SlideShare a Scribd company logo

IS413 Topic 5.pptx

Download as PPTX, PDF
W
WarrenPhiri4

The document provides an overview of public key encryption and related concepts. It discusses how public key encryption uses key pairs (public and private keys) to securely encrypt and decrypt messages. The main public key encryption algorithms covered are RSA, ElGamal, and elliptic curve cryptography. The document also discusses hash functions and their uses in message integrity and digital signatures. Common hashing algorithms like SHA, MD2, MD4, and MD5 are explained. The use of encryption for network security is covered, including IPsec, ISAKMP, and wireless security protocols like WEP and WPA/WPA2. Finally, various types of cryptographic attacks are defined.

Education
1 of 28
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
IS413 Topic 5 ~ Public Key Encryption Warren Phiri
Introduction • Asymmetric key algorithms, also known as public key algorithms, provide a solution to the weaknesses of symmetric key encryption. • In these systems, each user has two keys: a public key, which is shared with all users, and a private key, which is kept secret and known only to the user. • But here’s a twist: opposite and related keys must be used in tandem to encrypt and decrypt. In other words, if the public key encrypts a message, then only the corresponding private key can decrypt it, and vice versa.
Public and Private Keys • Public key cryptosystems rely on pairs of keys assigned to each user of the cryptosystem. • Every user maintains both a public key and a private key. As the names imply, public key cryptosystem users make their public keys freely available to anyone with whom they want to communicate. • The mere possession of the public key by third parties does not introduce any weaknesses into the cryptosystem. • The private key, on the other hand, is reserved for the sole use of the individual who owns the keys. • It is never shared with any other cryptosystem user.
Public and Private Keys Cont. • Once the sender encrypts the message with the recipient’s public key, no user (including the sender) can decrypt that message without knowing the recipient’s private key (the second half of the public-private key pair used to generate the message). • This is the beauty of public key cryptography—public keys can be freely shared using unsecured communications and then used to create secure communications channels between users previously unknown to each other. • Public key cryptography entails a higher degree of computational complexity. • Keys used within public key systems must be longer than those used in private key systems to produce cryptosystems of equivalent strengths. • The following slides discuss the different public key cryptosystems
RSA • The most famous public key cryptosystem is named after its creators. • In 1977, Ronald Rivest, Adi Shamir, and Leonard Adleman proposed the RSA public key algorithm that remains a worldwide standard today. • The RSA algorithm depends on the computational difficulty inherent in factoring large prime numbers. • Each user of the cryptosystem generates a pair of public and private keys using the algorithm (refer to text for a detailed example)
El Gamal • In the last topic (4), we looked at how the Diffie-Hellman (DH) algorithm uses large integers and modular arithmetic to facilitate the secure exchange of secret keys over insecure communications channels. • In 1985, Dr. T. El Gamal published an article describing how the mathematical principles behind the DH key exchange algorithm could be extended to support an entire public key cryptosystem used for encrypting and decrypting messages. • At the time of its release, the major advantage of El Gamal over the RSA algorithm was that it was released into the public domain. Dr. El Gamal did not obtain a patent on his extension of DH, and it is freely available for use • The major disadvantage of the algorithm is that it doubles the length of any message it encrypts which is not ideal when encrypting long messages or data that will be transmitted over low bandwidth
Elliptic Curve • Also in 1985, two mathematicians, Neal Koblitz from the University of Washington and Victor Miller from IBM, independently proposed the application of elliptic curve cryptography (ECC) theory to develop secure cryptographic systems. • The mathematical concepts behind elliptic curve cryptography are quite complex and well beyond the scope of this course.
Hash Functions • Hash functions have a very simple purpose—they take a potentially long message and generate a unique output value derived from the content of the message. • This value is commonly referred to as the message digest. • Message digests can be generated by the sender of a message and transmitted to the recipient along with the full message for two reasons. i. The recipient can use the same hash function to re-compute the message digest from the full message. If the message digests do not match, that means the message was somehow modified while in transit. ii. The message digest can be used to implement a digital signature algorithm. More on digital signatures late in the topic
Hash Functions Cont. • According to RSA Security, there are five basic requirements for a cryptographic hash function: i. The input can be of any length. ii. The output has a fixed length. iii. The hash function is relatively easy to compute for any input. iv. The hash function is one-way (meaning that it is extremely hard to determine the input when provided with the output) v. The hash function is collision free (meaning that it is extremely hard to find two messages that produce the same hash value).
Common Hashing Algorithms: SHA • The Secure Hash Algorithm (SHA) and its successors, SHA-1 and SHA-2, are government standard hash functions developed by the National Institute of Standards and Technology (NIST) • SHA-1 takes an input of virtually any length and produces a 160-bit message digest. • The SHA-1 algorithm processes a message in 512-bit blocks, if the message length is not a multiple of 512, additional data is padded until the length reaches the next highest multiple of 512. • Recent cryptanalytic attacks demonstrated that there are weaknesses in the SHA-1 algorithm and led to the creation of SHA-2 • SHA-2 algorithms are considered secure, but they theoretically suffer from the same weakness as the SHA-1 algorithm
