Lesson 4: Explaining Basic Cryptography Concepts Flashcards
Cryptography
powerful and complex weapon in the fight to maintain computer security. Cryptography is the basis for many of the security systems you will be implementing and configuring. (literally meaning “secret writing”) as been around for thousands of years. It is the art of making information secure. This stands in opposition to the concept of security through obscurity. Security through obscurity means keeping something a secret by hiding it.
Plaintext (or cleartext)
unencrypted message
Ciphertext
encrypted message
Cipher
process (or algorithm) used to encrypt and decrypt a message
Most ciphers use a key to increase the security of the encryption process. For example, if you consider the Caesar cipher ROT13, you should realize that the key is 13. You could use 17 to achieve a different ciphertext from the same method. The key is important because it means that even if the algorithm or cipher method is known, a message still cannot be decrypted without knowledge of the specific key. This is particularly important in modern cryptography. Attempting to hide details of the cipher (a secret algorithm) amounts to “security by obscurity.” Modern ciphers are made stronger by being open to review (cryptanalysis) by third-party researchers.
The range of key values available to use with a particular cipher is called the keyspace. The keyspace is roughly equivalent to two to the power of the size of the key. However, some keys within the keyspace may be considered easy to guess (“weak”) and should not be used. Using a longer key (2048 bits rather than 1024 bits, for instance) makes the encryption scheme stronger. You should realize that key lengths are not equivalent when comparing different algorithms, however. Recommendations on minimum key length for any given algorithm are made by identifying whether the algorithm is vulnerable to cryptanalysis techniques and by the length of time it would take to “brute force” the key, given current processing resources.
Cryptanalysis
the art of breaking or “cracking” cryptographic systems
transport encryption
With transport encryption, for instance, confidentiality means that a message cannot be deciphered without having the appropriate cipher and key (or alternatively the means to crack the cipher).
Non-repudiation
linked to identification and authentication. It is the concept that the sender cannot deny sending the message. If the message has been encrypted in a way known only to the sender, it follows that the sender must have composed it.
resilient
As well as providing integrity at the level of individual messages, cryptography can be used to design highly resilient control systems. A control system is one with multiple parts, such as sensors, workstations, and servers, and complex operating logic. Such a system is resilient if compromise of a small part of the system is prevented from allowing compromise of the whole system. Cryptography assists this goal by ensuring the authentication and integrity of messages delivered over the control system.
Obfuscation
the art of making a message difficult to understand. The term is often used in conjunction with the source code used to design computer applications. Obfuscated source code is rewritten in a way that does not affect the way the computer compiles or executes the code but makes it difficult for a person reading the code to understand how it works. Cryptography is a very effective way of obfuscating a message but unfortunately it is too effective in the case of source code because it means the code cannot be understood (executed) by the computer either. At some point the code has to be decrypted to be executed. The key used for decryption must usually be bundled with the source code and this means that you are relying on security by obscurity rather than strong cryptography. Attempts to protect an embedded key while preserving the functionality of the code (known as white box cryptography) have all been broken. There are no commercial solutions currently available to overcome this problem but the subject is one of much research interest. As well as protecting source code, white box cryptography would offer much better Digital Rights Management (DRM) protection for copyright content such as music, video, and books.
substitution cipher
involves replacing units (a letter or blocks of letters) in the plaintext with different ciphertext. Simple substitution ciphers rotate or scramble letters of the alphabet. For example, ROT13 (an example of a Caesarian cipher) rotates each letter 13 places (so A becomes N for instance). The ciphertext “Uryyb Jbeyq” means “Hello World”.
transposition cipher
In contrast to substitution ciphers, the units in a transposition cipher stay the same in plaintext and ciphertext, but their order is changed, according to some mechanism. See if you can figure out the cipher used on the following example: “HLOOLELWRD”.
Note: If you’re having trouble with the transposition cipher, try arranging groups of letters into columns. It’s called a rail fence cipher.
frequency analysis
Basic substitution and transposition ciphers are vulnerable to cracking by frequency analysis. Frequency analysis depends on the fact that some letters and groups of letters appear more frequently in natural language than others.
Frequency analysis depends on the fact that some letters and groups of letters appear more frequently in natural language than others. These patterns can be identified in the ciphertext, revealing the cipher and key used for encryption. As described by Claude Shannon in 1949, a secure cipher must exhibit the properties of confusion and diffusion.
- Confusion means that the key should not be derivable from the ciphertext. If one bit in the key changes, many bits in the ciphertext should change (each plaintext bit should have a 50% chance of flipping). Also, the same key should not be used by the algorithm in a predictable way when outputting ciphertexts from different plaintexts. Confusion is achieved by using complex substitutions, employing both the whole key and parts of the key to output ciphertext blocks. Confusion prevents attackers from selectively generating encrypted versions of plaintext messages and looking for patterns in their relationship to try to derive the key.
- Diffusion means that predictable features of the plaintext should not be evident in the ciphertext. If one bit of the plaintext is changed, many bits in the ciphertext should change as a result. Diffusion is obtained through transposition. Diffusion prevents attackers from selectively determining parts of the message. Modern ciphers must use both substitution and diffusion to resist cryptanalysis attacks.
