Chapter 7 PKI and Cryptographic Applications

Question 1

Describe RSA.

Answer 1

Rivest, Shamir, and Adleman proposed the standard in 1977, and it’s still the worldwide standard. Start with two prime numbers (200 digits long). Multiply them, then find a number that is less than the product of them. This is used to create the public key, with another number used as the private key.

Question 2

Compare different symmetric and asymmetric key lengths.

Answer 2

128 bit symmetiric, 3072 bit RSA, and 256 bit elliptical curve all have the same strength.

Question 3

Describe ElGamal.

Answer 3

Based on same math as Diffie Hellman. Originally had the benefit of being publicly available, although RSA now is as well. Doubles the size of any message. Based on standard discrete logarithm problem.

Question 4

Describe Elliptical Curve Cryptography.

Answer 4

Based on elliptical curve discrete logarithmic problem. More efficient than RSA.

Question 5

Describe Diffie Hellman.

Answer 5

The idea is that they generate a shared secret without ever transmitting it. They use PKI to generate a shared secret. It is hybrid cryptography. It is not technically an encryption protocol, but a key exchange protocol. Often used in TLS.

Question 6

Describe quantum cryptography.

Answer 6

Replaces binary 1 and 0 bits with multidimensional quantum bits called qubits. Quantum supremacy is the idea that quantum computers can solve problems that cannot currently be solved. Quantum key distribution is an approach to develop shared secrets similar to Diffie Hellman.

Question 7

Describe SHA-1.

Answer 7

Produces 160 bit message digests.

Question 8

Describe SHA-2

Answer 8

SHA-256 produces 256 bit MDs.

SHA-224 produces 224 bit MDs

SHA-512 produces 512 bit MDs.

SHA 384 produces 384 bit MDs.

Question 9

Describe MD5.

Answer 9

Produces 128 bit MDs.

Question 10

Describe RIPEMD.

Answer 10

Produces 128 MD bit MDs. Not secure. Same for RIPEMD-128.

RIPEMD-160 still secure.

RIPE 256 has the same level of security as 128, so 160 is more secure than 256.

Question 11

Describe HAVAL.

Answer 11

Hash of Variable length. Can be 128, 160, 192, 224, and 256.

Question 12

What is HMAC?

Answer 12

Hashed message authentication mode. Guarantees integrity but not nonrepudiation because it uses a shared secret key. It is more efficient than digital signatures.

Can be combined with standard hashing algorithms.

Question 13

What does NIST say about digital signatures?

Answer 13

All federally approved digital signature algorithms must use SHA-3.

Three algorithms may be used: DSA, a variant of ElGamal; RSA; Elliptical Curve DSA.

Being changed to RSA, ECDSA, and the Edwards Curve DSA.

Question 14

What information should a digital certificate have?

Answer 14

–version of X509 used
–Serial number
–Signature algorithm identifier
–Issuer name
–Validity period
–Common nanmeof the cert and the distinguished name of the entity that owns the public key
–subject’s public key.

Certificate can include a wildcard so it’s good for subdomains, but you can only go one level.

Question 15

What is a registration authority?

Answer 15

Do not issue certificates but help CAs with authentication.

Question 16

Describe the certificate lifecycle.

Answer 16

Enrollment–prove your identity to the CA. Once you have, you provide them with your public key via a certificate signing request (CSR). The CA then generates the .509 digital certificate. The CA signs the certificate using its private key. Simplest certificates are domain validation certs–verify you control the domain you say you control. Extended Validation certs provide you are legit business.

Distribution—CA sends the cert to the user.

Validation–when you receive a digital cert, you verify it by using the CA’s public key. You then check the validity period to make sure it has not expired. then you chek either the certificate revocation list (CRL) or Online Certificate Status Protocol (OCSP). Finally, make sure the certificate contains the data you expect.

Revocation–CA revokes a cert beause it was compromised, issued in error, the details changed, or the security association changed. Revocation is via the CRL (must download and cross-check), OCSP, or certificate stapling (web server ““staples”” an OCSP response to its cert. For a period, like 24 hours, the browser will know it is secure).

Question 17

What is certificate stapling?

Answer 17

Web server contacts the OCSP server. Attaches (staples) the response to the certificate. Browser does not need to recheck the server until the time stamp expires.

Question 18

What are the certificate formats?

Answer 18

Distinguished Encoding Rules (DER) is most common. .der, .crt, or .cer

Privacy Enhanced Mail is an ASCII text version of DER. stored as .pem or .crt.