Common Hashing Algorithms: MD2 • The Message Digest 2 (MD2) hash algorithm was developed by Ronald Rivest (of RSA) in 1989 to provide a secure hash function for 8-bit processors. • MD2 pads the message so that its length is a multiple of 16 bytes. It then computes a 16-byte checksum and appends it to the end of the message. A 128-bit message digest is then generated by using the entire original message along with the appended checksum. • Cryptanalytic attacks exist against the MD2 algorithm. If the checksum is not appended to the message before digest computation, collisions may occur. • It was later proven that MD2 is not a one-way function. Therefore, it should no longer be used
Common Hashing Algorithms: MD4 • In 1990, Rivest enhanced his message digest algorithm to support 32-bit processors and increase the level of security known as MD4. • It first pads the message to ensure that the message length is 64 bits smaller than a multiple of 512 bits. • The MD4 algorithm then processes 512-bit blocks of the message in three rounds of computation. The final output is a 128-bit message digest. • There are several papers documenting flaws in the full version of MD4 as well as improperly implemented versions of MD4. • It was found that a modern PC could be used to find collisions for MD4 message digests in less than one minute. For this reason, MD4 is no longer considered to be a secure hashing algorithm, and its use should be avoided if at all possible.
Common Hashing Algorithms: MD5 • In 1991, Rivest released the next version of his message digest algorithm, which he called MD5. • It also processes 512-bit blocks of the message, but it uses four distinct rounds of computation to produce a digest of the same length as the MD2 and MD4 algorithms (128 bits). • MD5 implements additional security features that reduce the speed of message digest production significantly. • Unfortunately, recent cryptanalytic attacks demonstrated that the MD5 protocol is subject to collisions, preventing its use for ensuring message integrity. • In 2005, it was found that it is possible to create two digital certificates from different public keys that have the same MD5 hash.
Digital Signatures • Once you have chosen a cryptographically sound hashing algorithm, you can use it to implement a digital signature system. Digital signature infrastructures have two distinct goals: i. Digitally signed messages assure the recipient that the message truly came from the claimed sender. They enforce nonrepudiation ii. Digitally signed messages assure the recipient that the message was not altered while in transit between the sender and recipient. This protects against both malicious modification and unintentional modification • Digital signature algorithms rely on a combination of the two major concepts already covered in this topic—public key cryptography and hashing functions.
HMAC • The Hashed Message Authentication Code (HMAC) algorithm implements a partial digital signature—it guarantees the integrity of a message during transmission, but it does not provide for nonrepudiation. • HMAC can be combined with any standard message digest generation algorithm, such as SHA-2, by using a shared secret key. This means, only communicating parties who know the key can generate or verify the digital signature. • Because HMAC relies on a shared secret key, it does not provide any nonrepudiation functionality. However, it operates in a more efficient manner than the digital signature standard (next slide) for applications in which symmetric key cryptography is appropriate.
Digital Signature Standard • The National Institute of Standards and Technology specifies the digital signature algorithms acceptable for federal government use in Federal Information Processing Standard (FIPS) 186-4, also known as the Digital Signature Standard (DSS) which emphasizes that all federally approved digital signature algorithms must use the SHA-2 hashing functions. • DSS also specifies the encryption algorithms that can be used to support a digital signature infrastructure. There are three currently approved standard encryption algorithms: i. The Digital Signature Algorithm (DSA) ii. The Rivest, Shamir, Adleman (RSA) algorithm iii. The Elliptic Curve DSA (ECDSA)
Network Security Through Encryption • When it comes to encryption, one of the main issues that security practitioners are concerned with is the use of cryptographic algorithms to provide secure networking services. • The following slides will look at some of the providing Network Security using encryption
Circuit Encryption • Security administrators use two types of encryption techniques to protect data traveling over networks: i. Link encryption protects entire communications circuits by creating a secure tunnel between two points using either a hardware solution or a software solution that encrypts all traffic entering one end of the tunnel and decrypts all traffic entering the other end of the tunnel. ii. End-to-end encryption protects communications between two parties (for example, a client and a server) and is performed independently of link encryption. An example of end-to-end encryption would be the use of TLS (Transport Layer Security) to protect communications between a user and a web server. This protects against an intruder who might be monitoring traffic on the secure side of an encrypted link or traffic sent over an unencrypted link. • The critical difference between link and end-to-end encryption is that in link encryption, all the data, including the header, trailer, address, and routing data, is also encrypted. Therefore, each packet has to be decrypted at each hop so it can be properly routed to the next hop and then re-encrypted before it can be sent along its way, which slows the routing. End-to-end encryption does not encrypt the header, trailer, address, and routing data, so it moves faster from point to point but is more susceptible to sniffers and eavesdroppers.
