Sec+ Chapter 07: Cryptography and the Public Key Infrastructure Flashcards
Cryptography
The practice of encoding information in a manner that it cannot be decoded without access to the required decryption key. Consists of two main operations:
1) Encryption: Transforms plain text information into ciphertext using an encryption key
2) Decryption: Transforms ciphertext back into plain text with a decryption key
4 goals of cryptography
1) Confidentiality: Used to protect information from prying eyes
2) Integrity: Used to ensure data isn’t maliciously or unintentionally altered
3) Authentication: Validate the identity of individuals
4) Nonrepudiation: Ensures that individuals can prove to a third party that a message came from its purported sender
Cipher
The algorithms used to perform encryption and decryption operations
Ciphering is the process of using a cipher to scramble a message
Substitution cipher
A type of coding or ciphering system that changes one character or symbol into another
Transposition cipher
Transposing or scrambling letters in a certain manner. Typically broken into blocks of equal size and each block is then scrambled
Steganography
The art of using cryptography techniques to embed secret messages within another file
Steganographers often embed their secret messages in images, video files, or audio files because the files are so large the message would be easily missed by inspectors.
Often used for illicit activities
Cryptography Goal: Confidentiality
The most widely cited goal of cryptosystems
Refers to the preservation of secrecy for stored information or for comms between individuals and groups
Ensures data remains private in three different situations:
1) At rest
2) In transit (on the wire)
3) In use
Symmetric encryption
AKA: secret key algorithm or shared secret
Uses a single key to encrypt the data, and when you want to decrypt the data you use the same key
This shared, secret key is available to all users of the cryptosystem
It doesn’t scale well and is challenging to distribute
Asymmetric encryption
AKA: Public key cryptography
Unlike symmetric, asymmetric uses multiple keys: a public and private key
Private key is what only you have access to and nobody knows what that is
Public key is mathematically related to the private key, and it’s what you give everyone so they can encrypt info and send it to you
Once someone encrypts data with your public key, the only way to decrypt it is with your private key
You can also do this the opposite way, and encrypt info with your private key and the people who decrypt it are the ones with your public key (digital signatures)
Data at rest
Stored data that resides in a permanent location awaiting access
EX: hard drives, backup tapes, cloud storage, USB drivers
To protect it, we must encrypt the data with whole disk, database, or file/folder encryption
Assign permissions to data in this drive
Data in transit
On the wire (aka, in the cables), is data being transmitted across a network between two systems
EX: Data going between switch interfaces, router connections, and devices on the network
It’s difficult to protect as it travels, but not impossible
Allow or prevent access with firewall or IPS, or we encrypt the data as it goes through the network with TLS or IPsec
Data in use
Stored in the active memory of a computer system, where it can be accessed by a process running on that system
EX: Data in system RAM, CPU registers, or system caches
Almost always presented in a decrypted view, which makes it a very attractive option for attackers
Cryptography Goal: Integrity
Ensures data isn’t altered without authorization. If integrity mechanisms are in place, the recipient of a message can be certain that the message received is identical the one that was sent.
Integrity checks ensure stored data wasn’t altered between time it was created and accessed.
