Cryptography Basics

Yulian Slobodyan
December 2008
Presentation Path
 Introduction
 Symmetric Cryptography
 Asymmetric Cryptography
 Certificates and Key Management
 Email Security
 Network Protocols Security
 Technical Choices
 Questions
 Appendix

2
Introduction
Introduction>Cryptography for Security
Confidentiality
 Encryption/Decryption

Integrity
 Hashing
 Keyed Hashing or MAC (Message
Authentication Code)
 Digital Signatures

Authentication
 Keyed Hashing or MAC (Message
Authentication Code)
 Digital Signatures
 Hashing

Non-Repudiation
 Digital Signatures

4
Introduction>Basic Terms
 Encryption/Decryption
 Plain Text
 Cipher Text
 Cipher
 Key

5
Introduction>Cryptography Flavors
 Symmetric Cryptography
 Synonyms: Private Key, Secret Key, Shared Key, One Key, Single Key

 Asymmetric Cryptography
 Synonyms: Public Key

6
Symmetric Cryptography
Symmetric Cryptography

Block ciphers

Stream ciphers
Other
Cryptographic hash functions (Hashing)
MAC - Message Authentication Codes (Keyed Hashing)
8
Symmetric Cryptography>Block Ciphers

9
Symmetric Cryptography>Block Ciphers
 DES (Data Encryption Standard)
 56 bit key size
 Secure? NO!

 3DES (Triple DES)
 56-bit key size. 1 or 2 or 3 keys used. Max: 168 bits
 Secure? ALMOST (using 3 different keys)

 AES (Advanced Encryption Standard) or Rijndael [rɛindal]
 128/192/256 bit key size
 Secure? 128 bit – for dynamic data, 192 bit – ALMOST, 256 – YES (Currently)
 6 times faster than 3DES !!!

 RC2
 Variable key size
 Secure? Vulnerable to related key attack using 2^34 chosen plaintexts

10
Symmetric Cryptography>Stream Ciphers
 RC4
 Variable key size (typically 40-256 bit)

 eSTREAM Portfolio
 HC-256 (256 bit key size)
 Rabbit (128 bit key size)
 Salsa20 (256 bit key size)
 SOSEMANUK (128-256 bit key size, use 128)

11
Symmetric Cryptography>Hash Functions
 The ideal hash function properties:
 easy to compute the hash for any given data
 extremely difficult to construct a text that has a given
hash
 extremely difficult to modify a given text without changing
its hash
 extremely unlikely that two different messages will have
the same hash

 SHA-1 (160 bit)
 MD5 (128 bit)
 SHA-2 (SHA-256/224, SHA-512/384)
 SHA-3 (In development)

SHA-1
fox:
the quick red fox:
the quick red box:

ff0f0a8b656f0b44c26933acd2e367b6c1211290
0fa561fd7e9cf714d5f94c422106ec8979c0c147
a6b613310c301411300cc742ac5bf205728b78cb
12
Symmetric Cryptography>MAC Algorithms

 MAC – Message Authentication Code
 UMAC (AES)
 HMAC (MD5 or SHA-1)
 CMAC (AES)
13
Symmetric Cryptography>Pros and Cons

 Speed

 Key Management

14
Symmetric Cryptography>Dev Choices
 Encryption/Decryption – AES
 192 bit key – volatile data
 256 bit key – sensitive data

 Hashing
 MD5 – integrity checks
 SHA-256 – password hashing

 MAC
 HMAC, UMAC

 CHANGE PRIVATE KEYS REGULARLY!!!

15
Asymmetric Cryptography
Asymmetric Cryptography

 Public Key Encryption
 Digital Signatures
 Public Key Certificates

17
Asymmetric Cryptography>Encryption

 RSA
 Diffie-Hellman key exchange
 ECC (Elliptic Curve Cryptography) (Elliptic curve: y2 = x3 + ax + b )
18
Asymmetric Cryptography>Digital Signing

 DSA (Digital Signature Algorithm)
 RSA
 ECDSA (Elliptic Curve DSA)
19
Asymmetric Cryptography>Pros and Cons

 No Shared Secret

 Speed

20
Asymmetric Cryptography>Dev Choices
 Encryption - RSA
 1024 bit key – volatile data
 2048 bit key - sensitive data

 Digital Signing – DSA
 2048 bit key – beyond 2010
 3072 bit key – beyond 2030

 MANDATORY PUBLIC KEY INFRASTRUCTURE!!!

