Chapter 2_c2ea62b2604520c517e681fe4fc8d24b.pdf

Full Transcript

Computer Security: Principles and Practice Fifth Edition Chapter 2 Cryptographic Tools Copyright © 2024, 2018, 2015 Pearson Education, Inc. All Rights Reserved Symmetric Encryption The universal technique for providing conf...

Computer Security: Principles and Practice Fifth Edition Chapter 2 Cryptographic Tools Copyright © 2024, 2018, 2015 Pearson Education, Inc. All Rights Reserved Symmetric Encryption The universal technique for providing confidentiality for transmitted or stored data Also referred to as conventional encryption or single-key encryption Two requirements for secure use: Need a strong encryption algorithm Sender and receiver must have obtained copies of the secret key in a secure fashion and must keep the key secure Figure 2.1 Simplified Model of Symmetric Encryption Attacking Symmetric Encryption Brute-Force Attacks Cryptanalytic Attacks Try all possible keys on some Rely on: ciphertext until an intelligible Nature of the algorithm translation into plaintext is Some knowledge of the general obtained characteristics of the plaintext On average half of all Some sample plaintext-ciphertext possible keys must be tried pairs to achieve success Exploits the characteristics of the algorithm to attempt to deduce a specific plaintext or the key being used If successful all future and past messages encrypted with that key are compromised Table 2.1 Comparison of Three Popular Symmetric Encryption Algorithms B nkla DES Triple DES AES Plaintext block size (bits) 64 64 128 Ciphertext block size (bits) 64 64 128 Key size (bits) 56 112 or 168 128, 192, or 256 DES = Data Encryption Standard AES = Advanced Encryption Standard Data Encryption Standard (DES) For many years was the most widely used encryption scheme FIPS UB 46 Referred to as the Data Encryption Algorithm (DEA) Uses 64 bit plaintext block and 56 bit key to produce a 64 bit ciphertext block Strength concerns: Concerns about the algorithm itself DES is the most studied encryption algorithm in existence Concerns about the use of a 56-bit key The speed of commercial off-the-shelf processors makes this key length woefully inadequate Table 2.2 Average Time Required for Exhaustive Key Search Key Size Number of Time Required at Time Required at d e c r y p tio n s /  s d e c r y p tio n s /  s 9 13 10 1 0 o t openith w erd ecryptio m ernsp oicr eco s dn s 1 0 o t 1 eth 3 op w erd ecryptio m ernsp oicr eco s dn s (bits) Alternative 10 Cipher 2 Keys 7. 2 1 0 56 16 2 55 s  1. 1 2 5 y e a rs 56 DES 2 128  3. 4 1 0 38 2 o t 5 eth 6 op w orpea xim elyqu at als7.2 tim 1 es 0 o t 1 eth 6 op w er 2 127 s  5. 3  1 0 2 o t 5 eth 5 op w erm oicr o ecs dn sequ als1.1 2 5 rsyea 21 y e a rs 15hour. 3 1 0 17 y e a rs 128 AES 2 168  3. 7 1 0 50 2 o t 1 eth 2 8 op w orpea xim elyqu at als3.4 tim 1 es 0 o t 3 eth 8 op w er 2 167 s  5. 8  1 0 2 o t 1 eth 2 7 op w erm oicr o ecs dn sequ als5.3 tim 1 es 0 o t 2 eth 1 op w rseya 33 y e a rs 5.8 1 0 29 5.3 tim es1 0 o t e1 y e a rs th 7 op w rseya 168 Triple DES 2 192  6. 3 1 0 57 2 o t 1 eth 6 8 op w orpea xim elyqu at als3.7 tim 1 es 0 o t 5 eth 0 op w er 2 191 s  9. 8  1 0 2 o t 1 eth 6 7 op w erm oicr o ecs dn sequ als5.8 tim 1 es 0 o t 3 eth 3 op w rseya 40 y e a rs 9.8 1 0 36 5.8 tim es1 0 o t e2 y e a rs th 9 op w rseya 192 AES 2 256  1. 2 1 0 77 2 o t 1 eth 9 2 op w orpea xim elyqu at als6.3 tim 1 es 0 o t 5 eth 7 op w er 2 255 s  1. 8  1 0 2 o t 1 eth 9 1 op w erm oicr o ecs dn sequ als9.8 tim 1 es 0 o t 4 eth 0 op w rseya 60 y e a rs 1.8 1 0 56 9.8 tim es1 0 o t e3 y e a rs th 6 op w rseya 256 AES 2 o t 2 eth 5 6 op w orpea xim elyqu at als1.2 tim 1 es 0 o t 7 eth 7 op w er 2 o t 2 eth 5 5 op w erm oicr o ecs dn sequ als1.8 tim 1 es 0 o t 6 eth 0 op w rseya 1.8 tim es1 0 o t e5 th 6 op w rseya Triple D E S (3 D E S) Repeats basic DES algorithm three times using either two or three unique keys First standardized for use in financial applications in ANSI standard X9.17 in 1985 Attractions: 168-bit key length overcomes DES’s vulnerability to brute-force attack Underlying encryption algorithm is the same as in DES Drawbacks: Algorithm is sluggish in software Uses a 64-bit block size Advanced Encryption Standard (A E S) Needed a replacement for 3 D E S 3 D E S was not reasonable for long-term use N I S T called for proposals for a new A E S in 1997 Would have a security strength equal to or better than 3 D E S Would significantly improve efficiency Symmetric block cipher 128 bit data and 128/192/256 bit keys Selected Rijndael in November 2001 Published as F I P S 197 Practical Security