To authenticate each other, users have to
obtain the certificate of the CA and their own
certificate. These steps require the out-of-band
verification of the processes.
Public-key systems use asymmetric keys whe
one is public and the other one is private.
Key management is simplified because two
users can freely exchange the certificates. The
validity of the received certificates is verified
using the public key of the CA, which the users
have in their possession.
Because of the strength of the algorithms,
administrators can set a very long lifetime for
the certificates.
104 trang |
Chia sẻ: nguyenlam99 | Lượt xem: 1013 | Lượt tải: 0
Bạn đang xem trước 20 trang tài liệu Quản trị mạng - Chapter 7: Cryptographic systems, để xem tài liệu hoàn chỉnh bạn click vào nút DOWNLOAD ở trên
Chapter 7-
Cryptographic Systems
CCNA Security
Major Concepts
• Describe how the types of encryption, hashes, and
digital signatures work together to provide confidentiality,
integrity, and authentication
• Describe the mechanisms to ensure data integrity and
authentication
• Describe the mechanisms used to ensure data
confidentiality
• Describe the mechanisms used to ensure data
confidentiality and authentication using a public key
Học viện mạng Bach Khoa - Website: www.bkacad.com
Lesson Objectives
Upon completion of this lesson, the successful participant will
be able to:
1. Describe the requirements of secure communications including
integrity, authentication, and confidentiality
2. Describe cryptography and provide an example
3. Describe cryptanalysis and provide an example
4. Describe the importance and functions of cryptographic hashes
5. Describe the features and functions of the MD5 algorithm and of the
SHA-1 algorithm
6. Explain how we can ensure authenticity using HMAC
7. Describe the components of key management
Học viện mạng Bach Khoa - Website: www.bkacad.com
Lesson Objectives
8. Describe how encryption algorithms provide confidentiality
9. Describe the function of the DES algorithms
10. Describe the function of the 3DES algorithm
11. Describe the function of the AES algorithm
12. Describe the function of the Software Encrypted Algorithm
(SEAL) and the Rivest ciphers (RC) algorithm
13. Describe the function of the DH algorithm and its supporting role
to DES, 3DES, and AES
14. Explain the differences and their intended applications
15. Explain the functionality of digital signatures
16. Describe the function of the RSA algorithm
17. Describe the principles behind a public key infrastructure (PKI)
Học viện mạng Bach Khoa - Website: www.bkacad.com
Lesson Objectives
18. Describe the various PKI standards
19. Describe the role of CAs and the digital certificates that they
issue in a PKI
20. Describe the characteristics of digital certificates and CAs
Học viện mạng Bach Khoa - Website: www.bkacad.com
Secure Communications
CSARefer to 7.1.1.1
• The first goal for network administrators is to secure the network
infrastructure, including routers, switches, servers, and hosts .
• The next goal is to secure the data as it travels across various links
Học viện mạng Bach Khoa - Website: www.bkacad.com
Secure Communications
Secure communications involves a few primary
tasks:
1. Authentication - Guarantees that the message is not a
forgery and does actually come from who it states it
comes from.
2. Integrity - Similar to a checksum function in a frame,
guarantees that no one intercepted the message and
altered it.
3. Confidentiality - Guarantees that if the message is
captured, it cannot be deciphered.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Authentication
• Authentication guarantees that a
message comes from the
source that it claims to come
from.
• Authentication can be
accomplished with
cryptographic methods.
• Authentication is similar to
entering a secure personal
information number (PIN) for
banking at an ATM
• The PIN is a shared secret
between a bank account holder
and the financial institution.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Refer to 7.1.1.2
Authentication
•What is the nonrepudiation ?
Học viện mạng Bach Khoa - Website: www.bkacad.com
Non-repudiation
•
/index.jsp?topic=/com.ibm.mq.csqzas.doc/sy10280_
.htm
• If the sender of a message ever denies sending it,
the non-repudiation service with proof of origin can
provide the receiver with undeniable evidence that
the message was sent by that particular individual.
• If the receiver of a message ever denies receiving it,
the non-repudiation service with proof of
delivery can provide the sender with undeniable
evidence that the message was received by that
particular individual.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Authenticity versus nonrepudiation
• Data nonrepudiation is a similar service that allows the sender of a
message to be uniquely identified.
• The most important part of nonrepudiation is that a device cannot
repudiate, or refute, the validity of a message sent.
• Nonrepudiation relies on the fact that only the sender has the unique
characteristics or signature for how that message is treated.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Integrity
• Data integrity ensures that messages are not altered in transit.
• The receiver can verify that the received message is identical to the
sent message and that no manipulation occurred.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Confidentiality
Refer to 7.1.1.4
• Data confidentiality ensures privacy so that only the receiver can
read the message. Encryption is the process of scrambling data so
that it cannot be read by unauthorized parties.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Confidentiality
• When enabling encryption, readable data is called plaintext, or
cleartext, while the encrypted version is called ciphertext.
• A key is required to encrypt and decrypt a message. The key is the
link between the plaintext and ciphertext.
• Using a hash function is another way to ensure data confidentiality.
•What is the difference between
hasing and encryption ?