Integrity controls protect against all forms of alternation, including:
1) Intentional by third-party attempting to insert false info
2) Intentional deletion of portions of the data
3) Unintentional alteration by faults in the transmission process
Cryptography Goal: Authentication
Verifies the claimed identity of the system users
Cryptography Goal: Nonrepudiation
Provides assurance to the recipient that the message was originated by the sender, and not someone pretending to be the sender
Prevents the sender from claiming they never sent the message in the first place
Only offered by public key, or asymmetric
Key space
The range of values that are valid for use as a key for a specific algorithm
Defined by its key length
Key length
The number of binary bits in the key that defines the key space
Kerchoff Principle
A cryptographic system should be secure, even if everything about the system, except the key, is public knowledge
AKA: Your enemy knows this system
Cipher suite
Sets of ciphers and key lengths supported by a system
Block cipher
Ciphers that operate on blocks of a message and apply the encryption algorithm to the entire message block at the same time
Usually you see this with 64 or 128 bit blocks
If it doesn’t fit, padding is added to fill in the short blocks
Like stream cipher, this is commonly used with symmetric encryption
Uses different modes of operation to avoid patterns in the encryption
Stream cipher
Ciphers that operate on one character or bit of a message / data steam at a time
Often used with symmetric encryption
High speed, low hardware complexity
Challenge is that you don’t know what’s coming down the stream, which means randomization of data could be difficult if multiple bytes are identical in the stream
IV is added to the cipher to add randomization to the process
Symmetric key cryptography weaknesses
1) Key distribution is a major problem: Parties must have a secure method of exchanging the secret key before establishing comms with a symmetric key protocol
2) Doesn’t implement nonrepudiation: There’s no way to prove where a given message originated since anyone can encrypt and decrypt with the shared secret key
3) Algo isn’t scalable: Extremely difficult for large groups to comm with this. Secure private comms between individuals in the group can only be achieved if each possible combo of users shared a private key
4) Keys must be regenerated often: Each time a participant leaves a group, all keys known must be discarded
Strengths of symmetric key cryptography
Speed: It’s 1k to 10k faster than asymmetric algos
Strengths of asymmetric key cryptography
1) The addition of new users requires the generation of only one public-private key pair, which is used to comm with all users. Extremely scalable
2) Users can be removed easily. Key revocation mechanism allows a key to be canceled, removing a user from the system
3) Key regeneration is only required when a private key is compromised. If a user leaves, the admin simply needs to invalidate their keys
4) Provides integrity, authentication, and nonrepudiation. If a user doesn’t share their private key with others, a message signed by them can be shown to be accurate and from a specific source. Can’t be repudiated later
5) Simple key distribution. Users who participate simply make their public key available to anyone they want to comm with
6) No preexisting comm link needed. Two individuals can begin comms securely from the start of their session. No prior relationship needed
Weakness of asymmetric key cryptography
Speed: It has a slow speed of operation
Often, many applications that required the secure transmission of large amounts of data use public key cryptography to establish a connection and then exchange a symmetric secret key
The remainder of the session uses symmetric cryptography
DES
Data encryption standard
Published by US Gov in 1977, deprecated
A 64-bit block cipher that has five modes of operation:
1) Electronic codebook mode (ECB)
2) Cipher block chaining mode (CBC)
3) Cipher feedback mode (CFB)
4) Output feedback mode (OFB)
5) Counter mode (CTR)
ECB Mode
Electronic codebook mode
Uses the DES algorithm, easiest to understand, least secure
Each time the algo processes a 64-bit block, it encrypts the block using the encryption key
This process is done all the way through the file until all blocks are encrypted
If the algo encounters the same block multiple times, it will produce the same encrypted block because it doesn’t use salt
This means it might not be the best encryption mode to use for every situation, but it can be used to exchange small amounts of data, like keys and parameters used to initiate other DES modes as well as the cells in a db
CBC Mode
Cipher block chaining mode
Uses the DES algorithm, adds more randomization than ECB
Each block is XORed with the previous ciphertext block, which means we perform a different set of input and output to that data to add randomization
XOR = exclusive, or, if you input two identical bits the output is 0, but if they’re different it’s 1
Encryption process is similar to ECB, but just before the encryption occurs we add the IV data, which further randomizes the ciphertext
On the second block of data, we use the resulting ciphertext as the IV for the next block
Ciphertext will be different every time, even if the plaintext is identical
CFB Mode
Cipher feedback mode
Uses the DES algorithm
