Chapter 2_c2ea62b2604520c517e681fe4fc8d24b.pdf

Full Transcript

Computer Security: Principles and Practice
Fifth Edition

Chapter 2
Cryptographic Tools

Copyright © 2024, 2018, 2015 Pearson Education, Inc. All Rights Reserved
Symmetric Encryption

The universal technique for providing confidentiality for
transmitted or stored data
Also referred to as conventional encryption or single-key
encryption
Two requirements for secure use:
Need a strong encryption algorithm
Sender and receiver must have obtained copies of the
secret key in a secure fashion and must keep the key secure
Figure 2.1 Simplified Model of
Symmetric Encryption
Attacking Symmetric Encryption
Brute-Force Attacks
Cryptanalytic Attacks
Try all possible keys on some
Rely on:
ciphertext until an intelligible
Nature of the algorithm translation into plaintext is
Some knowledge of the general obtained
characteristics of the plaintext On average half of all
Some sample plaintext-ciphertext possible keys must be tried
pairs to achieve success
Exploits the characteristics of the
algorithm to attempt to deduce a
specific plaintext or the key being
used
If successful all future and past
messages encrypted with that key
are compromised
Table 2.1

Comparison of Three Popular Symmetric Encryption Algorithms

B nkla

DES Triple DES AES
Plaintext block size (bits) 64 64 128
Ciphertext block size (bits) 64 64 128
Key size (bits) 56 112 or 168 128, 192, or 256

DES = Data Encryption Standard
AES = Advanced Encryption Standard
Data Encryption Standard (DES)

For many years was the most widely used encryption scheme
FIPS UB 46
Referred to as the Data Encryption Algorithm (DEA)
Uses 64 bit plaintext block and 56 bit key to produce a
64 bit ciphertext block
Strength concerns:
Concerns about the algorithm itself
DES is the most studied encryption algorithm in
existence
Concerns about the use of a 56-bit key
The speed of commercial off-the-shelf processors
makes this key length woefully inadequate
Table 2.2
Average Time Required for Exhaustive Key Search

Key Size Number of Time Required at Time Required at
d e c r y p tio n s /  s d e c r y p tio n s /  s
9 13
10
1 0 o
t openith w erd ecryptio m
ernsp oicr eco
s dn s 1 0 o
t 1
eth 3 op w erd ecryptio m
ernsp oicr eco
s dn s

(bits) Alternative 10

Cipher 2 Keys
7. 2 1 0
56 16
2
55
s  1. 1 2 5 y e a rs

56 DES 2
128
 3. 4 1 0 38
2 o
t 5
eth 6 op w orpea xim elyqu
at als7.2 tim 1
es 0 o
t 1
eth 6 op w er

2
127
s  5. 3  1 0
2 o
t 5
eth 5 op w erm oicr o
ecs dn sequ als1.1 2 5 rsyea

21
y e a rs
15hour. 3 1 0
17
y e a rs

128 AES 2
168
 3. 7 1 0 50
2 o
t 1
eth 2 8 op w orpea xim elyqu
at als3.4 tim 1
es 0 o
t 3
eth 8 op w er

2
167
s  5. 8  1 0
2 o
t 1
eth 2 7 op w erm oicr o
ecs dn sequ als5.3 tim 1
es 0 o
t 2
eth 1 op w rseya

33
y e a rs 5.8 1 0 29
5.3 tim es1 0 o
t e1

y e a rs
th 7 op w rseya

168 Triple DES 2
192
 6. 3 1 0 57
2 o
t 1
eth 6 8 op w orpea xim elyqu
at als3.7 tim 1
es 0 o
t 5
eth 0 op w er

2
191
s  9. 8  1 0
2 o
t 1
eth 6 7 op w erm oicr o
ecs dn sequ als5.8 tim 1
es 0 o
t 3
eth 3 op w rseya

40
y e a rs 9.8 1 0 36
5.8 tim es1 0 o
t e2

y e a rs
th 9 op w rseya

192 AES 2
256
 1. 2 1 0 77
2 o
t 1
eth 9 2 op w orpea xim elyqu
at als6.3 tim 1
es 0 o
t 5
eth 7 op w er

2
255
s  1. 8  1 0
2 o
t 1
eth 9 1 op w erm oicr o
ecs dn sequ als9.8 tim 1
es 0 o
t 4
eth 0 op w rseya
60
y e a rs 1.8 1 0 56
9.8 tim es1 0 o
t e3

y e a rs
th 6 op w rseya

256 AES 2 o
t 2
eth 5 6 op w orpea xim elyqu
at als1.2 tim 1
es 0 o
t 7
eth 7 op w er 2 o
t 2
eth 5 5 op w erm oicr o
ecs dn sequ als1.8 tim 1
es 0 o
t 6
eth 0 op w rseya 1.8 tim es1 0 o
t e5
th 6 op w rseya
Triple D E S (3 D E S)

