CISSP Week 16


Published on

Published in: Technology, Education

CISSP Week 16

  1. 1. Cryptography Domain 5 Pages 761-790 Official CISSP CBK Third Edition Tim Jensen StaridLabs
  2. 2. CISSP Test Objectives ● A CISSP candidate is expected to know: – Public and private key algorithms in terms of their applications and uses – Algorithm construction – Key distribution and management – Methods of attack – The applications, construction, and use of digital signatures to provide authenticity of electronic transactions – Non-repudiation of the parties involved
  3. 3. What is Cryptography? ● Cryptographic systems take a plaintext message and through a series of transpositions or substitutions convert it to ciphertext.
  4. 4. Historical Cryptography
  5. 5. Early Egyptian Encryption ● The Egyptians used a simple substitution cipher to obscure the message.
  6. 6. Spartan Scytale ● A leather belt was wrapped around a tapered dowel. A scribe would write across the dowel and then unwind the belt. Only a similar dowel would allow decoding.
  7. 7. Caesar Cipher ● A simple substitution cipher that shifted the alphabet 3 positions.
  8. 8. Caesar Cipher ● Caesar Ciphers are now a children's toy
  9. 9. The Mechanical Era
  10. 10. Confederate Army's Cipher Disk
  11. 11. Nazi Enigma Machine
  12. 12. Japanese Red and Purple Machines
  13. 13. Mechanical Math ● A=0, B=1, C=3...Z=25 ● Precursor to the One Time Pad ● Also now a childrens toy
  14. 14. Modern Cryptography ● Computers allow very complex calculations ● The majority of attacks against cryptosystems are caused by poor implementations rather than algorithm failures.
  15. 15. Emerging Technology (Why show current technology first...who wrote this book)
  16. 16. Quantum Cryptography ● Traditional Cryptography primarily uses difficult mathematical techniques ● Quantum Cryptography uses physics to secure data. ● Quantum Crypto uses Quantum Key Distribution (QKD ● Example: The Werner Heisenberg uncertainty principle claims that a person cannot know both a particle's position and momentum with unlimited accuracy at the same time.
  17. 17. Quantum Crypto 2 ● Quantum Cryptography is a set of protocols, systems, and procedures by which it is possible to create and distribute secret keys. The keys are then used with traditional crypto algorithms and protocols. ● Quantum cryptography is not used to encrypt data, transfer encrypted data, or store encrypted data
  18. 18. Nikon has a course on Quantum Crypto...
  19. 19. Still Quantum ● Quantum Key Distribution is being designed to solve a current cryptography problem, primarily that a user needs a secure channel to setup a secure channel. ● Quantum Key Distribution (QKD) allows for the exchange of keys between two remote parties with complete security, as dictated via the laws of physics.
  20. 20. Quantum-fu ● Quantum Crypto has two unique channels – The first is used for transmission of quantum key material via single-photon light pulses – The other is used to carry all message traffic ● Within the laws of quantum physics, once a photon has been observed, its state is changed. This makes quantum cryptography perfect for security since any time someone tries to eavesdrop on a secure channel, the photons will be disturbed and the disturbance can easily be identified.
  21. 21. On Quantum Cryptography: Nobody's ever actually has a working system... Nor is it likely in the near future. The latest news this month is that they might have designed a quantum network card. Even their card is theoretical and hasn't been tested.
  22. 22. Crypto Core Principals ● Cryptography attempts to provide integrity, confidentiality, and authenticity. Cryptography does not completely support availability ● Availability – Cryptography specifically limits availability to only authorized parties ● Confidentiality – The message is altered or hidden so that it cannot be understood by anyone but the intended recipient ● Integrity – Integrity checks allow a recipient to verify that a message has not been altered. – Important: Cryptographic tools cannot prevent a message from being altered, but they can detect intentional or accidental modification of the message
  23. 23. Additional Features ● Non-repudiation: Origin can be identified by which crytpo key was used. ● Authentication: Ability to determine if someone or something is what it declares to be.
  24. 24. Data at Rest ● Data stored on hard disks, backup tapes, offsite storage, password files, etc must be protected. Cryptography can be used to provide reasonable assurance that the data cannot be read by a 3rd party ● Tim Note: Never use a stream cipher to encrypt hard disks, backup tapes, etc. Stream ciphers have integrity issues that are mitigated with transmission protocols. Used directly against a disk allows the data to be manipulated. For more details see:
  25. 25. Data in Transit ● Data in transit could be intercepted by a 3rd party ● Modern Cryptography provides secure and confidential methods to transmit data and allow the verification of the integrity of the message.
  26. 26. Link Encryption ● Data can be encrypted on a network using link or end-to-end encryption. ● Routing data is encrypted and as such each node must decrypt the data to continue routing. ● If an attacker compromises a node in the network they may be able to see the message in the clear before it is re-encrypted.
  27. 27. End-To-End Encryption ● End to End encryption is generally performed by an end user. ● Data is encrypted at the start of the communications channel and remains encrypted until it is decrypted at the remote end. ● Only the message is encrypted, the routing information is visible.