IPsec • IPsec is a standard architecture set forth by the Internet Engineering Task Force (IETF) for setting up a secure channel to exchange information between two entities. • The entities communicating via IPsec could be two systems, two routers, two gateways, or any combination of entities (networks), but can also connect individual computers, such as a server and a workstation(s). • IPsec uses public key cryptography to provide encryption, access control, nonrepudiation, and message authentication, all using IP-based protocols. • The primary use of IPsec is for virtual private networks (VPNs), so IPsec can operate in either transport (only the packet payload is encrypted) or tunnel mode (the entire packet, including the header, is encrypted).
IPsec Cont. • The IP Security (IPsec) protocol provides a complete infrastructure for secured network communications. IPsec has gained widespread acceptance and is now offered in a number of commercial operating systems out of the box. IPsec relies on security associations, and there are two main components: i. The Authentication Header (AH) provides assurances of message integrity and nonrepudiation. AH also provides authentication and access control and prevents replay attacks. ii. The Encapsulating Security Payload (ESP) provides confidentiality and integrity of packet contents. It provides encryption and limited authentication and prevents replay attacks. • ESP also provides some limited authentication, but not to the degree of the AH. Though ESP is sometimes used without AH, it’s rare to see AH used without ESP.
ISAKMP • The Internet Security Association and Key Management Protocol (ISAKMP) provides background security support services for IPsec by negotiating, establishing, modifying, and deleting security associations. • There are four basic requirements for ISAKMP, as set forth in Internet RFC 2408: i. Authenticate communicating peers ii. Create and manage security associations iii. Provide key generation mechanisms iv. Protect against threats (for example, replay and denial-of-service attacks)
Wireless Networking • There are two main types of wireless security: i. Wired Equivalent Privacy (WEP) which provides 64- and 128-bit encryption options to protect communications within the wireless LAN. Cryptanalysis has conclusively demonstrated that significant flaws exist in the WEP algorithm, making it possible to completely undermine the security of a WEP protected network within seconds. ii. WiFi Protected Access (WPA) improves on WEP encryption by implementing the Temporal Key Integrity Protocol (TKIP), eliminating the cryptographic weaknesses that undermined WEP. A further improvement to the technique, dubbed WPA2, adds AES cryptography. WPA2 provides secure algorithms appropriate for use on modern wireless networks.
Cryptographic Attacks • Just like any system, there are a number of attacks to defeat cryptosystems. It is important that we understand the threats posed by various cryptographic attacks to minimize the risks posed to your systems. Below are some of the common cryptographic attacks • Analytic Attack is an algebraic manipulation that attempts to reduce the complexity of the algorithm. It focus on the logic of the algorithm itself. • Implementation Attack is a type of attack that exploits weaknesses in the implementation of a cryptography system. It focuses on exploiting the software code, not just errors and flaws but the methodology employed to program the encryption system. • Statistical Attack exploits statistical weaknesses in a cryptosystem, such as floating-point errors and inability to produce truly random numbers. Statistical attacks attempt to find a vulnerability in the hardware or operating system hosting the cryptography application.
Cryptographic Attacks Cont. • Brute Force attacks are quite straightforward. Such an attack attempts every possible valid combination for a key or password. They involve using massive amounts of processing power to methodically guess the key used to secure cryptographic communications. • Frequency Analysis and the Ciphertext Only Attack In many cases, the only information you have at your disposal is the encrypted ciphertext message, a scenario known as the ciphertext only attack. In this case, one technique that proves helpful against simple ciphers is frequency analysis— counting the number of times each letter appears in the ciphertext. • Known Plaintext here, the attacker has a copy of the encrypted message along with the plaintext message used to generate the ciphertext (the copy). This knowledge greatly assists the attacker in breaking weaker codes.
Cryptographic Attacks Cont. • Chosen Ciphertext the attacker has the ability to decrypt chosen portions of the ciphertext message and use the decrypted portion of the message to discover the key. • Chosen Plaintext the attacker has the ability to encrypt plaintext messages of their choosing and can then analyze the ciphertext output of the encryption algorithm. • Meet in the Middle the attacker uses a known plaintext message. The plain text is then encrypted using every possible key (k1), and the equivalent ciphertext is decrypted using all possible keys (k2). When a match is found, the corresponding pair (k1, k2) represents both portions of the double encryption.
Cryptographic Attacks Cont. • Man in the Middle a malicious individual sits between two communicating parties and intercepts all communications (including the setup of the cryptographic session). The attacker responds to the originator’s initialization requests and sets up a secure session with the originator. The attacker then establishes a second secure session with the intended recipient using a different key and posing as the originator. The attacker can then “sit in the middle” of the communication and read all traffic as it passes between the two parties. • Birthday is also known as a collision attack or reverse hash matching. It seeks to find flaws in the one-to-one nature of hashing functions. In this attack, the malicious individual seeks to substitute in a digitally signed communication a different message that produces the same message digest, thereby maintaining the validity of the original digital signature.
Cryptographic Attacks Cont. • Replay The replay attack is used against cryptographic algorithms that don’t incorporate temporal protections. In this attack, the malicious individual intercepts an encrypted message between two parties (often a request for authentication) and then later “replays” the captured message to open a new session. This attack can be defeated by incorporating a time stamp and expiration period into each message.
The End

