MOD 20 - Cryptography

Question 1

Types of ciphers:

Answer 1

Symmetric, Asymmetric, Substitution, Transposition, Stream, Block. Be familiar with each of these.

Be familiar with encryption processes, PKI, digital signatures, non-repudiation, public & private keys, certificates, CA’s, RA’s, CRL’s, etc.

Question 2

Certificate Validation

Answer 2

Process of checking a certificate to ensure it’s valid and has not been revoked

Question 3

Symmetric ciphers:

Answer 3

Only one key: the same key encrypts and decrypts. MUCH faster than Asymmetric, so used for any bulk-encryption needs

The main drawback to symmetric is there is no built-in way to exchange the key with the recipient.

Question 4

RC4 (Ron’s Code 4) SYM

Answer 4

Symmetric STREAM cipher used in WEP and WPA/TKIP

Question 5

DES - Data Encryption Standard SYM

Answer 5

Uses 56-bit keys and 64-bit blocks

Question 6

2DES SYM

Answer 6

does DES twice, with 2 different keys. Susceptible to a “Meet-in-the-Middle” attack, allowing the attacker to figure out 1 of the keys.

Question 7

3DES SYM

Answer 7

does DES three times, with 3 different keys (oversimplified, but that’s the idea)

Question 8

Twofish SYM

Answer 8

Uses 128 bit blocks, and up to 256 bit key size.

Question 9

Threefish SYM

Answer 9

Blocks and keys can be 256, 512, and 1024 bits

Question 10

AES - Advanced Encryption Standard SYM

Answer 10

Currently our best symmetric encryption option. Like Twofish, it uses 128 bit blocks and 128, 192, or 256 bit keys. Faster than Twofish!

AES is a block cipher and when used with WPA2 we call it CCMP (AES in CTR mode)

Question 11

• CAST-128 SYM

Answer 11

Symmetric block cipher that uses 64-bit blocks and does 12 or 16 rounds of encryption

Question 12

• Serpent SYM

Answer 12

Symmetric block cipher that uses four 32-bit blocks, does 32 rounds of encryption, and uses key sizes of 128, 192, or 256 bits

Question 13

IDEA (used with PGP) SYM

Answer 13

Symmetric encryption that was supposed to replace DES. Optionally used with PGP for bulk encryption once RSA handles the key-exchange. 64 bit blocks, 128 bit key.

Question 14

Asymmetric ciphers:

Answer 14

Creates a Public-Private key pair. Encrypt with either one, then only the OTHER one can decrypt.

Question 15

RSA (Rivest, Shamir, Adleman) ASYM

Answer 15

First creates a private key, then mathematically deduces a public key from the private key, which is a one-way math function (can’t be reversed)

Question 16

ECC (Elliptic Curve Cryptography) ASYM

Answer 16

Can use small keys, but then get’s large-strength encryption from them. Very useful for portable devices with weaker processors.

Question 17

Hashing algorithms:

Answer 17

Can be used to see if files (any data really) have changed. Used as an INTEGRITY checking mechanism.

Question 18

MD5 (Message Digest 5) HASH ALG

Answer 18

32 (hex) character output, which is 128 bits. Prone to collisions

Question 19

SHA-1 (Secure Hashing Algorithm 1) HASH ALG

Answer 19

40 (hex) char output, 160 bits. Very similar to MD5, but more bits means less collisions.

Question 20

Collisions

Answer 20

Problem with hashing where two (or more) different source messages produce the same message digest.

Collision resistance is the ability for a hashing algorithm to produce less collisions. This typically involves a very long digest (more bits means more unique digests)

A collision attack is an attempt to find two messages that produce the same hash. While not all that practical, it does demonstrate that a particular hashing algorithm is flawed. SHA-1 and MD5 are prone to these attacks.

Question 21

Key Escrow

Answer 21

In general, NEVER give your private key to anyone! The only exception is if you want your administrator to back up your private key for safekeeping. The admin’s role is then called the Recovery Agent (or Data Recovery Agent), and she keeps your private key in a safe location we call Key Escrow.

Question 22

PGP (Pretty Good Privacy)

Answer 22

Program that can encrypt data such as e-mails. Uses RSA for symmetric-key-exchange, then IDEA for the bulk data encryption. Free for 30 days, but you have to pay after that.

Question 23

For data confidentiality, encrypt with recipients Public Key

Answer 23

Only the recipients private can decrypt

Question 24

*GPG

Answer 24

GNU Privacy Guard. Free alternative/competitor to PGP

Question 25

• Web-of-Trust

Answer 25

Security model used by PGP/GPG/etc where each user acts as a CA and signs each other’s public keys for distribution. Every user has a “ring of public keys” (other users keys) to encrypt data and keep it confidential.

Question 26

TPM - Trusted Platform Module

Answer 26

“Crypto-chip” on your motherboard that can generate and store encryption keys. Can be used with tools like Bitlocker, which can encrypt/decrypt data on your hard disk. Microsoft’s Bitlocker tool can do disk encryption.

Question 27

DROWN attack

Answer 27

Your webserver allows inbound TLS connections using a certificate (public key) and corresponding private key. Unfortunately, your server is mis-configured and still allows SSL v2 connections. In this scenario, the very same certificate and private key are being used for both the TLS and SSL connections. The problem here is that SSL v2 has known vulnerabilities that can let an attacker get your webserver’s private key. Once he does, since your server uses the same cert for both TLS and SSL v2, the attacker can now intercept and view your incoming TLS traffic. Solution: disable SSL!!

Question 28

• Heartbleed

Answer 28

High-profile vulnerability with the SSL protocol (from 2014) that exposed a webserver’s PRIVATE key
Allowed attacker to get web server PRIVATE KEY. SSL 3.0 was hacked.

Question 29

Cryptanalysis

Answer 29

Breaking encryption. An ADAPTIVE chosen plaintext (or ciphertext) attack allows the attacker to make many interactive queries to encrypt his/her data, then he/she is able to choose subsequent plaintexts based on the results of the previous encryption.

Question 30

Rubber-Hose attack

Answer 30

Getting someone’s encryption key through coercion or torture. Not recommended.

Question 31

*Key Stretching

Answer 31

Process of strengthening a key by making it longer

Question 32

Difference between Digital Signature and Asymmetric

Answer 32

Know these. Digital signature only proves nonrepudiation, does not provide confidentiality. Use senders private key.

For confidentiality, encrypt with recipients public

Question 33

Dual-Key-Pair

Answer 33

Encrypts header and digital signs with senders private, then encrypts the data with recipients public, decrypts with private. Receiver uses public key to decrypt hash.

Question 34

Certificate Authority

Answer 34

Vouches for a public key by signing it.

Question 35

Registration Authority

Answer 35

Verifies user is authentic. May perform background check. Like GoDaddy, Digicert

Question 36

Recovery Agent or Data Recovert Agent

Answer 36

Special Admin role tasked with backing up employee private keys.

Question 37

Key Escrow

Answer 37

Secure location for the DRA to store/back-up employee’s private keys

Question 38

Adaptive chosen plain text attack

Answer 38

Attacker makes a series of interactive queries, choosing subsequent plain texts based on the information

Question 39

DUHK Attack

Answer 39

Don’t Use Hard-Coded Keys