21
Certificates and Key Management
Key Management
 Key Management
 generation
 exchange
 storage
 safeguarding
 use
 vetting
 replacement

 Flavors
 PKI (Public Key Infrastructure)

 X.509
 Web Of Trust

 PGP

23
Key Management>Digital Certificate

 X.509
 PGP (Pretty Good Privacy)

24
Key Management>PKI

25
Asymmetric Cryptography>Web Of Trust

26
Email Security
Email Security

 ESMTP
 S/MIME
 OpenPGP
28
Email Security>Extended SMTP
 SMTP security extensions
 SMTP-AUTH
 STARTTLS

29
Email Security>S/MIME and OpenPGP
Mandatory features

S/MIME v3

OpenPGP

Message format

Binary, based on CMS

Binary, based on previous PGP

Certificate format

Binary, based on X.509v3

Binary, based on previous PGP

Symmetric encryption
algorithm

TripleDES (DES EDE3 CBC)

TripleDES (DES EDE3 Eccentric
CFB)

Signature algorithm

Diffie-Hellman (X9.42) with
DSS or RSA

ElGamal with DSS

Hash algorithm

SHA-1

SHA-1

MIME encapsulation of
signed data

Choice of multipart/signed or
CMS format

multipart/signed with ASCII
armor

MIME encapsulation of
encrypted data

application/pkcs7-mime

multipart/encrypted

30
Network Cryptographic Protocols
Cryptographic Protocols
 IPSec
 Kerberos
 NTLM
 TLS/SSL
 SSH

32
Cryptography Technical Choices
Cryptography Technical Choices
 Use a hash when you want a way of verifying that data has not been
tampered with in transit.
 Use a keyed hash when you want to prove that an entity knows a secret
without sending the secret back and forth, or you want to defend against
interception during transit by using a simple hash.
 Use encryption when you want to hide data when being sent across an insecure
medium or when making the data persistent.
 Use a certificate when you want to verify the person claiming to be the owner
of the public key.
 Use symmetric encryption for speed and when both parties share the key in
advance.
 Use asymmetric encryption when you want to safely exchange data across an
insecure medium.
 Use a digital signature when you want authentication and non-repudiation.
 Use a salt value (a cryptographically generated random number) to defend
against dictionary attacks.
34
Questions…
Appendix
Appendix>Cryptography Map