More Related Content

ODP
CISSP Week 20
jemtallon
 
PPTX
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
ssuserd5e356
 
PPT
Lesson 1
MLG College of Learning, Inc
 
PPTX
Encryption algorithms
trilokchandra prakash
 
DOC
Encryption
Vijay Kumar
 
PPTX
Hash Function
Siddharth Srivastava
 
PDF
2. public key cryptography and RSA
Dr.Florence Dayana
 
PPTX
big data and Iot , its security part ,hoe yoy help this
warriorshanta
 
CISSP Week 20
jemtallon
 
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
ssuserd5e356
 
Lesson 1
MLG College of Learning, Inc
 
Encryption algorithms
trilokchandra prakash
 
Encryption
Vijay Kumar
 
Hash Function
Siddharth Srivastava
 
2. public key cryptography and RSA
Dr.Florence Dayana
 
big data and Iot , its security part ,hoe yoy help this
warriorshanta
 

Similar to IS413 Topic 5.pptx (20)

PDF
Basic Cryptography.pdf
Setiya Nugroho
 
PPTX
Information and network security 31 public key cryptography
Vaibhav Khanna
 
PPTX
Unit III Public Key Crypto Systems.pptx
SayeeKumarMadhesh
 
PDF
Security
Sri Manakula Vinayagar Engineering College
 
PPTX
Cryptography
Muhammad Shoaib Saleem
 
PDF
CH2 Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [54-...
ams1ams11
 
PDF
Encryption pres
MereySovet
 
PPTX
Ch02 NetSec5e Network Security Essential Chapter 2.pptx
ridozulfahmi1
 
PDF
Cryptology - The practice and study of hiding information
Bitcoin Association of Australia
 
PPTX
cryptography and network security cns.pptx
gkumar610
 
PPTX
Cryptography and Network Security
Pa Van Tanku
 
PPT
security issue
JAINIK PATEL
 
PPTX
All details of cryptography and all the topics of cryptography was explained
khitishKumarSahoo1
 
DOCX
network and cyber security
Shruthi Reddy
 
PPTX
multiple encryption in clouud computing
Rauf Wani
 
PDF
Implementation of aes and blowfish algorithm
eSAT Publishing House
 
PPTX
Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...
zachdwg
 
PPT
Message authentication and hash function
omarShiekh1
 
PPT
Cryptography Lecture by Sam Bowne
SecurityTube.Net
 
PDF
Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...
editor1knowledgecuddle
 
Basic Cryptography.pdf
Setiya Nugroho
 
Information and network security 31 public key cryptography
Vaibhav Khanna
 
Unit III Public Key Crypto Systems.pptx
SayeeKumarMadhesh
 
Security
Sri Manakula Vinayagar Engineering College
 
Cryptography
Muhammad Shoaib Saleem
 
CH2 Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [54-...
ams1ams11
 
Encryption pres
MereySovet
 
Ch02 NetSec5e Network Security Essential Chapter 2.pptx
ridozulfahmi1
 
Cryptology - The practice and study of hiding information
Bitcoin Association of Australia
 
cryptography and network security cns.pptx
gkumar610
 
Cryptography and Network Security
Pa Van Tanku
 
security issue
JAINIK PATEL
 
All details of cryptography and all the topics of cryptography was explained
khitishKumarSahoo1
 
network and cyber security
Shruthi Reddy
 
multiple encryption in clouud computing
Rauf Wani
 
Implementation of aes and blowfish algorithm
eSAT Publishing House
 
Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...
zachdwg
 
Message authentication and hash function
omarShiekh1
 
Cryptography Lecture by Sam Bowne
SecurityTube.Net
 
Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...
editor1knowledgecuddle
 
Ad

Recently uploaded (20)