Issues Typically symmetric encryption is applied to a unit of data larger than a single 64-bit or 128-bit block Electronic codebook (ECB) mode is the simplest approach to multiple- block encryption Each block of plaintext is encrypted using the same key Cryptanalysts may be able to exploit regularities in the plaintext Modes of operation Alternative techniques developed to increase the security of symmetric block encryption for large sequences Overcome the weaknesses of ECB Types of Symmetric Encryption Figure 2.2 Block & Stream Ciphers Block Cipher Stream Cipher Processes the input one block of Processes the input elements elements at a time continuously Produces an output block for each input Produces output one element at a time block Encrypts plaintext one byte at a time More common Pseudorandom stream is one that is Can reuse keys unpredictable without knowledge of the input key Primary advantage is that they are almost always faster and use far less code Message Authentication Protects against active attacks Verifies received message is authentic Contents have not been altered From authentic source Timely and in correct sequence Can use conventional encryption Only sender and receiver share a key Message Authentication Without Confidentiality Message encryption by itself does not provide a secure form of authentication It is possible to combine authentication and confidentiality in a single algorithm by encrypting a message plus its authentication tag Typically message authentication is provided as a separate function from message encryption Situations in which message authentication without confidentiality may be preferable include: There are a number of applications in which the same message is broadcast to a number of destinations An exchange in which one side has a heavy load and cannot afford the time to decrypt all incoming messages Authentication of a computer program in plaintext is an attractive service Thus, there is a place for both authentication and encryption in meeting security requirements Message Authentication Using a Message Authentication Code (M A C) Figure 2.3 To Be Useful for Message Authentication, a Hash Function H Must Have the Following Properties: Can be applied to a block of data of any size Produces a fixed-length output H (x) is relatively easy to compute for any given x One-way or pre-image resistant Computationally infeasible to find x such that H (x) h Computationally infeasible to find y  x s u c h th a t H ( y ) H(x) Collision resistant or strong collision resistance Computationally infeasible to find any pair (x, y) such that H(x)  H (y ) Security of Hash Functions There are two approaches to attacking a secure hash function: Cryptanalysis Exploit logical weaknesses in the algorithm Brute-force attack Strength of hash function depends solely on the length of the hash code produced by the algorithm SHA most widely used hash algorithm Additional secure hash function applications: Passwords Hash of a password is stored by an operating system Intrusion detection Store H (F ) for each file on a system and secure the hash values Public-Key Encryption Structure Publicly proposed by Diffie and Hellman in 1976 Based on mathematical functions Asymmetric Uses two separate keys Public key and private key Public key is made public for others to use Some form of protocol is needed for distribution Figure 2.6 (1 of 2) Public-Key Cryptography Readable message or data that Plaintext is fed into the algorithm as input Encryption Performs transformations on the algorithm plaintext Public and Pair of keys, one for encryption, private key one for decryption Scrambled message produced as Ciphertext output Decryption Produces the original plaintext key Figure 2.6 (2 of 2) Public-Key Cryptography User encrypts data using their own private key Anyone who knows the corresponding public key will be able to decrypt the message Applications for Public- Key Cryptosystems Digital Symmetric Key Encryption of Algorithm Signature Distribution Secret Keys RSA Yes Yes Yes Table 2.3 Diffie– No Yes No Hellman DSS Yes No No Elliptic Yes Yes Yes Curve Requirements for Public-Key Cryptosystems Computationally easy to create key pairs Useful if either key can Computationally easy for be used for each role sender knowing public key to encrypt messages Computationally infeasible for opponent to otherwise Computationally easy for recover original message receiver knowing private key to decrypt ciphertext Computationally infeasible for opponent to determine private key from public key Asymmetric Encryption Algorithms (1 of 2) RSA (Rivest, Shamir, Adleman) Developed in 1977 Most widely accepted and implemented approach to public- key encryption Block cipher in which the plaintext and ciphertext are integers between 0 and n 1 for some n. Diffie-Hellman key exchange algorithm Enables two users to securely reach agreement about a shared secret that can be used as a secret key for subsequent symmetric encryption of messages Limited to the exchange of the keys Asymmetric Encryption Algorithms (2 of 2) Digital Signature Standard (D S S) Provides only a digital signature function with S H A -1 Cannot be used for encryption or key exchange Elliptic curve cryptography (E C C) Security like R S A, but with much smaller keys NIST FIPS 186-4 defines a digital signature as: ”The result of a cryptographic transformation of data that, when properly implemented, provides a mechanism for verifying origin authentication, data integrity, and signatory non-repudiation.” Digital Thus, a digital signature is a data-dependent bit pattern generated by an agent as a function of a Signature file, message, or other form of data block FIPS 186-4 specifies the use of one of three digital signature algorithms: Digital Signature Algorithm (DSA) RSA Digital Signature Algorithm Elliptic Curve Digital Signature Algorithm (E CDSA) Simplified Depiction of Essential Elements of Digital Signature Process Figure 2.7 Figure 2.8 Public-Key Certificate Use Uses include generation of: Keys for public-key algorithms Stream key for symmetric stream cipher Random Symmetric key for use as a Numbers temporary session key or in creating a digital envelope Handshaking to prevent replay attacks Session key Random Number Requirements Randomness Unpredictability Criteria: Each number is statistically Uniform distribution independent of other numbers in the sequence Frequency of occurrence of each of the numbers should be Opponent should not be able to approximately the same predict future elements of the sequence on the basis of Independence earlier elements No one value in the sequence can be inferred from the others Cryptographic applications typically make use of algorithmic techniques for random number generation Algorithms are deterministic and therefore produce sequences of numbers that are not statistically random Pseudorandom numbers are: Random Versus Pseudorandom Sequences produced that satisfy statistical randomness tests Likely to be predictable True random number generator (T R N G): Uses a nondeterministic source to produce randomness Most operate by measuring unpredictable natural processes e.g. radiation, gas discharge, leaky capacitors Increasingly provided on modern processors Common to encrypt transmitted data Practical Much less common for stored data There is often little protection beyond domain Application: authentication and operating system access controls Encryption of Data are archived for indefinite periods Even though erased, until disk sectors are reused data Stored Data are recoverable Approaches to encrypt stored data: Use a commercially available encryption package Back-end appliance Library based tape encryption Background laptop/P C data encryption Summary (1 of 3) Confidentiality with symmetric encryption Symmetric encryption Symmetric block encryption algorithms Stream ciphers Message authentication and hash functions Authentication using symmetric encryption Message authentication without message encryption Secure hash functions Other applications of hash functions Summary (2 of 3) Public-key encryption Structure Applications for public-key cryptosystems Requirements for public-key cryptography Asymmetric encryption algorithms Digital signatures and key management Digital signature Public-key certificates Symmetric key exchange using public-key encryption Digital envelopes Summary (3 of 3) Random and pseudorandom numbers The use of random numbers Random versus pseudorandom Practical Application: Encryption of Stored Data Copyright This work is protected by United States copyright laws and is provided solely for the use of instructors in teaching their courses and assessing student learning. Dissemination or sale of any part of this work (including on the World Wide Web) will destroy the integrity of the work and is not permitted. The work and materials from it should never be made available to students except by instructors using the accompanying text in their classes. All recipients of this work are expected to abide by these restrictions and to honor the intended pedagogical purposes and the needs of other instructors who rely on these materials.

Use Quizgecko on...
Browser
Browser