• The purpose of encryption and hashing is to guarantee confidentiality
so that only authorized entities can read the message.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Cryptography
• Cryptographic services are the foundation for many security
implementations and are used to ensure the protection of data when
that data might be exposed to untrusted parties.
• Authentication, integrity, and confidentiality are components of
cryptography.
• The history of cryptography starts in diplomatic circles thousands of
years ago.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Cipher
• Each of these encryption methods use a specific
algorithm, called a cipher, to encrypt and decrypt
messages.
• A cipher is a series of well-defined steps that can be
followed as a procedure when encrypting and decrypting
messages.
• There are several methods of creating cipher text:
1. Transposition
2. Substitution
3. Vernam
Học viện mạng Bach Khoa - Website: www.bkacad.com
Transposition Ciphers
• In transposition ciphers, no letters are replaced; they are simply
rearranged.
• Modern encryption algorithms, such as the Data Encryption Standard
(DES) and the Triple Data Encryption Standard (3DES), still use
transposition as part of the algorithm.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Substitution Ciphers
• Substitution ciphers substitute one letter for another. In their simplest
form, substitution ciphers retain the letter frequency of the original
message.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Substitution Ciphers: Caesar Cipher
The clear text message would be
encoded using a key of 3.
1
FLANK EAST
ATTACK AT DAWN
Shift the top scroll
over by three 2
Clear text
Cipherered text
3
IODQN HDVW
DWWDFN DW GDZQ
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z characters (key of
3), an A becomes
D, B becomes E,
and so on.
The clear text message would be
encrypted as follows using a key of
3.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Cipher Wheel
The clear text message would be
encoded using a key of 3.
1
FLANK EAST
ATTACK AT DAWN
Shifting the inner wheel by 3, then the 2
Clear text
Cipherered text
3
IODQN HDVW
DWWDFN DW GDZQ
A becomes D, B becomes E, and so
on.
The clear text message would appear
as follows using a key of 3.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Vigenѐre Table
a b c d e f g h i j k l m n o p q r s t u v w x y z
A a b c d e f g h i j k l m n o p q r s t u v w x y z
B b c d e f g h i j k l m n o p q r s t u v w x y z a
C c d e f g h i j k l m n o p q r s t u v w x y z a b
D d e f g h i j k l m n o p q r s t u v w x y z a b c
E e f g h i j k l m n o p q r s t u v w x y z a b c d
F f g h i j k l m n o p q r s t u v w x y z a b c d e
G g h i j k l m n o p q r s t u v w x y z a b c d e f
H h i j k l m n o p q r s t u v w x y z a b c d e f g
I i j k l m n o p q r s t u v w x y z a b c d e f g h
J j k l m n o p q r s t u v w x y z a b c d e f g h i
Refer to 7.1.2.3
K k l m n o p q r s t u v w x y z a b c d e f g h i j
L l m n o p q r s t u v w x y z a b c d e f g h i j k
M m n o p q r s t u v w x y z a b c d e f g h i j k l
N n o p q r s t u v w x y z a b c d e f g h i j k l m
O o p q r s t u v w x y z a b c d e f g h i j k l m n
P p q r s t u v w x y z a b c d e f g h i j k l m n o
Q q r s t u v w x y z a b c d e f g h i j k l m n o p
R r s t u v w x y z a b c d e f g h i j k l m n o p q
S s t u v w x y z a b c d e f g h i j k l m n o p q r
T t u v w x y z a b c d e f g h i j k l m n o p q r s
U u v w x y z a b c d e f g h i j k l m n o p q r s t
V v w x y z a b c d e f g h i j k l m n o p q r s t u
W w x y z a b c d e f g h i j k l m n o p q r s t u v
X x y z a b c d e f g h i j k l m n o p q r s t u v w
Y y z a b c d e f g h i j k l m n o p q r s t u v w x
Z z a b c d e f g h i j k l m n o p q r s t u v w x y
Học viện mạng Bach Khoa - Website: www.bkacad.com
Stream Ciphers- teletype cipher
•Invented by the Norwegian Army Signal
Corps in 1950, the ETCRRM machine
uses the Vernam stream cipher method.
•It was used by the US and Russian
governments to exchange information.
•Plain text message is eXclusively OR'ed
with a key tape containing a random
stream of data of the same length to
generate the ciphertext.
•Once a message was enciphered the
key tape was destroyed.
•At the receiving end, the process was
reversed using an identical key tape to
decode the message.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Defining Cryptanalysis
Allies decipher secret
NAZI encryption code!
Cryptanalysis is from the Greek words kryptós (hidden), and
analýein (to loosen or to untie). It is the practice and the study of
determining the meaning of encrypted information (cracking the
code), without access to the shared secret key.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Cryptanalysis Methods
Known Ciphertext
•Brute Force Attack Recently, a DES cracking machine
was used to recover a 56-bit DES
key in 22 hours using brute force. It
is estimated that on the same
equipment it would take 149 trillion
years to crack Advanced Encryption
Refer to 7.1.3.2
With a Brute Force attack, the attacker has some portion of ciphertext.
The attacker attempts to unencrypt the ciphertext with all possible keys.