PPTX
Final Presentation General Medicine 03-08-2024.pptx
ZaheerAhmad228692
 
PPTX
Introduction-to-Literarature-and-Literary-Studies-week-Prelim-coverage.pptx
EricaRamos80
 
PDF
Paper A Mock Exam 9_ Attempt review.pdf.
SameeraNaveed2
 
PDF
Complications of Minimal Access Surgery at WLH
mohitsuren827
 
PDF
Trump Administration's workforce development strategy
Mebane Rash
 
PDF
Hazard Identification & Risk Assessment .pdf
estagiarioprotegesms
 
PPTX
UNIT III MENTAL HEALTH NURSING ASSESSMENT
Sonali Gupta
 
PPTX
1st Inaugural Professorial Lecture held on 19th February 2020 (Governance and...
kawisojames10
 
PDF
SOIL: Factor, Horizon, Process, Classification, Degradation, Conservation
Sipra Biswas
 
PPTX
UV-Visible spectroscopy..pptx UV-Visible Spectroscopy – Electronic Transition...
Samruddhi Khonde
 
PDF
ChatGPT for Dummies - Pam Baker Ccesa007.pdf
Demetrio Ccesa Rayme
 
PPTX
Cell Types and Its function , kingdom of life
ClaireMangundayao1
 
PPTX
Onco Emergencies - Spinal cord compression Superior vena cava syndrome Febr...
Medpopz
 
PPTX
Orientation - ARALprogram of Deped to the Parents.pptx
JeromeTamayoSantiago1
 
PDF
IGGE1 Understanding the Self1234567891011
rhea22labucay
 
PDF
Supply Chain Operations Speaking Notes -ICLT Program
labyankof
 
PDF
A systematic review of self-coping strategies used by university students to ...
CleeveMoralde1
 
PPTX
Digestion and Absorption of Carbohydrates, Proteina and Fats
rekhapositivity
 
PDF
Weekly quiz Compilation Jan -July 25.pdf
Nitin Suresh
 
PPTX
Introduction to Building Materials
Mrunali Vasava
 
Final Presentation General Medicine 03-08-2024.pptx
ZaheerAhmad228692
 
Introduction-to-Literarature-and-Literary-Studies-week-Prelim-coverage.pptx
EricaRamos80
 
Paper A Mock Exam 9_ Attempt review.pdf.
SameeraNaveed2
 
Complications of Minimal Access Surgery at WLH
mohitsuren827
 
Trump Administration's workforce development strategy
Mebane Rash
 
Hazard Identification & Risk Assessment .pdf
estagiarioprotegesms
 
UNIT III MENTAL HEALTH NURSING ASSESSMENT
Sonali Gupta
 
1st Inaugural Professorial Lecture held on 19th February 2020 (Governance and...
kawisojames10
 
SOIL: Factor, Horizon, Process, Classification, Degradation, Conservation
Sipra Biswas
 
UV-Visible spectroscopy..pptx UV-Visible Spectroscopy – Electronic Transition...
Samruddhi Khonde
 
ChatGPT for Dummies - Pam Baker Ccesa007.pdf
Demetrio Ccesa Rayme
 
Cell Types and Its function , kingdom of life
ClaireMangundayao1
 
Onco Emergencies - Spinal cord compression Superior vena cava syndrome Febr...
Medpopz
 
Orientation - ARALprogram of Deped to the Parents.pptx
JeromeTamayoSantiago1
 
IGGE1 Understanding the Self1234567891011
rhea22labucay
 
Supply Chain Operations Speaking Notes -ICLT Program
labyankof
 
A systematic review of self-coping strategies used by university students to ...
CleeveMoralde1
 
