Cryptography Flashcards
Cryptanalysis
Study and methods used to crack encrypted communications
Cryptography
The science or study of protecting information whether in transit or at rest by using techniques to render the information unusable to anyone who does not possess the means to decrypt it.
Plain text
Something you can read
Cipher text
Plain text turned into something that cannot be read unless you have the proper key
Linear Crypt-analysis
Linear - take blocks of encrypted text and compare them to blocks of the unencrypted text line by line. Works best on block ciphers
Differential Crypt-analysis
Applicable to symmetric keys, compares differences in inputs to how each one affects the outcome
Integral Crypt-analysis
Input vs output comparison running multiple computations of the same block size input
Nonrepudiation
The means by which a recipient can ensure the identity of the sender and neither party can deny having sent or received the message.
Algortithm
Step by step method of solving a problem. Encryption algorithms are mathematical formulas used to encrypt and decrypt data. Encryption algorithms are also known as ciphers.
Encryption of bits methods
Substitution - bits are replaced by other bits
Transposition - changes the order of the bits
Stream cipher
Bits are encrypted as a continuous stream, one at a time, normally using an XOR function. These work at a very high rate of speed.
Block cipher
Data bits are split into blocks (commonly 64 bits at a time) and each block is encrypted with the key. Normally uses substitution and transposition in the algorithm. Slower than stream ciphers.
XOR (Exclusive OR)
0 XOR 0 = 0
0 XOR 1 = 1
1 XOR 0 = 1
1 XOR 1 = 0
If the two bits match, the result is a 0 and if they don’t match the result is a 1.
Key length
If the key chosen is smaller than the data, the cipher will be vulnerable to frequency attack because the key will be used repeatedly in the process.
Symmetric Encryption
Also known as single key which both encrypts and decrypts. Good for bulk encryption because it is fast but key distribution is an issue. Encryption only, does not provide for integrity (nonrepudiation)
DES - block cipher uses a 56 bit key - not considered secure
3DES - block cipher uses a 168 bit key with up to 3 keys, Slower than DES but more secure
AES - block cipher that uses a key length of 128, 192 or 256 bits. Faster than DES and 3DES
IDEA - block cipher that uses a 128 bit key. Used in PGP and Europe
Twofish - block cipher that uses a key size up to 256 bits
Blowfish - block cipher uses a 64 bit block size and a key from 32 to 448 bits. Considered public domain
RC series: RC2 to RC6 - block ciphers that uses variable key length up to 2040 bits
RC4 - is a stream cipher
RC5 - variable block sizes (32, 54,128) and 2-bit working registers
RC6 - uses 128 bit blocks and 4-bit working registers
N(N-1)/2
To calculate the number of keys you need to communicate with N devices.
Asymmetric Encryption
Key pairs - public and private - what one key encrypts, the other key decrypts. Can also be used for integrity via hashing algorithm, What one key signs, the other key can verify the signature as valid. Slower than symmetric and is suitable for small amounts of data.
Diffie-Hellman - a key exchange protocol used in SSL and IPSEC. Vulnerable to man in the middle attacks
Elliptic Curve Cryptosystem (ECC) - uses points on an elliptical curve in conjunction with logarithms for encryption and signatures. Uses less processing power so good for mobile devices
El Gamal - Solving of discreet logarithm problems
RSA - Uses primer numbers with key sizes up to 4096 bits.
Hash Algorithm
One-way mathematical function takes a variable length input and generates a fixed length message digest that acts as a signature for that data.
MD5 - 128 bits - considered insecure
SHA-1 - 160 bits - replaced by SHA-2 due to security concerns
SHA-2 - can product 224, 256, 384 and 512 bit hashes. Not widely used
SHA-3 - uses sponge construction
RIPEMD-# where the # indicates the bit length -works through 80 stages
Hashing Attacks
Collision attack - when two or more different inputs result in the same identical message digest (hash)
Don’t Use Hard Coded Keys (DUHK) attack
A vulnerability that allows attackers access to keys in certain VPNs. Affects devices using the ANSI X9.31 random number generator in conjunction with a hard coded seed key
Rainbow table
Pre-computed list of hashes that can speed up the cracking of hashed data (signature, password, etc)
Salt
Collection of random bits added to an encryption algorithm making a collision attack difficult (and rainbow tables).
Key Escrow
Copies of keys stored for later use by a third party
Steganoagraphy
Concealing a message inside of another medium
How to tell if a file has been steggoed?