Successfully
Unencrypted
Key found
Học viện mạng Bach Khoa - Website: www.bkacad.com
Standard (AES) using the same
method.
• Ciphertext-Only Attack
– In a ciphertext-only attack, the attacker has the
ciphertext of several messages, all of which have been
encrypted using the same encryption algorithm, but the
attacker has no knowledge of the underlying plaintext.
– The job of the attacker is to recover the ciphertext of as
Cryptanalysis Methods
many messages as possible.
• Known-Plaintext Attack
– In a known-plaintext attack, the attacker has access to
the ciphertext of several messages, but also knows
something about the plaintext underlying that ciphertext.
Học viện mạng Bach Khoa - Website: www.bkacad.com
• Chosen-Plaintext Attack
– The attacker chooses which data the encryption device encrypts
and observes the ciphertext output.
– A chosen-plaintext attack is more powerful than a known-plaintext
attack because the chosen plaintext might yield more information
about the key.
– This attack is not very practical
Cryptanalysis Methods
• Chosen-Ciphertext Attack
– The attacker can choose different ciphertext to be decrypted and
has access to the decrypted plaintext.
– With the pair, the attacker can search through the keyspace and
determine which key decrypts the chosen ciphertext in the captured
plaintext.
– Like the chosen-plaintext attack, this attack is not very practical.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Meet-in-the-Middle Attack
Known Ciphertext Known Plaintext
Use every possible decryption
key until a result is found
matching the corresponding
plaintext.
Use every possible
encryption key until a result
is found matching the
corresponding ciphertext.
With a Meet-in-the-Middle attack, the attacker has some portion of text in
both plaintext and ciphertext. The attacker attempts to unencrypt the
ciphertext with all possible keys while at the same time encrypt the plaintext
with another set of possible keys until one match is found.
MATCH of
Ciphertext!
Key found
Học viện mạng Bach Khoa - Website: www.bkacad.com
Choosing a Cryptanalysis Method
1
The graph outlines the
frequency of letters in the
English language.
For example, the letters E, T
and A are the most popular.
Cipherered text
2
IODQN HDVW
DWWDFN DW GDZQ
There are 6 occurrences of the cipher letter D
and 4 occurrences of the cipher letter W.
Replace the cipher letter D first with popular
clear text letters including E, T, and finally A.
Trying A would reveal the shift pattern of 3.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Refer to 7.1.3.4
Defining Cryptology
Cryptology
+
Cryptography Cryptanalysis
Cryptology is the science of making and breaking secret codes.
Cryptology combines the two separate disciplines of cryptography,
which is the development and use of codes, and cryptanalysis,
which is the breaking of those codes..
Học viện mạng Bach Khoa - Website: www.bkacad.com
Cryptanalysis
• Cryptanalysis is often used by governments in military and diplomatic
surveillance, by enterprises in testing the strength of security
procedures, and by malicious hackers in exploiting weaknesses in
websites
Học viện mạng Bach Khoa - Website: www.bkacad.com
Cryptographic Hashes, Protocols, and Algorithm Examples
Integrity Authentication Confidentiality
MD5
SHA
HMAC-MD5
HMAC-SHA-1
RSA and DSA
DES
3DES
AES
SEAL
RC (RC2, RC4, RC5, and RC6)
NIST Rivest
HASH HASH w/Key
Encryption
• In the world of communications and networking, authentication, integrity, and
data confidentiality are implemented in many ways using various protocols
and algorithms. The choice of protocol and algorithm varies based on the level
of security required to meet the goals in the network security policy.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Hashing Basics
• A hash function takes binary data, called
the message, and produces a condensed
representation, called the message
digest.
• Hashes are used for integrity assurance.
• Hashes are based on
one-way functions.
• The hash function hashes arbitrary data
into a fixed-length digest known as the
hash value, message digest, digest, or
fingerprint.
• Is applied in situations:
– Symmetric secret authentication key
– CHAP
– Public key infrastructure certificates
Học viện mạng Bach Khoa - Website: www.bkacad.com
Hashing Properties
A cryptographic hash function
should have the following
properties:
• The input can be any length.
• The output has a fixed length.
• H(x) is relatively easy to
compute for any given x.
• H(x) is one way and not
reversible.
• H(x) is collision free, meaning
that two different input values
will result in different hash
results.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Hashing in Action
• Well-known hash
functions
– MD5 with 128-bit
hashes
– SHA-1 with 160-bit
hashes
Học viện mạng Bach Khoa - Website: www.bkacad.com
•Hash functions are helpful when ensuring data is not changed accidentally, but they cannot
ensure that data is not changed deliberately.
•Hashing only prevents the message from being changed accidentally, such as by a
communication error. There is nothing unique to the sender in the hashing procedure.
MD5
• MD5 is a ubiquitous hashing
algorithm
• Hashing properties
– One-way function—easy to
compute hash and infeasible to MD5
compute data given a hash
– Complex sequence of simple
binary operations (XORs,
rotations, etc.) which finally
produces a 128-bit hash.