The streaming cipher version of CBC. CFB operates against data produced in real time, but instead of breaking a message into blocks it uses memory buffers of the same size block. As it fills up, it’s encrypted and send to the recipients
OFB Mode
Output feedback mode
Uses the DES algorithm
Almost the same as CFB, but instead of XORing an encrypted version of the previous block of ciphertext, it XORs the plain text with a seed value
CTR Mode
Counter mode
Uses the DES algorithm and acts as a stream cipher similar to CFB and OFB
Uses an incremental counter to add randomization to the encryption process
We start with the counter, and encrypt the counter with the block cipher encryption
After that, we perform the XOR (exclusive, or) to the plaintext to create the ciphertext
Instead of using the results of this encryption on the next block, we increment the counter and perform the exact same encryption with the next block of plaintext
3DES
Triple DES
An adapted version of DES, uses the same algorithm to produce a more secure encryption. There are 4 versions of 3DES:
1) Encrypts plaintext three times, using three different keys K1, K2, and K3 (subscripts). DES-EEE3 (168 bit)
2) Uses three keys, but replaces second encryption operation with a decryption one. DES-EDE3 (168 bit)
3) Only uses two keys. DES-EEE2 (112 bit)
4) Uses two keys, but decryption operation in the middle. DES-EDE2 (112 bit)
AES
Advanced encryption standard
NIST mandated use of AES/Rjindael in Nov 2001 for encryption of all sensitive but unclassified data by US Gov
Uses three key strengths of 128, 192, and 256 bit
AES only allows the processing of 128 bits, but Rjindael exceeded this spec, allowing people to use block size equal to the key length. The number of encryption rounds depends on the key length chose:
1) 128 bit requires 10 rounds
2) 192 bit requires 12 rounds
3) 256 bit requires 14 rounds
Key management practices
The security and protection of cryptographic keyring materials
Create the keys with a particular strength and cipher, generate the digital certificates which associate the keys with a particular user, and safely and securely distribute the keys to their users
Store the keys securely, ensure they’re used appropriately, revoke keys, escrow of keys, and create new keys after expiration dates
Offline distribution
One of three main methods used to exchange secret keys securely
This is the most technically simple and involves the physical exchange of key material
One party provides the other with a sheet of paper or storage media containing the secret key
Public key encryption
One of three main methods used to exchange secret keys securely
To achieve speed benefits of secret key encryption without the hassles of key distro, many use public key encryption to set up an initial comms link
Once it’s established, and everyone is confident in the others identity, they exchange a secret key over the secure public key link
Comms are then switched from public key algo to secret key algo and enjoy increased processing speeds
Diffie-Hellman
Uses asymmetric encryption to create a symmetric key, and you don’t have to send it across the network
Bob and Alice both use asymmetric encryption and both have private keys
Bob can combine his private key with Alice’s public key to create a symmetric key
Alice can combine her private key with Bob’s public key to create a symmetric key
If you use the related public and private keys on both side, you get symmetric keys identical to each other
By doing this, the same symmetric key can be created on both sides of the convo without ever sending the symmetric key across the network
This is the process used for Diffie-Hellman, and it’s used extensively everyday
Key storage best practices
1) Never store a key on the same system where encrypted data resides
2) For sensitive keys, consider providing two different individuals with half of the key. They must collaborate to re-create the entire key. Known as principle of split knowledge
RSA
The most famous public key cryptosystem, named for its creators: Ronald Rivest, Adi Shamir, and Leonard Adleman
Widely used for secure comms. This algo depends on computational difficult inherent in factoring large prime numbers
Each user of the cryptosystem generate a pair of public and private keys using the algo
ECC
Elliptic curve cryptography
Instead of using large prime numbers, you use curves to create the asymmetric keys used for public and private key encryption and decryption
ECC can use smaller keys to maintain same security as non-ECC algorithms, and they require smaller storage and data needed to be transmitted across the network
You can thus access the power of asymmetric encryption on mobile and IoT devices that can’t store mass quantities of data
Widely believed that this is harder to solve than both the prime factorization of RSA and standard discrete logarithm from Diffie-Hellman
Message digest
What you get when you take a potentially long message and generate a unique output value derived from the content of the message
5 basic requirements for a cryptographic hash function
1) They accept an input of any length
2) They produce an output of a fixed length, regardless of the input length
3) The hash value is relatively easy to compute
4) The hash function is one-way, meaning that it’s extremely hard to determine the input when provided with the output
5) The hash function is collision free, meaning it’s extremely hard to find two messages that produce the same hash value