37
Appendix>References and Resources
 Wikipedia
 Information Security
 Network Security
 Cryptography

 SANS Software Security Institute
 Application Security Resources

 Research Library

 Microsoft Patterns & Practices
 Security Guidance

 Michael Howard's Web Log
 J.D. Meier's Blog

 OWASP

38

Security Training: #2 Cryptography Basics

  • 1.
  • 2.
    Presentation Path  Introduction Symmetric Cryptography  Asymmetric Cryptography  Certificates and Key Management  Email Security  Network Protocols Security  Technical Choices  Questions  Appendix 2
  • 3.
  • 4.
    Introduction>Cryptography for Security Confidentiality Encryption/Decryption Integrity  Hashing  Keyed Hashing or MAC (Message Authentication Code)  Digital Signatures Authentication  Keyed Hashing or MAC (Message Authentication Code)  Digital Signatures  Hashing Non-Repudiation  Digital Signatures 4
  • 5.
    Introduction>Basic Terms  Encryption/Decryption Plain Text  Cipher Text  Cipher  Key 5
  • 6.
    Introduction>Cryptography Flavors  SymmetricCryptography  Synonyms: Private Key, Secret Key, Shared Key, One Key, Single Key  Asymmetric Cryptography  Synonyms: Public Key 6
  • 7.
  • 8.
    Symmetric Cryptography Block ciphers Streamciphers Other Cryptographic hash functions (Hashing) MAC - Message Authentication Codes (Keyed Hashing) 8
  • 9.
  • 10.
    Symmetric Cryptography>Block Ciphers DES (Data Encryption Standard)  56 bit key size  Secure? NO!  3DES (Triple DES)  56-bit key size. 1 or 2 or 3 keys used. Max: 168 bits  Secure? ALMOST (using 3 different keys)  AES (Advanced Encryption Standard) or Rijndael [rɛindal]  128/192/256 bit key size  Secure? 128 bit – for dynamic data, 192 bit – ALMOST, 256 – YES (Currently)  6 times faster than 3DES !!!  RC2  Variable key size  Secure? Vulnerable to related key attack using 2^34 chosen plaintexts 10
  • 11.
    Symmetric Cryptography>Stream Ciphers RC4  Variable key size (typically 40-256 bit)  eSTREAM Portfolio  HC-256 (256 bit key size)  Rabbit (128 bit key size)  Salsa20 (256 bit key size)  SOSEMANUK (128-256 bit key size, use 128) 11
  • 12.
    Symmetric Cryptography>Hash Functions The ideal hash function properties:  easy to compute the hash for any given data  extremely difficult to construct a text that has a given hash  extremely difficult to modify a given text without changing its hash  extremely unlikely that two different messages will have the same hash  SHA-1 (160 bit)  MD5 (128 bit)  SHA-2 (SHA-256/224, SHA-512/384)  SHA-3 (In development) SHA-1 fox: the quick red fox: the quick red box: ff0f0a8b656f0b44c26933acd2e367b6c1211290 0fa561fd7e9cf714d5f94c422106ec8979c0c147 a6b613310c301411300cc742ac5bf205728b78cb 12
  • 13.
    Symmetric Cryptography>MAC Algorithms MAC – Message Authentication Code  UMAC (AES)  HMAC (MD5 or SHA-1)  CMAC (AES) 13
  • 14.
    Symmetric Cryptography>Pros andCons  Speed  Key Management 14
  • 15.
    Symmetric Cryptography>Dev Choices Encryption/Decryption – AES  192 bit key – volatile data  256 bit key – sensitive data  Hashing  MD5 – integrity checks  SHA-256 – password hashing  MAC  HMAC, UMAC  CHANGE PRIVATE KEYS REGULARLY!!! 15
  • 16.
  • 17.
    Asymmetric Cryptography  PublicKey Encryption  Digital Signatures  Public Key Certificates 17
  • 18.
    Asymmetric Cryptography>Encryption  RSA Diffie-Hellman key exchange  ECC (Elliptic Curve Cryptography) (Elliptic curve: y2 = x3 + ax + b ) 18
  • 19.
    Asymmetric Cryptography>Digital Signing DSA (Digital Signature Algorithm)  RSA  ECDSA (Elliptic Curve DSA) 19
  • 20.
    Asymmetric Cryptography>Pros andCons  No Shared Secret  Speed 20
  • 21.
    Asymmetric Cryptography>Dev Choices Encryption - RSA  1024 bit key – volatile data  2048 bit key - sensitive data  Digital Signing – DSA  2048 bit key – beyond 2010  3072 bit key – beyond 2030  MANDATORY PUBLIC KEY INFRASTRUCTURE!!! 21
  • 22.
  • 23.
    Key Management  KeyManagement  generation  exchange  storage  safeguarding  use  vetting  replacement  Flavors  PKI (Public Key Infrastructure)  X.509  Web Of Trust  PGP 23
  • 24.
    Key Management>Digital Certificate X.509  PGP (Pretty Good Privacy) 24
  • 25.
  • 26.
  • 27.
  • 28.
    Email Security  ESMTP S/MIME  OpenPGP 28
  • 29.
    Email Security>Extended SMTP SMTP security extensions  SMTP-AUTH  STARTTLS 29
  • 30.
    Email Security>S/MIME andOpenPGP Mandatory features S/MIME v3 OpenPGP Message format Binary, based on CMS Binary, based on previous PGP Certificate format Binary, based on X.509v3 Binary, based on previous PGP Symmetric encryption algorithm TripleDES (DES EDE3 CBC) TripleDES (DES EDE3 Eccentric CFB) Signature algorithm Diffie-Hellman (X9.42) with DSS or RSA ElGamal with DSS Hash algorithm SHA-1 SHA-1 MIME encapsulation of signed data Choice of multipart/signed or CMS format multipart/signed with ASCII armor MIME encapsulation of encrypted data application/pkcs7-mime multipart/encrypted 30
  • 31.
  • 32.
    Cryptographic Protocols  IPSec Kerberos  NTLM  TLS/SSL  SSH 32
  • 33.
  • 34.
    Cryptography Technical Choices Use a hash when you want a way of verifying that data has not been tampered with in transit.  Use a keyed hash when you want to prove that an entity knows a secret without sending the secret back and forth, or you want to defend against interception during transit by using a simple hash.  Use encryption when you want to hide data when being sent across an insecure medium or when making the data persistent.  Use a certificate when you want to verify the person claiming to be the owner of the public key.  Use symmetric encryption for speed and when both parties share the key in advance.  Use asymmetric encryption when you want to safely exchange data across an insecure medium.  Use a digital signature when you want authentication and non-repudiation.  Use a salt value (a cryptographically generated random number) to defend against dictionary attacks. 34
  • 35.
  • 36.
  • 37.
  • 38.
    Appendix>References and Resources Wikipedia  Information Security  Network Security  Cryptography  SANS Software Security Institute  Application Security Resources  Research Library  Microsoft Patterns & Practices  Security Guidance  Michael Howard's Web Log  J.D. Meier's Blog  OWASP 38