Học viện mạng Bach Khoa - Website: www.bkacad.com
SHA
• SHA is similar in design to the MD4 and
MD5 family of hash functions
• SHA-1:
– Takes an input message of no more than 264 bits
– Produces a 160-bit message digest SHA
• The algorithm is slightly slower than MD5.
• SHA-1 is a revision that corrected an
unpublished flaw in the original SHA.
• SHA-224, SHA-256, SHA-384, and SHA-
512 are newer and more secure versions of
SHA and are collectively known as SHA-2.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Hashing Example
In this example the clear text entered is displaying hashed results
using MD5, SHA-1, and SHA256. Notice the difference in key
lengths between the various algorithm. The longer the key, the
more secure the hash function.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Features of HMAC- Authenticity
• A keyed-hash message authentication
code (HMAC or KHMAC) is a type of
message authentication code (MAC).
• Uses an additional secret key as input to
the hash function
• The secret key is known to the sender
and receiver
– Adds authentication to integrity
+
Secret
Key
Data of Arbitrary
Length
assurance
– Defeats man-in-the-middle attacks
• Cisco technologies use two well-known
HMAC functions:
– Keyed MD5 (HMAC-MD5), based on
the MD5 hashing algorithm
– Keyed SHA-1 (HMAC-SHA-1),
based on the SHA-1 hashing
algorithm
The same procedure is used for
generation and verification of secure
fingerprints
Fixed Length
Authenticated
Hash Value
e883aa0b24c09f
Học viện mạng Bach Khoa - Website: www.bkacad.com
HMAC Example
Data
Secret
Key
Pay to Terry Smith $100.00
One Hundred and xx/100 Dollars
Received Data Secret Key
Pay to Terry Smith $100.00
One Hundred and xx/100 Dollars
HMAC
(Authenticated
Fingerprint)
Pay to Terry Smith $100.00
One Hundred and xx/100 Dollars
4ehIDx67NMop9
4ehIDx67NMop9
HMAC
(Authenticated
Fingerprint)
4ehIDx67NMop9
If the generated HMAC matches the
sent HMAC, then integrity and
authenticity have been verified.
If they don’t match, discard the
message.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Using Hashing
e883aa0b24c09f
Data Integrity Data Authenticity
Cisco products use hashing for entity authentication, data integrity, and data
authenticity purposes:
• Routers use hashing with secret keys
• IPsec gateways and clients use hashing algorithms
• Software images downloaded from the website have checksums
• Sessions can be encrypted
Fixed-Length Hash
Value
Entity Authentication
Học viện mạng Bach Khoa - Website: www.bkacad.com
Key Management
• Key management is often considered the most difficult part of designing a
cryptosystem.
Two terms that are used to describe keys are key length and keyspace
Học viện mạng Bach Khoa - Website: www.bkacad.com
Keyspace
The keyspace of an algorithm is the set of all possible key values.
A key that has n bits produces a keyspace that has 2^n possible key values.
For each bit added to the DES key, the attacker would require twice the amount of time to search the
keyspace.
Longer keys are more secure but are also more resource intensive and can affect throughput.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Types of Keys
Học viện mạng Bach Khoa - Website: www.bkacad.com
Types of Keys
Several types of cryptographic keys:
1. Symmetric keys.
2. Asymmetric keys.
Học viện mạng Bach Khoa - Website: www.bkacad.com
3. Digital signatures.
4. Hash keys.
Shorter keys = faster processing, but
less secure
Longer keys = slower processing,
Key Properties
but more secure
• An administrator must find a good balance between the speed and protective
strength of an algorithm.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Học viện mạng Bach Khoa - Website: www.bkacad.com
Confidentiality and the OSI Model
• Cryptographic encryption can provide confidentiality at several layers:
– For Data Link Layer confidentiality, use proprietary link-
encrypting devices
– For Network Layer confidentiality, use secure Network Layer
protocols such as the IPsec protocol suite
– For Session Layer confidentiality, use protocols such as
Secure Sockets Layer (SSL) or Transport Layer Security (TLS)
– For Application Layer confidentiality, use secure e-mail,
secure database sessions (Oracle SQL*net), and secure
messaging (Lotus Notes sessions)
• Two basic classes of encryption algorithms protect keys: symmetric
and asymmetric
• Asymmetric algorithms are typically hundreds to thousands times
slower than symmetric algorithms
Học viện mạng Bach Khoa - Website: www.bkacad.com
Symmetric Encryption
Học viện mạng Bach Khoa - Website: www.bkacad.com
Symmetric Encryption and XOR
The XOR operator results in a 1 when the value of either the
first bit or the second bit is a 1
The XOR operator results in a 0 when neither or both of the
bits is 1
Plain Text 1 1 0 1 0 0 1 1
Key (Apply) 0 1 0 1 0 1 0 1
XOR (Cipher Text) 1 0 0 0 0 1 1 0
Key (Re-Apply) 0 1 0 1 0 1 0 1
XOR (Plain Text) 1 1 0 1 0 0 1 1
Học viện mạng Bach Khoa - Website: www.bkacad.com
Asymmetric Encryption
Encryption Key Decryption Key
Encrypt Decrypt
$1000 $1000%3f7&4
Two separate
keys which are
not shared
• Also known as public key algorithms
• The usual key length is 512–4096 bits
• A sender and receiver do not share a secret key
• Relatively slow because they are based on difficult computational
algorithms
• Examples include RSA, ElGamal, elliptic curves, and DH.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Asymmetric Example : Diffie-Hellman
Get Out Your Calculators?