Digestion and Absorption of Carbohydrates, Proteina and Fats
rekhapositivity
 
Weekly quiz Compilation Jan -July 25.pdf
Nitin Suresh
 
Introduction to Building Materials
Mrunali Vasava
 
Ad

IS413 Topic 5.pptx

  • 1. IS413 Topic 5 ~ Public Key Encryption Warren Phiri
  • 2. Introduction • Asymmetric key algorithms, also known as public key algorithms, provide a solution to the weaknesses of symmetric key encryption. • In these systems, each user has two keys: a public key, which is shared with all users, and a private key, which is kept secret and known only to the user. • But here’s a twist: opposite and related keys must be used in tandem to encrypt and decrypt. In other words, if the public key encrypts a message, then only the corresponding private key can decrypt it, and vice versa.
  • 3. Public and Private Keys • Public key cryptosystems rely on pairs of keys assigned to each user of the cryptosystem. • Every user maintains both a public key and a private key. As the names imply, public key cryptosystem users make their public keys freely available to anyone with whom they want to communicate. • The mere possession of the public key by third parties does not introduce any weaknesses into the cryptosystem. • The private key, on the other hand, is reserved for the sole use of the individual who owns the keys. • It is never shared with any other cryptosystem user.
  • 4. Public and Private Keys Cont. • Once the sender encrypts the message with the recipient’s public key, no user (including the sender) can decrypt that message without knowing the recipient’s private key (the second half of the public-private key pair used to generate the message). • This is the beauty of public key cryptography—public keys can be freely shared using unsecured communications and then used to create secure communications channels between users previously unknown to each other. • Public key cryptography entails a higher degree of computational complexity. • Keys used within public key systems must be longer than those used in private key systems to produce cryptosystems of equivalent strengths. • The following slides discuss the different public key cryptosystems
  • 5. RSA • The most famous public key cryptosystem is named after its creators. • In 1977, Ronald Rivest, Adi Shamir, and Leonard Adleman proposed the RSA public key algorithm that remains a worldwide standard today. • The RSA algorithm depends on the computational difficulty inherent in factoring large prime numbers. • Each user of the cryptosystem generates a pair of public and private keys using the algorithm (refer to text for a detailed example)
  • 6. El Gamal • In the last topic (4), we looked at how the Diffie-Hellman (DH) algorithm uses large integers and modular arithmetic to facilitate the secure exchange of secret keys over insecure communications channels. • In 1985, Dr. T. El Gamal published an article describing how the mathematical principles behind the DH key exchange algorithm could be extended to support an entire public key cryptosystem used for encrypting and decrypting messages. • At the time of its release, the major advantage of El Gamal over the RSA algorithm was that it was released into the public domain. Dr. El Gamal did not obtain a patent on his extension of DH, and it is freely available for use • The major disadvantage of the algorithm is that it doubles the length of any message it encrypts which is not ideal when encrypting long messages or data that will be transmitted over low bandwidth
  • 7. Elliptic Curve • Also in 1985, two mathematicians, Neal Koblitz from the University of Washington and Victor Miller from IBM, independently proposed the application of elliptic curve cryptography (ECC) theory to develop secure cryptographic systems. • The mathematical concepts behind elliptic curve cryptography are quite complex and well beyond the scope of this course.
  • 8. Hash Functions • Hash functions have a very simple purpose—they take a potentially long message and generate a unique output value derived from the content of the message. • This value is commonly referred to as the message digest. • Message digests can be generated by the sender of a message and transmitted to the recipient along with the full message for two reasons. i. The recipient can use the same hash function to re-compute the message digest from the full message. If the message digests do not match, that means the message was somehow modified while in transit. ii. The message digest can be used to implement a digital signature algorithm. More on digital signatures late in the topic
  • 9. Hash Functions Cont. • According to RSA Security, there are five basic requirements for a cryptographic hash function: i. The input can be of any length. ii. The output has a fixed length. iii. The hash function is relatively easy to compute for any input. iv. The hash function is one-way (meaning that it is extremely hard to determine the input when provided with the output) v. The hash function is collision free (meaning that it is extremely hard to find two messages that produce the same hash value).
  • 10. Common Hashing Algorithms: SHA • The Secure Hash Algorithm (SHA) and its successors, SHA-1 and SHA-2, are government standard hash functions developed by the National Institute of Standards and Technology (NIST) • SHA-1 takes an input of virtually any length and produces a 160-bit message digest. • The SHA-1 algorithm processes a message in 512-bit blocks, if the message length is not a multiple of 512, additional data is padded until the length reaches the next highest multiple of 512. • Recent cryptanalytic attacks demonstrated that there are weaknesses in the SHA-1 algorithm and led to the creation of SHA-2 • SHA-2 algorithms are considered secure, but they theoretically suffer from the same weakness as the SHA-1 algorithm
  • 11. Common Hashing Algorithms: MD2 • The Message Digest 2 (MD2) hash algorithm was developed by Ronald Rivest (of RSA) in 1989 to provide a secure hash function for 8-bit processors. • MD2 pads the message so that its length is a multiple of 16 bytes. It then computes a 16-byte checksum and appends it to the end of the message. A 128-bit message digest is then generated by using the entire original message along with the appended checksum. • Cryptanalytic attacks exist against the MD2 algorithm. If the checksum is not appended to the message before digest computation, collisions may occur. • It was later proven that MD2 is not a one-way function. Therefore, it should no longer be used
