric and asymmetric encryption ▪ Can provide services to multiple devices over a LAN Cryptographic Applications and Uses in Information System Security ▪Security management products include tools for enterprise security management, configuration and patch management, and security policy development ▪Wireless security tools encrypt data to protect them in transit and to limit access to authorized people ▪Encryption tools include line encryption, database security products, virtual private networks (VPNs), public key infrastructure (PKI), and crypto accelerators Wireless Security ▪Wireless products have built-in security, the default configuration generally doesn’t enable it; they expect customers to enable it ▪802.11 wireless security (Wi-Fi) provides wireless communications at transmission speeds from 11 Mbps for 802.11b, to over 780 Mbps for 802.11ac, and 100 Gbps for 802.11ay ▪802.11 wireless protocols allow encryption through Wired Equivalent Privacy (WEP) or Wi-Fi Protected Access (WPA) ▪ WEP has limitations and shouldn’t be used Principles of Certificates and Key Management “The best key management system in the world does not protect against a brilliant cryptanalyst if the encryption algorithm itself has any weaknesses.” Modern Key Management Techniques Advanced Encryption Standard (AES) Internet Protocol Security (IPSec) The Internet Security Association and Key Management Protocol (ISAKMP) Extensible Markup Language (XML) key management specification (XKMS) Managed public key infrastructure (PKI) American National Standards Institute (ANSI) X9.17 Summary ▪Cryptography is the science of transforming information into a secure form while being transmitted or stored ▪Hashing creates a unique digital fingerprint that represents contents of original material ▪ Used only for comparison ▪Symmetric cryptography uses a single key to encrypt and decrypt a message ▪ Stream ciphers and block ciphers Summary ▪Asymmetric cryptography ▪ Public key cryptography ▪ Uses two keys: public key and private key ▪Cryptography can be applied through hardware or software ▪Hardware encryption cannot be exploited like software cryptography Questions?