Học viện mạng Bach Khoa - Website: www.bkacad.com
Symmetric Algorithms
Symmetric
Encryption
Algorithm
Key length
(in bits) Description
DES 56
Designed at IBM during the 1970s and was the NIST standard until 1997.
Although considered outdated, DES remains widely in use.
Designed to be implemented only in hardware, and is therefore extremely
slow in software.
Based on using DES three times which means that the input data is
3DES 112 and 168 encrypted three times and therefore considered much stronger than DES.
However, it is rather slow compared to some new block ciphers such as AES.
AES 128, 192, and 256
Fast in both software and hardware, is relatively easy to implement, and
requires little memory.
As a new encryption standard, it is currently being deployed on a large scale.
Software
Encryption
Algorithm (SEAL)
160
SEAL is an alternative algorithm to DES, 3DES, and AES.
It uses a 160-bit encryption key and has a lower impact to the CPU when
compared to other software-based algorithms.
The RC series
RC2 (40 and 64)
RC4 (1 to 256)
RC5 (0 to 2040)
RC6 (128, 192,
and 256)
A set of symmetric-key encryption algorithms invented by Ron Rivest.
RC1 was never published and RC3 was broken before ever being used.
RC4 is the world's most widely used stream cipher.
RC6, a 128-bit block cipher based heavily on RC5, was an AES finalist
developed in 1997.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Symmetric Encryption Techniques
64 bits 64bits 64bits
01010010110010101010100101100101011100101blank blank
Block Cipher – transform a fixed-length block of
plaintext into a common block of ciphertext of
0101010010101010100001001001001 0101010010101010100001001001001
64 or 128bits. Exam: DES-64bits, AES-128bits...
Stream Cipher – encryption is one bit
at a time
Học viện mạng Bach Khoa - Website: www.bkacad.com
Selecting an Algorithm
• Other criteria to consider:
– The algorithm supports variable and long key lengths and scalability
– The algorithm does not have export or import restrictions: some countries
do not allow the export of cryption algorithms.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Data Encryption Standard- DES Scorecard
• DES is a symmetric encryption algorithm that usually operates in block
mode. It encrypts data in 64-bit blocks.
• DES has a fixed key length. The key is 64-bits long, but only 56 bits
are used for encryption. The remaining 8 bits are used for parity.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Block Cipher Modes
• ECB mode serially encrypts each 64-
bit plaintext block using the same 56-
bit key. If two identical plaintext blocks
are encrypted using the same key,
their ciphertext blocks are the same.
• In CBC mode, each 64-bit plaintext
block is exclusive ORed (XORed)
bitwise with the previous ciphertext
block and then is encrypted using the
DES key. The encryption of each
block depends on previous blocks.
Encryption of the same 64-bit plaintext
block can result in different ciphertext
blocks.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Block Cipher Modes
Học viện mạng Bach Khoa - Website: www.bkacad.com
Stream Cipher Mode
• Encrypt and decrypt more than 64bits of data.
• Two common stream cipher modes:
– Cipher feedback (CFB): similar CBC and can encrypt any number
of bits, including single bits or single characters.
– Output feedback (OFB): generates keystream block, which are
then XORed with the plaintext blocks to get the ciphertext.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Considerations
• Change keys frequently to help
prevent brute-force attacks.
• Use a secure channel to
communicate the DES key from
the sender to the receiver.
• Consider using DES in CBC
mode. With CBC, the encryption
DES
of each 64-bit block depends on
previous blocks.
• Test a key to see if it is a weak
key before using it.
Học viện mạng Bach Khoa - Website: www.bkacad.com
3DES Scorecard
• 3DES is the technique of applying DES three times in a row to a
plaintext block.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Encryption Steps
1
The clear text from Alice is
encrypted using Key 1. That
ciphertext is decrypted using a
different key, Key 2. Finally
that ciphertext is encrypted
using another key, Key 3.
When the 3DES ciphered text
is received, the process is
reversed. That is, the
ciphered text must first be
decrypted using Key 3,
encrypted using Key 2, and
finally decrypted using Key 1.
2
Học viện mạng Bach Khoa - Website: www.bkacad.com
Advanced Encryption Standard- AES
• Variable block length and key length.
• A 128-, 192-, or 256-bit key can be used to encrypt data blocks that are
128, 192, or 256 bits long, and all nine combinations of key and block
length are possible.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Advantages of AES
• The key is much stronger due to the key length
• AES runs faster than 3DES on comparable hardware
• AES is more efficient than DES and 3DES on comparable hardware
Học viện mạng Bach Khoa - Website: www.bkacad.com
Software-optimized Encryption Algorithm-SEAL
• SEAL is an alternative algorithm to software-based DES, 3DES, and
AES.
• It is a stream cipher that uses a 160-bit encryption key.
• SEAL has several restrictions:
– The Cisco router and the peer must support IPsec.