  28. 28. Definition Broken ● A crytographic function or implementation is considered broken when one of the following conditions is met: – For a hashing function: ● Collisions or hashes can be reliably reproduced in an economically feasible fashion without the original source ● When an implementation of a hash function allows a side channel attack – For an encryption system: ● A cipher is decoded without access to the key in an economically feasible fashion. ● When an implementation of an encryption system allows for the unauthorized disclosure of information in an economically feasible fashion.
  29. 29. Cryptography Grades NIST 800-161A ● Acceptable: Algorithm and key length is safe to use. No security risk is currently known ● Deprecated: Use of algorithm and key length is allowed, but there is some risk ● Restricted: Use of the algorithm or key length is deprecated and there are additional restrictions on use. ● Legacy: Algorithm or key length may only be used to process already protected information but there may be risk in doing so.
  30. 30. Policies/procedures needed for cryptography transition ● Approved cryptographic algorithms and key sizes ● Transition plans for weakened or compromised algorithms and keys ● Procedures for the use of cryptographic systems ● Data classification – what information requires what grade of encryption ● Key generation, storage, and destruction ● Incident reporting surrounding the loss of keys or system compromise
  31. 31. International Export Controls ● Most countries have some regulations regarding the use or distribution of cryptographic systems. Mostly this is so law enforcement can do their jobs and to keep criminals from using strong encryption. ● Cryptography is considered to be a weapon of war and is managed through laws used to control the distribution of military equipment. ● In the US regulation is provided by the NSA, US Dept of State, and US Dept of Commerce ● Most companies market two versions of their products: One with strong encryption and one with weaker encryption which is meant for overseas distribution. ●
  32. 32. Law Enforcement ● Some countries do not allow the personal use of encryption, require weak keys, or require that an individual discloses their keys if law enforcement requires it. ● Criminal methods are causing consumers to use stronger encryption which is making it more difficult for law enforcement to decrypt and analyze encrypted messages.
  33. 33. Encryption Concepts ● Key Custering: When different encryption keys generate the same ciphertext from the same plaintext message. ● Synchronous: Each encryption or decryption request is performed immediately ● Asynchronous: Encrypt/Decrypt requests are processed in queues. Often used in hardware devices and multiprocessor systems.
  34. 34. Encryption Concepts 2 ● Hash: A one-way mathematical operation which reduces a message into a smaller fixed length output (hash value). ● Digital Signatures: A message is hashed and the hash value is encrypted using the private key of the sender. This allows integrity verification (from the hash) and non-repudiation since you can identify who's private key was used to encrypt the hash.
  35. 35. Encryption Concepts 3 ● Asymmetric: Two different but mathematically related keys are used where one key is used to encrypt and another key is used to decrypt. Commonly referred to as Public Key Infrastructure (PKI) – RSA, Diffie-Hellman(DH) ● Symmetric: A message is encrypted with a key and decrypted with the same key. The key owner(s) must securely transmit the key somehow. – AES, 3DES
  36. 36. Encryption Concepts 4 ● Digital certificate: Electronic Document containing: Name of organization or individual, business address, digital signature of the certificate authority, certificate holder's public key, a serial number, and the expiration date ● Certificate Authority: An entity trusted by one or more users as an authority in a network that issues, revokes, and manages digital certificates ● Registration Authority: Performs certificate registration services on behalf of a CA. An RA is responsible for the accuracy of the information contained in a certificate request. The RA is also expected to perform user validation before issuing a certificate request.
  37. 37. Encryption Concepts 5 ● Plaintext/Cleartext: The message in it's natural format, readable by anyone. ● Ciphertext/Cryptogram: The altered form of a plaintext message so it is unreadable for anyone except the intended recipients. ● Cryptosystem: Represents the entire cryptographic operation. This includes the algorithm, the key, and the key management functions.
  38. 38. Encryption Concepts 6 ● Encryption: The process of converting the message from its plaintext to ciphertext. Also known as enciphering. ● Decryption: The reverse process of encryption. The ciphertext is converted back to the same plaintext. ● Key/Cryptovariable: The input that controls the operation of the cryptographic algorithm. The key controls the reliability of the encryption and decryption of a message.
  39. 39. Encryption Concepts 7 ● Non-repudiation: Evidence is maintained so that the sender and recipient of data cannot deny having participated in the communication. ● Algorithm: Mathematical function that is used in the encryption and decryption process. ● Cryptanalysis: The study of techniques for attempting to defeat cryptographic techniques. ● Cryptology: The science that deals with hidden, disguised, or encrypted communications.
  40. 40. Encryption Concepts 8 ● Collision: Occurs when a hash function generates the same output for different inputs. ● Key Space: The total number of possible keys in a cryptographic algorithm or password. Example: a 20-bit key would have a keyspace of 1,048,567 ● Word Factor: Represents the time and effort required to break a protective measure.
  41. 41. Encryption Concepts 9 ● Initialization Vector (IV): A nonsecret binary vector used at initialization to add additional cryptographic variance and to synchronize equipment. ● Encoding: Changing a message into another format through the use of code. Example is taking a plaintext message and converting it into a format which can be transmitted over radio. Used for integrity instead of secrecy. Morse code is an example. ● Decoding: Reverse process from encoding – converting the encoded message back to plaintext.