Repeats basic DES algorithm three times using either
two or three unique keys
First standardized for use in financial applications in
ANSI standard X9.17 in 1985
Attractions:
168-bit key length overcomes DES’s
vulnerability to brute-force attack
Underlying encryption algorithm is the same as
in DES
Drawbacks:
Algorithm is sluggish in software
Uses a 64-bit block size
Advanced Encryption
Standard (A E S)
Needed a replacement for 3 D E S
3 D E S was not reasonable for long-term use
N I S T called for proposals for a new A E S in
1997
Would have a security strength equal to or
better than 3 D E S
Would significantly improve efficiency
Symmetric block cipher
128 bit data and 128/192/256 bit keys
Selected Rijndael in November 2001
Published as F I P S 197
Practical Security Issues

Typically symmetric encryption is applied to a unit of data larger than
a single 64-bit or 128-bit block
Electronic codebook (ECB) mode is the simplest approach to multiple-
block encryption
Each block of plaintext is encrypted using the same key
Cryptanalysts may be able to exploit regularities in the plaintext
Modes of operation
Alternative techniques developed to increase the security of
symmetric block encryption for large sequences
Overcome the weaknesses of ECB
Types of Symmetric Encryption

Figure 2.2
Block & Stream Ciphers

Block Cipher Stream Cipher

Processes the input one block of Processes the input elements
elements at a time continuously
Produces an output block for each input Produces output one element at a time
block Encrypts plaintext one byte at a time
More common Pseudorandom stream is one that is
Can reuse keys unpredictable without knowledge of the
input key
Primary advantage is that they are
almost always faster and use far less
code
Message Authentication

Protects against active attacks

Verifies received message is authentic
Contents have not been altered
From authentic source
Timely and in correct sequence

Can use conventional encryption
Only sender and receiver share a key
Message Authentication Without
Confidentiality
Message encryption by itself does not provide a secure form of authentication
It is possible to combine authentication and confidentiality in a single algorithm by encrypting
a message plus its authentication tag
Typically message authentication is provided as a separate function from message encryption
Situations in which message authentication without confidentiality may be preferable include:
There are a number of applications in which the same message is broadcast to a number of
destinations
An exchange in which one side has a heavy load and cannot afford the time to decrypt all
incoming messages
Authentication of a computer program in plaintext is an attractive service
Thus, there is a place for both authentication and encryption in meeting security requirements
Message Authentication
Using a Message
Authentication Code (M A
C)

Figure 2.3
To Be Useful for Message Authentication, a Hash
Function H Must Have the Following Properties:

Can be applied to a block of data of any size
Produces a fixed-length output

H (x) is relatively easy to compute for any given x
One-way or pre-image resistant
Computationally infeasible to find x such that H (x) h
Computationally infeasible to find y  x s u c h th a t H ( y ) H(x)

Collision resistant or strong collision resistance
Computationally infeasible to find any pair (x, y) such that
H(x)  H (y )
Security of Hash Functions
There are two approaches to attacking a secure hash function:
Cryptanalysis
Exploit logical weaknesses in the algorithm
Brute-force attack
Strength of hash function depends solely on the length of the hash
code produced by the algorithm
SHA most widely used hash algorithm
Additional secure hash function applications:
Passwords
Hash of a password is stored by an operating system
Intrusion detection

Store H (F ) for each file on a system and secure the hash
values
Public-Key
Encryption Structure

Publicly proposed by Diffie and
Hellman in 1976
Based on mathematical functions
Asymmetric
Uses two separate keys
Public key and private key
Public key is made public for
others to use
Some form of protocol is needed for
distribution
Figure 2.6 (1 of 2)
Public-Key Cryptography

Readable message or data that
Plaintext is fed into the algorithm as
input

Encryption Performs transformations on the
algorithm plaintext

Public and Pair of keys, one for encryption,
private key one for decryption

Scrambled message produced as
Ciphertext output

Decryption Produces the original plaintext
key
Figure 2.6 (2 of 2)
Public-Key Cryptography

User encrypts data using their own private key
Anyone who knows the corresponding public key will be able to
decrypt the message
Applications for Public-
Key Cryptosystems Digital Symmetric Key Encryption of
Algorithm Signature Distribution Secret Keys
RSA Yes Yes Yes
Table 2.3 Diffie– No Yes No
Hellman
DSS Yes No No
Elliptic Yes Yes Yes
Curve
Requirements for Public-Key Cryptosystems