For text, character positions are key (look for text patterns, unusual blank spaces and language anomalies). Image files will be larger in size and may show weird color palette faults. Audio and video files require statistical analysis.
Image Steganography
Least significant bit insertion
Masking and filtering - on gray scale images, modifying the luminescence of data parts
Algorithmic transformation - hide data in the mathematical functions used in image compression
Steganography Tools
Omnihidepro, Masker - sticking messages into the video stream Deepsound, MP3stego - insert messages in audio files Other tools: QuickStego, gifshuffle, SNOW, SteganographyStudio, OpenStego
Registration Authority
Issue certificates. Usually a subordinate CA as root CAs are placed offline for security purposes.
Trust model in PKI
Describes how entities within an enterprise deal with keys, signatures and certificates,
Web of Trust - entities sign certificates for one another
Single authority system - has a single CA at the top that acts as the sole registration authority
Hierarchical Trust System - has a Root CA and subordinates. The subordinates are the registration authority. Most secure of the three models.
X.509 certificate
Version Serial Number Subject Algorithm ID (signature algorithm) Issuer - who created the certificate Validity dates Key usage Subject's Public Key Optional Fields
Self-signed certificate
Signed by the same identity whose identity it certifies
FIPS 186-2
Digital Signature Algorithms (DSA) - Federal Information Processing Standard
Full disk encryption
Protect data on mobile devices or portable devices with a key needed to unlock the drive at boot Microsoft Bitlocker, McCafee endpoint protection, Symantec Drive encryption, Gilisoft Full Disk Encryption
Boot n Root attack
Booting from USB and a different OS to get access to a hard drive’s data
File and folder encryption tools
Microsoft EFS
Veracrypt
AxCrypt
GNU Privacy Guard
Encrypted Communication
Secure Shell (SSH) - a secured version of Telnet over port 22, relies on public key cryptography, can be used as a tunneling protocol,
SSH2 - more secure than SSH, includes SFTP a secure version of FTP
SSL - encrypts data at the transport layer. Uses RSA encryption and digital certificates. Being replaced by TLS - RSA algorithm of 1024 and 2048 bits, allows both the client and server to authenticate to each other
IPSEC - network layer tunnelling protocol. AH provides for integrity, ESP for encryption (transport mode the header is not encrypted, tunnel mode the entire packet is encrypted with a new header that adds the tunnel endpoints)
PGP - used for signing, compression and encrypting and decrypting emails, files, directories, and disk partitions. PGP is a hybrid cryptosystem
SMIME
Standard for public key encryption and signing of MIME data (emails).
SSL attacks
Heartbleed was a vulnerability in OPENSSL can be detected with NMAP
Poodle - vulnerability related to backward compatibility where sites revert back to SSL instead of using TLS. Disable use of SSLV3.0 to mitigate and implement TLS_FALLBACK_SCSV (a fake cipher suite). Also known as PoodleBleed
FREAK - man in the middle attack that forces a downgrade of an RSA key to a weaker length. Can lead top RC4 bias attacks
DROWN - HTTPS attack that allows attackers to break the encryption and read or steal sensitive communications include passwords, credit cards,trade secrets, and financial data. Disable use of SSLv2
Cryptography Attack - Known Plain-Text Attack
The attacker has both plain-text and corresponding cipher-text messages - the more the better. The plain text copies are scanned for repeatable sequences.
Cryptography Attack - Chosen Plain-Text Attack
The attacker encrypts multiple plain-text copies himself in order to gain the key.
Cryptography Attack - Adaptive Chosen Plain-Text Attack
The attacker makes a series of interactive queries, choosing subsequent plaintexts based on the information from the previous encryptions.
Cryptography Attack - Cipher-text-only Attack
Using statistical analysis on messages encrypted using the same algorithm.
Cryptography Attack - Replay Attack
Performed via man-in the-middle. Session tokens can be used to mitigate
Cryptography Attack - Chosen Cipher Attack
Attempts to discern the key through comparative analysis. RSA is vulnerable to this.
Cryptography Attack - Side Channel Attack
A physical attack that monitors environmental factors like power consumption, timing, and delay on the cryptographic system itself.
Cryptography Attack - Inference Attack
Deriving information from the cipher text without actually decoding it.
Cracking Tools
Carnivore Magic Lantern L0phtcrack John the Ripper PGPCrack Cryptool Cryptobench Jipher