– The Cisco router and the other peer must run an IOS image with k9
long keys (the k9 subsystem).
– The router and the peer must not have hardware IPsec encryption.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Rivest Codes Scorecard
Description RC2 RC4 RC5 RC6
Timeline 1987 1987 1994 1998
Type of Algorithm Block cipher Stream
cipher Block cipher Block cipher
Key size (in bits) 40 and 64 1 - 256
0 to 2040
bits (128
suggested)
128, 192, or
256
Học viện mạng Bach Khoa - Website: www.bkacad.com
DH Scorecard
Description Diffie-Hellman Algorithm
Timeline 1976
Type of Algorithm Asymmetric
Key size (in bits) 512, 1024, 2048
Speed Slow
Time to crack
(Assuming a computer could
try 255 keys per second)
Unknown but considered very safe
Resource
Consumption Medium
Học viện mạng Bach Khoa - Website: www.bkacad.com
Using Diffie-Hellman
Alice Bob
Calc Calc
56mod 23 = 8
5, 23 5, 23
6
Secret SharedShared Secret
1 1
2
3
8
1. Alice and Bob agree to use the same two numbers. For example, the base number
g=5 and prime number p=23
2. Alice now chooses a secret number x=6.
3. Alice performs the DH algorithm: gx modulo p = (56 modulo 23) = 8 (Y) and sends
the new number 8 (Y) to Bob.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Using Diffie-Hellman
Alice Bob
6
Secret Calc Shared Calc
1556mod 23 = 8
515mod 23 = 19
Shared Secret
8
19
4
5, 23 5, 23
4. Meanwhile Bob has also chosen a secret number x=15, performed the DH algorithm:
gx modulo p = (515 modulo 23) = 19 (Y) and sent the new number 19 (Y) to Alice.
5. Alice now computes Yx modulo p = (196 modulo 23) = 2.
6. Bob now computes Yx modulo p = (815 modulo 23) = 2.
196mod 23 = 2 815mod 23 = 2
The result (2) is the same for
both Alice and Bob.
This number can now be used
as a shared secret key by the
encryption algorithm.
5
6
Học viện mạng Bach Khoa - Website: www.bkacad.com
Asymmetric Key Characteristics
• Asymmetric algorithms, also sometimes called public-key algorithms,
are designed so that the key that is used for encryption is different
from the key that is used for decryption.
• Asymmetric algorithms use two keys: a public key and a private key.
• Example: IKE, SSL, SSH, PGP.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Public Key (Encrypt) + Private Key (Decrypt) =
Confidentiality
Bob’s Public
Key
Can I get your Public Key please?
Here is my Public Key.
1
Bob’s Public
Key
2 Bob’s Private Key4
Computer A acquires
Computer B’s public key
Computer A transmits
Computer
A
3
Encrypted
Text
Encryption
Algorithm
Encryption
Algorithm
Encrypted
Text
Computer
B
Computer A uses Computer B’s
public key to encrypt a message
using an agreed-upon algorithm
The encrypted message
to Computer B
Computer B uses
its private key to
decrypt and reveal
the message
Học viện mạng Bach Khoa - Website: www.bkacad.com
Private Key (Encrypt) + Public Key (Decrypt)
= Authentication
Bob uses the public key to
successfully decrypt the message
and authenticate that the message
did, indeed, come from Alice.
Alice’s Private
Key
1 Encrypted
Text
Encryption
4
Alice’s Public
Key
Alice encrypts a message
with her private key
Alice transmits the
Algorithm
Encrypted
Text
2
Alice’s Public
Key
Can I get your Public Key please?
Here is my Public Key
3 Encryption
Algorithm
Encrypted
Text
Computer
A
Computer
B
encrypted message
to Bob
Bob needs to verify that the message
actually came from Alice. He requests
and acquires Alice’s public key
Học viện mạng Bach Khoa - Website: www.bkacad.com
Confidentiality, Integrity and Authentication
Học viện mạng Bach Khoa - Website: www.bkacad.com
Asymmetric Key Algorithms
Key
length
(in bits)
Description
DH 512, 1024, 2048
Invented in 1976 by Whitfield Diffie and Martin Hellman.
Two parties to agree on a key that they can use to encrypt messages
The assumption is that it is easy to raise a number to a certain power, but difficult
to compute which power was used given the number and the outcome.
Digital Signature
Standard (DSS) and
Digital Signature 512 - 1024
Created by NIST and specifies DSA as the algorithm for digital signatures.
A public key algorithm based on the ElGamal signature scheme.
Algorithm (DSA) Signature creation speed is similar with RSA, but is slower for verification.
RSA encryption
algorithms 512 to 2048
Developed by Ron Rivest, Adi Shamir, and Leonard Adleman at MIT in 1977
Based on the current difficulty of factoring very large numbers
Suitable for signing as well as encryption
Widely used in electronic commerce protocols
EIGamal 512 - 1024
Based on the Diffie-Hellman key agreement.
Described by Taher Elgamal in 1984and is used in GNU Privacy Guard software,
PGP, and other cryptosystems.