  42. 42. Encryption Concepts 10 ● Transposition/Permutation: Process of reordering the plaintext to hide the message
  43. 43. Encryption Concepts 11 ● Substitution: Process of exchanging one letter or byte for another
  44. 44. Encryption Concepts 12 ● SP-network: Process described by Claude Shannon1 and is used in most block ciphers. SP stands for Substitution and permutation, and most block ciphers do a series of repeated substitutions and permutations to add confusion and diffusion to the encryption process. An SP=network uses a series of S-boxes to handle the substitutions. Breaking a plaintext block into a subset of smaller S-boxes makes it easier to handle the computations
  45. 45. WTF is an S-box you ask?
  46. 46. What's an Example of an SP- Network?
  47. 47. Encryption Concepts 13 ● Confusion: Mixing the key values used during the repeated rounds of encryption. When the key is modified for each round, it provides added complexity that the attacker would encounter. ● Diffusion: Mixing up the location of the plaintext through the ciphertext. Through transposition, the location of the first character of the plaintext may change several times during the encryption process ● Avalanch Effect: Characteristic in cryptography where a minor change in either the key or the plaintext will have a significant change to the resulting ciphertext. It is also a feature of a strong hashing algorithm.
  48. 48. High Work Factor ● The average amount of effort work work required to break an encryption system. This is measured in hours of computing time on a specific computer system (2,000 hours on a 486). ● If the work factor is economically infeasible, then the encryption scheme is considered reliable. ● Obviously this number changes over time as technology advances.
  49. 49. Methods of Cryptography
  50. 50. Stream Based Ciphers ● Encryption is performed bit by bit. ● Used in streaming applications such as voice and video. ● WEP used a stream cipher (RC4) but was implemented incorrectly and is not considered secure since the encryption key can be easily exposed to the attacker. ● The cryptographic operation for a stream cipher is to mix the plaintext with a keystream that is generated by the cryptosystem. This is generally done using an XOR.
  51. 51. What is an XOR and how does it work?
  52. 52. Stream Based Ciphers 2 ● A stream-based cipher relies primarily on substitution. One character or bit is substituted for another.
  53. 53. Stream Based Security Considerations ● The keystream should not be linearly related to the cryptovariable IE: knowledge of the keystream output value does not disclose the cryptovariable. ● Statistically unpredictable – given n successive bits from the keystream it is not possible to predict the n + 1st bit with a probability different from ½ ● Statistically unbiased – there should be as many 0's as 1's, as many 00's as 01's, 10's, 11's, etc. ● Long periods without repetition. ● Functional complexity – each keystream bit should depend on most or all of the cryptovariable bits.
  54. 54. Block Ciphers ● A block cipher operates on blocks or chunks of text. As plaintext is fed into the cryptosystem, it is divided into blocks of a preset value which is often multiples of ASCII character size (64, 128, 192, etc). Most block ciphers use a combination of substitution and transposition to perform their operations. This makes a block cipher relatively stronger than a stream based cipher but more computationally intensive. ● Block ciphers are generally implemented in software whereas stream based can be implemented in hardware or software.
  55. 55. Initialization Vectors (IV) ● Messages may be of varying length ● Encrypting the same plaintext with the same key always produces the same ciphertext. ● To provide confidentiality of arbitrary length several modes of operation were created to ensure that ciphertext will be different each time even when using the same key. These are Initialization Vectors
  56. 56. IV Modes – ECB Electronic Code Book
  57. 57. IV Modes – CBC Chain Block Chaining
  58. 58. IV Modes – CFB Cipher Feedback
  59. 59. IV Modes – OFB Output Feedback
  60. 60. IV Modes – CTR Counter
  61. 61. Key Length ● The security of an algorithm is usually equal to the length of the key. If you increase the key length you increase the security. This is not the case in algorithms (3DES). ● Increasing the key length makes the encryption and decryption process more computationally expensive and must be kept in mind. If you have a web server with a very large key, it won't be able to serve as many users as a system with a smaller key.
  62. 62. Block Size ● Block size can also affect security. All blocks must be of the same size, so if the block isn't full then the algorithm pads the remainder. ● Exceptionally wrong blocksize choices are computationally expensive and possibly reduce the statistical randomness.
  63. 63. Null Ciphers ● Null ciphers are used when encryption isn't necessary. ● Main uses are for testing/debugging, low security (public, static websites), or with authentication only communications. ● (They are on by default on may webservers. Attackers can re-negotiate client sessions to disable encryption. Null ciphers should be disabled if not necessary)
  64. 64. Null Ciphers ● Null ciphers are used when encryption isn't necessary. ● Main uses are for testing/debugging, low security (public, static websites), or with authentication only communications. ● (They are on by default on may webservers. Attackers can re-negotiate client sessions to disable encryption. Null ciphers should be disabled if not necessary)
  65. 65. Substitution Ciphers ● Substitution ciphers substitute one letter for another based upon a cryptovariable ● Caesar Cipher, ROT-13, Decoder Rings