Personal Information Exchange (PFX) commonly used in windows. uses either .pfx or .p12

P7B also used in Windows and stored in ASCII.

Question 19

What is a Trusted Platform Module?

Answer 19

A chip on the motherboard. Storages and manages the keys used for FDE.

Question 20

What does a digital signature provide an email?

Answer 20

Authentication, integrity, and nonrepudiation.

Question 21

Describe PGP.

Answer 21

Uses a web of trust. One or more PGP users must vouch for you. Often a plug-in to web based email. used in ProtonMail, StartMail, Mailvelope, SafeGmail, and Hushmail.

Question 22

Describe S/MIME.

Answer 22

Uses the RSA algorithm. Used in Outlook, Apple mail, and G Suite Enterprise. Relies on X509 certs. Most Web-based email requires browser plug-ins.

Question 23

Describe the TLS cipher suite.

Answer 23

Will provide the key exchange algorithm, authentication algorithm, bulk encryption algorithm, and hash algorithm.

Question 24

What is Link Encryption?

Answer 24

Protects the entire communications circuit by creating a secure tunnel between two points. Usually done at lower levels of the OSI model.

Question 25

What is end-to-end encryption?

Answer 25

Protects communications between two parties but does not encrypt the header, trailer, address, and routing data. Usually done at higher level of the OSI model.

Question 26

What is IPsec?

Answer 26

The authentication header (AH) provides assurance of integrity and nonrepudation. The Encapsulating Security Payload (ESP) provides confidentiality and integrity of payload contents. Both prevent replay attacks.

Transport mode only encrypts the packet payload. This is for peer-to-peer communication. Tunnel mode encrypts the whole header, and is designed for link encryption.

You set up a session by creating a security association (SA). Two-way requires two SAs, and if needed for AH and ESP, you need four SAs.

Question 27

Describe cryptographic attacks.

Answer 27

Analytic attack–algebraic manipulation of the algorithm so it is less complex.

Implementation attack–exploits weaknesses in the implementation of the cryptographic ssytem. Focuses on exploiting the code, not just errors and flaws, but the methodology used to program the encryption system.

Statistical attack–exploits statistical weaknesses in a cryptosystem, such as floating point errors.

Brute force attack–Trying every possible valid combination for a key or password.

Fault injection attack–attempting to compromise the integrity of a cryptographic device by causing some sort of external fault.

Side-channel attack–Taking advantage of the footprints of activity that computer systems create, such as power consumption, to actively monitor activity and retrieve information being encrypted.

Timing attack–Example of a side channel attack where the attacker measures how long cryptographic operations take, gaining information about the cryptographic process.

Frequency Analysis and the Ciphertext-Only Attack —Count the number of times each letter appears in the ciphertext. If common letters like E, T, and A are also in the most common in the ciphertext, probably dealing with a transposition cipher. If other letters are most common, probably a substitution cipher.

Known Plaintext—If you have the encrypted message and the plaintext message used to generate the ciphertext, you may be able to break weaker codes.

Chosen Plaintext—Attacker obtains ciphertexts corresponding to a set of plaintexts it has chosen. Allows the attacker to attempt to derive the key. Differential cryptanalysis uses this.

Chosen Ciphertext—attacker has the ability to decrypt chosen portions of the ciphertext message and uses the decrypted portion to derive the key.

Meet in the Middle—Used to defeat encryption algorithms that use two rounds of encryption. This is why 2DES didn’t work. Attacker uses a known plaintext message. It is then encrypted using every possible key, and the equivalent ciphertext decrypted using every possible key. When a match is found, you have both portions of encryption.

Man in the Middle—a malicious actor sits between two parties and intercepts the initial setup of the session. the attacker responds to the originator’s initialization requests and sets up a secure session. Then establishes a second session with the intended recipient. AKA on-path attack.

birthday—AKA collision or reverse hash matching. Seeks to substitute in a digitally signed communication a different message producing the same hash.

Replay—Attacker intercepts an encrypted message between the parties, often a request for authentication, and then replays the message to open a new session. This is why you should include a timestamp and expiration period in each message, use a challenge-response mechanism, and encrypt authentication sessions with ephemeral keys.

Question 28

What is certificate pinning?

Answer 28

Certificate pinning–Browsers attach a cert to a subject for an extended time, so they notice when a cert changes. Security mechanism.