The encrypted message becomes about twice the size of the original message
and for this reason it is only used for small messages such as secret keys
Elliptical curve
techniques 160
Invented by Neil Koblitz in 1987 and by Victor Miller in 1986.
Can be used to adapt many cryptographic algorithms
Keys can be much smaller
Học viện mạng Bach Khoa - Website: www.bkacad.com
Security Services- Digital Signatures
• Specifically, digital signatures
provide three basic security
services:
– Authenticity of digitally
signed data: Authenticates a
source, proving a certain party
has seen, and has signed, the
data in question
– Integrity of digitally signed
data: Guarantees that the data
has not changed from the time it
was signed
– Nonrepudiation of the
transaction: Signing party
cannot repudiate that it signed
the data
Authenticity Integrity
Nonrepudiation
Học viện mạng Bach Khoa - Website: www.bkacad.com
Digital Signatures
• The signature is authentic and
not forgeable: The signature is
proof that the signer, and no one
else, signed the document.
• The signature is not reusable:
The signature is a part of the document and cannot be moved to a
different document.
• The signature is unalterable: After a document is signed, it cannot
be altered.
• The signature cannot be repudiated: For legal purposes, the
signature and the document are considered to be physical things.
The signer cannot claim later that they did not sign it.
Học viện mạng Bach Khoa - Website: www.bkacad.com
The Digital Signature Process
Confirm
Order
Data
Signature Verified
0a77b3440Signed Data1 6
Validity of the digital
signature is verified
hash
The sending device creates
a hash of the document
The receiving device
accepts the document
with digital signature
and obtains the public key
Encrypted
hash
Confirm
Order
____________
0a77b3440
Signature
Algorithm
Signature
Key
Verification
Key
0a77b3440
2
3
4
5
The sending device
encrypts only the hash
with the private key
of the signer The signature algorithm generates a digital signature
and obtains the public key
Signature is
verified with the
verification
key
Học viện mạng Bach Khoa - Website: www.bkacad.com
The Digital Signature Process
Học viện mạng Bach Khoa - Website: www.bkacad.com
Code Signing with Digital Signatures
• The publisher of the software attaches a digital signature to the
executable, signed with the signature key of the publisher.
• The user of the software needs to obtain the public key of the
publisher or the CA certificate of the publisher if PKI is used.
Học viện mạng Bach Khoa - Website: www.bkacad.com
DSA Scorecard
Description Digital Signature Algorithm (DSA)
Timeline 1994
Type of Algorithm Provides digital signatures
Advantages: Signature generation is fast
Disadvantages: Signature verification is slow
Học viện mạng Bach Khoa - Website: www.bkacad.com
RSA Scorecard
Description Ron Rivest, Adi Shamir, and Len Adleman
Timeline 1977
Type of Algorithm Asymmetric algorithm
Key size (in bits) 512 - 2048
Advantages: Signature verification is fast
Disadvantages: Signature generation is slow
Học viện mạng Bach Khoa - Website: www.bkacad.com
Properties of RSA
• One hundred times slower than
DES in hardware
• One thousand times slower than
DES in software
• Used to protect small amounts
of data
• Ensures confidentiality of data
thru encryption
• Generates digital signatures for
authentication and
nonrepudiation of data
Học viện mạng Bach Khoa - Website: www.bkacad.com
Public Key Infrastructure
Alice applies for a driver’s license.
She receives her driver’s license after
her identity is proven.
Alice attempts to cash a check.
Her identity is accepted after her
driver’s license is checked.
Học viện mạng Bach Khoa - Website: www.bkacad.com
PKI:
A service framework (hardware, software, people,
policies and procedures) needed to support large-
Public Key Infrastructure
PKI terminology to remember:
scale public key-based technologies.
Certificate:
A document, which binds together the name of the
entity and its public key and has been signed by the
CA
Certificate authority (CA):
The trusted third party that signs the public keys
of entities in a PKI-based system
Học viện mạng Bach Khoa - Website: www.bkacad.com
CA Vendors and Sample Certificates
Học viện mạng Bach Khoa - Website: www.bkacad.com
Usage Keys
• When an encryption certificate is used much more frequently than a
signing certificate, the public and private key pair is more exposed
due to its frequent usage. In this case, it might be a good idea to
shorten the lifetime of the key pair and change it more often, while
having a separate signing private and public key pair with a longer
lifetime.
• When different levels of encryption and digital signing are required
because of legal, export, or performance issues, usage keys allow
an administrator to assign different key lengths to the two pairs.
• When key recovery is desired, such as when a copy of a user’s
private key is kept in a central repository for various backup
reasons, usage keys allow the user to back up only the private key
of the encrypting pair. The signing private key remains with the user,
enabling true nonrepudiation.
Học viện mạng Bach Khoa - Website: www.bkacad.com
The Current State
X.509
• Many vendors have proposed and implemented
proprietary solutions
• Progression towards publishing a common set of
standards for PKI protocols and data formats
Học viện mạng Bach Khoa - Website: www.bkacad.com
X.509v3
• X.509v3 is a standard that
describes the certificate
structure.