  • 12. Common Hashing Algorithms: MD4 • In 1990, Rivest enhanced his message digest algorithm to support 32-bit processors and increase the level of security known as MD4. • It first pads the message to ensure that the message length is 64 bits smaller than a multiple of 512 bits. • The MD4 algorithm then processes 512-bit blocks of the message in three rounds of computation. The final output is a 128-bit message digest. • There are several papers documenting flaws in the full version of MD4 as well as improperly implemented versions of MD4. • It was found that a modern PC could be used to find collisions for MD4 message digests in less than one minute. For this reason, MD4 is no longer considered to be a secure hashing algorithm, and its use should be avoided if at all possible.
  • 13. Common Hashing Algorithms: MD5 • In 1991, Rivest released the next version of his message digest algorithm, which he called MD5. • It also processes 512-bit blocks of the message, but it uses four distinct rounds of computation to produce a digest of the same length as the MD2 and MD4 algorithms (128 bits). • MD5 implements additional security features that reduce the speed of message digest production significantly. • Unfortunately, recent cryptanalytic attacks demonstrated that the MD5 protocol is subject to collisions, preventing its use for ensuring message integrity. • In 2005, it was found that it is possible to create two digital certificates from different public keys that have the same MD5 hash.
  • 14. Digital Signatures • Once you have chosen a cryptographically sound hashing algorithm, you can use it to implement a digital signature system. Digital signature infrastructures have two distinct goals: i. Digitally signed messages assure the recipient that the message truly came from the claimed sender. They enforce nonrepudiation ii. Digitally signed messages assure the recipient that the message was not altered while in transit between the sender and recipient. This protects against both malicious modification and unintentional modification • Digital signature algorithms rely on a combination of the two major concepts already covered in this topic—public key cryptography and hashing functions.
  • 15. HMAC • The Hashed Message Authentication Code (HMAC) algorithm implements a partial digital signature—it guarantees the integrity of a message during transmission, but it does not provide for nonrepudiation. • HMAC can be combined with any standard message digest generation algorithm, such as SHA-2, by using a shared secret key. This means, only communicating parties who know the key can generate or verify the digital signature. • Because HMAC relies on a shared secret key, it does not provide any nonrepudiation functionality. However, it operates in a more efficient manner than the digital signature standard (next slide) for applications in which symmetric key cryptography is appropriate.
  • 16. Digital Signature Standard • The National Institute of Standards and Technology specifies the digital signature algorithms acceptable for federal government use in Federal Information Processing Standard (FIPS) 186-4, also known as the Digital Signature Standard (DSS) which emphasizes that all federally approved digital signature algorithms must use the SHA-2 hashing functions. • DSS also specifies the encryption algorithms that can be used to support a digital signature infrastructure. There are three currently approved standard encryption algorithms: i. The Digital Signature Algorithm (DSA) ii. The Rivest, Shamir, Adleman (RSA) algorithm iii. The Elliptic Curve DSA (ECDSA)
  • 17. Network Security Through Encryption • When it comes to encryption, one of the main issues that security practitioners are concerned with is the use of cryptographic algorithms to provide secure networking services. • The following slides will look at some of the providing Network Security using encryption
  • 18. Circuit Encryption • Security administrators use two types of encryption techniques to protect data traveling over networks: i. Link encryption protects entire communications circuits by creating a secure tunnel between two points using either a hardware solution or a software solution that encrypts all traffic entering one end of the tunnel and decrypts all traffic entering the other end of the tunnel. ii. End-to-end encryption protects communications between two parties (for example, a client and a server) and is performed independently of link encryption. An example of end-to-end encryption would be the use of TLS (Transport Layer Security) to protect communications between a user and a web server. This protects against an intruder who might be monitoring traffic on the secure side of an encrypted link or traffic sent over an unencrypted link. • The critical difference between link and end-to-end encryption is that in link encryption, all the data, including the header, trailer, address, and routing data, is also encrypted. Therefore, each packet has to be decrypted at each hop so it can be properly routed to the next hop and then re-encrypted before it can be sent along its way, which slows the routing. End-to-end encryption does not encrypt the header, trailer, address, and routing data, so it moves faster from point to point but is more susceptible to sniffers and eavesdroppers.
  • 19. IPsec • IPsec is a standard architecture set forth by the Internet Engineering Task Force (IETF) for setting up a secure channel to exchange information between two entities. • The entities communicating via IPsec could be two systems, two routers, two gateways, or any combination of entities (networks), but can also connect individual computers, such as a server and a workstation(s). • IPsec uses public key cryptography to provide encryption, access control, nonrepudiation, and message authentication, all using IP-based protocols. • The primary use of IPsec is for virtual private networks (VPNs), so IPsec can operate in either transport (only the packet payload is encrypted) or tunnel mode (the entire packet, including the header, is encrypted).