Interest in information theory and the use of computers led to the development of increasingly sophisticated ciphers based on mathematical algorithms to perform irreversible transpositions and substitutions. These are the ciphers in widespread use today. The basis of mathematical ciphers is to use an operation that is simple to perform one way (when all the values are known) but difficult to reverse. These are referred to as trapdoor functions. The aim is to reduce the attacker to blindly guessing the correct value. Given a large enough range of values, this type of attack can be rendered computationally impossible.
one-time pad
The one-time pad, invented by Gilbert Vernan in 1917, is an unbreakable encryption mechanism. The one-time pad itself is the encryption key. It consists of exactly the same number of characters as the plaintext and must be generated by a truly random algorithm. To encode and decode the message, each character on the pad is combined with the corresponding character in the message using some numerical system. For example, a binary message might use an XOR bitwise operation. XOR produces 0 if both values are the same and 1 if the values are different, or, put another way, an XOR operation outputs to true only if one input is true and the other input is false. The advantage of XOR compared to an AND or an OR operation is that XOR has a 50% chance of outputting one or zero, whereas AND is more likely to output zero and OR is more likely to output one. This property makes the ciphertext harder to analyze.
Apart from the requirements to be the same length as the message and truly random, each pad must only ever be used once. Re-using a pad makes ciphertexts susceptible to frequency analysis. If used properly, one-time pads are unbreakable. Unlike a cipher employing transposition and/or substitution, there are no clues about the plaintext stored within the ciphertext, apart from its length. However, the size (for anything but short messages) and secure distribution of the pad make it an unsuitable method for modern cryptography. The method is still in use where no means of computer-assisted cryptography is available, though. Also, the operation of some modern cipher types is similar to that of a one-time pad.
To resist cryptanalysis, many cryptographic modules need to apply a value to the data being encrypted to ensure that if two identical plaintexts are used as input, the output is never the same. The value is usually applied using an XOR operation. The value does not have to be kept secret. The value can have different properties depending on the type of cryptography being used:
- Nonce—the principal characteristic of a nonce is that it is never reused (“number used once”) within the same scope (that is, with the same key value). It could be a random or pseudo-random value, or it could be a counter value.
- Initialization vector (IV)—the principal characteristic of an IV is that it be random (or pseudo-random). There may also be a requirement that an IV not be reused (as with a nonce), but this is not the primary characteristic.
- Salt—this is also a random or pseudo-random number or string. The term salt is used specifically in conjunction with cryptographically hashing password values.
Malicious attacks on encryption systems are generally made for two reasons:
- To decipher encrypted data without authorization.
* To impersonate a person or organization by appropriating their encryption keys.
weak cipher suites and implementations
Use of weak cipher suites and implementations can represent a critical vulnerability for an organization. It means that data that it is storing and processing may not be secure. It may also allow a malicious attacker to masquerade as it, causing huge reputational damage. A weak cipher is one that cannot use long keys. For example, legacy algorithms such as MD5, 3DES, and RC4 cannot use key sizes larger than 128 bits. That makes them susceptible to brute force attacks. Additionally, analysis methods might demonstrate ways that a cipher can malfunction, such as showing that the substitution and transposition operations are not sufficient to resist analysis.
The inputs available for cryptanalysis are as follows:
- Known ciphertext—the analyst has obtained the ciphertext but has no additional information about it. The attacker may use statistical methods such as frequency analysis to try to break the encryption.
- Known plaintext—the attacker knows or can guess some of the plaintext present in a ciphertext, but not its exact location or context. This can greatly assist with analysis.
- Chosen plaintext—the attacker can submit plaintexts to the same cryptographic process to derive corresponding ciphertexts, facilitating analysis of the algorithm and potentially recovery of the key.
- Chosen ciphertext—the attacker can submit ciphertexts to the same cryptographic process to derive corresponding plaintexts. The aim of this type of attack is to deduce the key used for decryption.
These attacks are the reason it is important for a cryptographic system to use IVs or salts to ensure that identical plaintexts produce different ciphertexts.
weak key
A weak key is one that produces ciphertext that is easy to cryptanalyze. If a cipher produces weak keys, the technology using the cipher should prevent use of these keys. DES, RC4, IDEA, and Blowfish are examples of algorithms known to have weak keys. The way a cipher is implemented in software may also lead to weak keys being used.
Random Number Generator (RNG) module in the cryptographic implementation is critical to its strength. There are two principal ways for an RNG to work:
- True random number generator (TRNG)—sample some sort of physical phenomena, such as atmospheric noise, with a high rate of entropy (lack of order). This method is slow but considered much stronger.
- Pseudorandom number generator (PRNG)—uses software routines to simulate randomness. The generator usually uses data from the system, such as mouse and keyboard input timing, process IDs, and hard drive samples, as a seed. The seed state is then passed through a mathematical formula in order to output a pseudorandom number.
side channel attacks
represent a completely different approach to cryptanalysis. The theory is that by studying physical properties of the cryptographic system, information may be deduced about how it works. Launching a side channel attack means monitoring things like timing, power consumption, and electromagnetic emanation. Obviously, it is necessary to obtain a physical copy of the cryptographic system or to have some extremely sophisticated monitoring equipment installed.
Resource versus security constraints
the comparative strength of one cipher over another largely depends on the bit-strength of the key and the quality of the algorithm. Some algorithms have known weaknesses and are deprecated for use in particular contexts.
Note: Cipher strength cannot depend on keeping the operation of the cipher a secret (security by obscurity). To do so breaks Schneier’s Law: “Anyone, from the most clueless amateur to the best cryptographer, can create an algorithm that he himself can’t break. It’s not even hard. What is hard is creating an algorithm that no one else can break, even after years of analysis. And the only way to prove that is to subject the algorithm to years of analysis by the best cryptographers around.”