• X.509v3 is used with:
– Secure web servers: SSL
and TLS
– Web browsers: SSL and
TLS
– Email programs: S/MIME
– IPsec VPNs: IKE
Học viện mạng Bach Khoa - Website: www.bkacad.com
X.509v3 Applications
Internet Enterprise
Network
External
Web Server
Internet
Mail
Server
Cisco
Secure
ACS
CA
SSL S/MIME
EAP-TLS
• Certificates can be used for various purposes.
• One CA server can be used for all types of
authentication as long as they support the same PKI
procedures.
Server
IPsec VPN
Concentrator
Học viện mạng Bach Khoa - Website: www.bkacad.com
RSA PKCS Standards
• PKCS #1: RSA Cryptography Standard
• PKCS #3: DH Key Agreement Standard
• PKCS #5: Password-Based Cryptography Standard
• PKCS #6: Extended-Certificate Syntax Standard
• PKCS #7: Cryptographic Message Syntax Standard
• PKCS #8: Private-Key Information Syntax Standard
• PKCS #10: Certification Request Syntax Standard
• PKCS #12: Personal Information Exchange Syntax Standard
• PKCS #13: Elliptic Curve Cryptography Standard
• PKCS #15: Cryptographic Token Information Format Standard
Học viện mạng Bach Khoa - Website: www.bkacad.com
Public Key Technology
PKCS#7
PKCS#10
Certificate
Signed
Certificate
CA
• A PKI communication protocol used for VPN PKI
enrollment
• Uses the PKCS #7 and PKCS #10 standards
PKCS#7
Học viện mạng Bach Khoa - Website: www.bkacad.com
Single-Root PKI Topology
• Certificates issued by one CA
• Centralized trust decisions
• Single point of failure
Root CA
Học viện mạng Bach Khoa - Website: www.bkacad.com
Hierarchical CA Topology
Root CA
Subordinate
• Delegation and distribution of trust
• Certification paths
CA
Học viện mạng Bach Khoa - Website: www.bkacad.com
Cross-Certified CAs
CA2
CA1
• Mutual cross-signing of CA certificates
CA3
Học viện mạng Bach Khoa - Website: www.bkacad.com
Registration Authorities
2
Completed Enrollment
Request Forwarded to
CA
CA
After the Registration
Authority adds specific
information to the
certificate request and
the request is approved
under the organization’s
The CA will sign the certificate
request and send it back to the
host
1
Enrollment
request
3
Certificate Issued
RA
Hosts will submit
certificate requests
to the RA
policy, it is forwarded
on to the Certification
Authority
Học viện mạng Bach Khoa - Website: www.bkacad.com
Retrieving the CA Certificates
Alice and Bob telephone the CA
administrator and verify the public key
and serial number of the certificate
CA
Admin
POTS
Out-of-Band
Authentication of the
CA Certificate
POTS
Out-of-Band
Authentication of the
CA Certificate
33
CA
CA
Certificate
CA
Certificate
Enterprise Network
1
1
2 2
Alice and Bob request the CA certificate
that contains the CA public key
Each system verifies the
validity of the certificate
Học viện mạng Bach Khoa - Website: www.bkacad.com
Submitting Certificate Requests
CA
Admin
Out-of-Band
Authentication of the
CA Certificate
Out-of-Band
Authentication of the
CA Certificate
2
The certificate is
retrieved and the
certificate is installed
onto the system
The CA administrator telephones to
confirm their submittal and the public
key and issues the certificate by
adding some additional data to the
request, and digitally signing it all
CA
Enterprise Network
POTS POTS
1
1
3 Certificate
Request
Certificate
Request 3
Both systems forward a certificate request which
includes their public key. All of this information is
encrypted using the public key of the CA
Học viện mạng Bach Khoa - Website: www.bkacad.com
Authenticating
Private Key (Alice) Private Key (Bob)
Certificate (Alice)
1
2 2
Bob and Alice exchange certificates. The CA is no longer involved
Certificate (Alice)
CA Certificate
Certificate (Bob)
CA Certificate
Certificate (Bob)
Each party verifies the digital signature on the certificate by hashing the plaintext
portion of the certificate, decrypting the digital signature using the CA public key,
and comparing the results.
Học viện mạng Bach Khoa - Website: www.bkacad.com
PKI Authentication Characteristics
• To authenticate each other, users have to
obtain the certificate of the CA and their own
certificate. These steps require the out-of-band
verification of the processes.
• Public-key systems use asymmetric keys where
one is public and the other one is private.
• Key management is simplified because two
users can freely exchange the certificates. The
validity of the received certificates is verified
using the public key of the CA, which the users
have in their possession.
• Because of the strength of the algorithms,
administrators can set a very long lifetime for
the certificates.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Summary
Học viện mạng Bach Khoa - Website: www.bkacad.com
Summary
Học viện mạng Bach Khoa - Website: www.bkacad.com
Summary
Học viện mạng Bach Khoa - Website: www.bkacad.com
Summary
Học viện mạng Bach Khoa - Website: www.bkacad.com
Summary
Học viện mạng Bach Khoa - Website: www.bkacad.com
Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com
Các file đính kèm theo tài liệu này:
- ccna_security_chapter_7_cryptographic_systems_962_3098.pdf