  • 20. IPsec Cont. • The IP Security (IPsec) protocol provides a complete infrastructure for secured network communications. IPsec has gained widespread acceptance and is now offered in a number of commercial operating systems out of the box. IPsec relies on security associations, and there are two main components: i. The Authentication Header (AH) provides assurances of message integrity and nonrepudiation. AH also provides authentication and access control and prevents replay attacks. ii. The Encapsulating Security Payload (ESP) provides confidentiality and integrity of packet contents. It provides encryption and limited authentication and prevents replay attacks. • ESP also provides some limited authentication, but not to the degree of the AH. Though ESP is sometimes used without AH, it’s rare to see AH used without ESP.
  • 21. ISAKMP • The Internet Security Association and Key Management Protocol (ISAKMP) provides background security support services for IPsec by negotiating, establishing, modifying, and deleting security associations. • There are four basic requirements for ISAKMP, as set forth in Internet RFC 2408: i. Authenticate communicating peers ii. Create and manage security associations iii. Provide key generation mechanisms iv. Protect against threats (for example, replay and denial-of-service attacks)
  • 22. Wireless Networking • There are two main types of wireless security: i. Wired Equivalent Privacy (WEP) which provides 64- and 128-bit encryption options to protect communications within the wireless LAN. Cryptanalysis has conclusively demonstrated that significant flaws exist in the WEP algorithm, making it possible to completely undermine the security of a WEP protected network within seconds. ii. WiFi Protected Access (WPA) improves on WEP encryption by implementing the Temporal Key Integrity Protocol (TKIP), eliminating the cryptographic weaknesses that undermined WEP. A further improvement to the technique, dubbed WPA2, adds AES cryptography. WPA2 provides secure algorithms appropriate for use on modern wireless networks.
  • 23. Cryptographic Attacks • Just like any system, there are a number of attacks to defeat cryptosystems. It is important that we understand the threats posed by various cryptographic attacks to minimize the risks posed to your systems. Below are some of the common cryptographic attacks • Analytic Attack is an algebraic manipulation that attempts to reduce the complexity of the algorithm. It focus on the logic of the algorithm itself. • Implementation Attack is a type of attack that exploits weaknesses in the implementation of a cryptography system. It focuses on exploiting the software code, not just errors and flaws but the methodology employed to program the encryption system. • Statistical Attack exploits statistical weaknesses in a cryptosystem, such as floating-point errors and inability to produce truly random numbers. Statistical attacks attempt to find a vulnerability in the hardware or operating system hosting the cryptography application.
  • 24. Cryptographic Attacks Cont. • Brute Force attacks are quite straightforward. Such an attack attempts every possible valid combination for a key or password. They involve using massive amounts of processing power to methodically guess the key used to secure cryptographic communications. • Frequency Analysis and the Ciphertext Only Attack In many cases, the only information you have at your disposal is the encrypted ciphertext message, a scenario known as the ciphertext only attack. In this case, one technique that proves helpful against simple ciphers is frequency analysis— counting the number of times each letter appears in the ciphertext. • Known Plaintext here, the attacker has a copy of the encrypted message along with the plaintext message used to generate the ciphertext (the copy). This knowledge greatly assists the attacker in breaking weaker codes.
  • 25. Cryptographic Attacks Cont. • Chosen Ciphertext the attacker has the ability to decrypt chosen portions of the ciphertext message and use the decrypted portion of the message to discover the key. • Chosen Plaintext the attacker has the ability to encrypt plaintext messages of their choosing and can then analyze the ciphertext output of the encryption algorithm. • Meet in the Middle the attacker uses a known plaintext message. The plain text is then encrypted using every possible key (k1), and the equivalent ciphertext is decrypted using all possible keys (k2). When a match is found, the corresponding pair (k1, k2) represents both portions of the double encryption.
  • 26. Cryptographic Attacks Cont. • Man in the Middle a malicious individual sits between two communicating parties and intercepts all communications (including the setup of the cryptographic session). The attacker responds to the originator’s initialization requests and sets up a secure session with the originator. The attacker then establishes a second secure session with the intended recipient using a different key and posing as the originator. The attacker can then “sit in the middle” of the communication and read all traffic as it passes between the two parties. • Birthday is also known as a collision attack or reverse hash matching. It seeks to find flaws in the one-to-one nature of hashing functions. In this attack, the malicious individual seeks to substitute in a digitally signed communication a different message that produces the same message digest, thereby maintaining the validity of the original digital signature.
  • 27. Cryptographic Attacks Cont. • Replay The replay attack is used against cryptographic algorithms that don’t incorporate temporal protections. In this attack, the malicious individual intercepts an encrypted message between two parties (often a request for authentication) and then later “replays” the captured message to open a new session. This attack can be defeated by incorporating a time stamp and expiration period into each message.