Computationally easy to create key pairs

Useful if either key can Computationally easy for
be used for each role sender knowing public
key to encrypt messages

Computationally infeasible
for opponent to otherwise Computationally easy for
recover original message receiver knowing private
key to decrypt ciphertext

Computationally infeasible for opponent to
determine private key from public key
Asymmetric Encryption Algorithms (1 of 2)

RSA (Rivest, Shamir, Adleman)
Developed in 1977
Most widely accepted and implemented approach to public-
key encryption
Block cipher in which the plaintext and ciphertext are
integers between 0 and n 1 for some n.
Diffie-Hellman key exchange algorithm
Enables two users to securely reach agreement about a
shared secret that can be used as a secret key for
subsequent symmetric encryption of messages
Limited to the exchange of the keys
Asymmetric Encryption
Algorithms (2 of 2)

Digital Signature Standard (D S S)
Provides only a digital
signature function with S H A
-1
Cannot be used for encryption
or key exchange
Elliptic curve cryptography (E C C)
Security like R S A, but with
much smaller keys
 NIST FIPS 186-4 defines a digital signature as:
”The result of a cryptographic
transformation of data that, when properly
implemented, provides a mechanism for
verifying origin authentication, data
integrity, and signatory non-repudiation.”
Digital Thus, a digital signature is a data-dependent bit
pattern generated by an agent as a function of a
Signature file, message, or other form of data block
FIPS 186-4 specifies the use of one of three
digital signature algorithms:
Digital Signature Algorithm (DSA)
RSA Digital Signature Algorithm
Elliptic Curve Digital Signature Algorithm (E
CDSA)
 Simplified Depiction of
Essential Elements of
Digital Signature Process

Figure 2.7
Figure 2.8
Public-Key Certificate Use
 Uses include generation of:
Keys for public-key algorithms
Stream key for symmetric stream
cipher
Random Symmetric key for use as a
Numbers temporary session key or in
creating a digital envelope
Handshaking to prevent replay
attacks
Session key
Random Number Requirements
Randomness Unpredictability
Criteria: Each number is statistically
Uniform distribution independent of other numbers
in the sequence
Frequency of occurrence of
each of the numbers should be Opponent should not be able to
approximately the same predict future elements of the
sequence on the basis of
Independence
earlier elements
No one value in the sequence
can be inferred from the
others
 Cryptographic applications typically make use of
algorithmic techniques for random number
generation
Algorithms are deterministic and therefore produce sequences of
numbers that are not statistically random

Pseudorandom numbers are:
Random Versus
Pseudorandom Sequences produced that satisfy statistical randomness tests
Likely to be predictable

True random number generator (T R N G):

Uses a nondeterministic source to produce randomness
Most operate by measuring unpredictable natural processes
e.g. radiation, gas discharge, leaky capacitors
Increasingly provided on modern processors
 Common to encrypt transmitted data

Practical Much less common for stored data

There is often little protection beyond domain
Application: authentication and operating system access controls

Encryption of Data are archived for indefinite periods
Even though erased, until disk sectors are reused data
Stored Data are recoverable

Approaches to encrypt stored data:

Use a commercially available encryption package
Back-end appliance
Library based tape encryption
Background laptop/P C data encryption
Summary (1 of 3)
Confidentiality with symmetric encryption
Symmetric encryption
Symmetric block encryption algorithms
Stream ciphers
Message authentication and hash functions
Authentication using symmetric encryption
Message authentication without message encryption
Secure hash functions
Other applications of hash functions
Summary (2 of 3)
Public-key encryption
Structure
Applications for public-key cryptosystems
Requirements for public-key cryptography
Asymmetric encryption algorithms
Digital signatures and key management
Digital signature
Public-key certificates
Symmetric key exchange using public-key encryption
Digital envelopes
Summary (3 of 3)
Random and pseudorandom numbers
The use of random numbers
Random versus pseudorandom
Practical Application: Encryption of Stored Data
Copyright

This work is protected by United States copyright laws and is
provided solely for the use of instructors in teaching their
courses and assessing student learning. Dissemination or sale
of any part of this work (including on the World Wide Web)
will destroy the integrity of the work and is not permitted.
The work and materials from it should never be made
available to students except by instructors using the
accompanying text in their classes. All recipients of this
work are expected to abide by these restrictions and to honor
the intended pedagogical purposes and the needs of other
instructors who rely on these materials.