This document provides an overview of asymmetric cryptography, including its history and key concepts. It discusses how asymmetric cryptography uses key pairs, with one key kept private and one shared publicly. Common asymmetric algorithms are described such as RSA, Diffie-Hellman, El Gamal, and Elliptic Curve Cryptography. The document also covers hashing, message authentication codes, digital signatures, and key management considerations.
1 Symmetric Encryption
2 Message Authentication and Hash Functions
3 Public-Key Encryption
4 Digital Signatures and Key Management
5 Random and Pseudo random Numbers
6 Practical Application: Encryption of Stored Data
7 Symmetric vs Asymmetric
UNIT II E-MAIL SECURITY & FIREWALLS
PGP – S/MIME – Internet Firewalls for Trusted System: Roles of Firewalls – Firewall related terminology- Types of Firewalls – Firewall designs – SET for E-Commerce Transactions.
1 Symmetric Encryption
2 Message Authentication and Hash Functions
3 Public-Key Encryption
4 Digital Signatures and Key Management
5 Random and Pseudo random Numbers
6 Practical Application: Encryption of Stored Data
7 Symmetric vs Asymmetric
UNIT II E-MAIL SECURITY & FIREWALLS
PGP – S/MIME – Internet Firewalls for Trusted System: Roles of Firewalls – Firewall related terminology- Types of Firewalls – Firewall designs – SET for E-Commerce Transactions.
SECURITY PRACTICE & SYSTEM SECURITY
Authentication applications – Kerberos – X.509 Authentication services – Internet Firewalls for Trusted System: Roles of Firewalls – Firewall related terminology- Types of Firewalls – Firewall designs – SET for E-Commerce Transactions. Intruder – Intrusion detection system – Virus and related threats – Countermeasures – Firewalls design principles – Trusted systems – Practical implementation of
cryptography and security.
Slides for a college course at City College San Francisco. Based on "Hands-On Ethical Hacking and Network Defense, Third Edition" by Michael T. Simpson, Kent Backman, and James Corley -- ISBN: 9781285454610.
Instructor: Sam Bowne
Class website: https://samsclass.info/123/123_S17.shtml
Security+ Guide to Network Security Fundamentals, 3rd Edition, by Mark Ciampa
Knowledge and skills required for Network Administrators and Information Technology professionals to be aware of security vulnerabilities, to implement security measures, to analyze an existing network environment in consideration of known security threats or risks, to defend against attacks or viruses, and to ensure data privacy and integrity. Terminology and procedures for implementation and configuration of security, including access control, authorization, encryption, packet filters, firewalls, and Virtual Private Networks (VPNs).
CNIT 120: Network Security
http://samsclass.info/120/120_S09.shtml#lecture
Policy: http://samsclass.info/policy_use.htm
Many thanks to Sam Bowne for allowing to publish these presentations.
Module 6: IP and System Security
IP security overview-IP security policy-Encapsulating Security payload-intruders-intrusion detectionvirus/worms-countermeasure-need for firewalls-firewall characteristics-types of fire
As data security becomes of paramount importance, we are going to need to have a reasonable understanding of encryption and encryption techniques. We will discuss the different types of encryption techniques and understand the difference between hashing (one way encryption) and encryption (designed to be two way). We will look at what is industry best practice for encryption today, and why. We will also look at some issues relating to performance of encryption.
This presentation is created for Applied Data Communication lecture of Computer Systems Engineering master programme at Tallinn University of Technology
Information and network security 11 cryptography and cryptanalysisVaibhav Khanna
The purpose of cryptography is to hide the contents of messages by encrypting them so as to make them unrecognizable except by someone who has been given a special decryption key. The purpose of cryptanalysis is then to defeat this by finding ways to decrypt messages without being given the key
Pgp-Pretty Good Privacy is the open source freely available tool to encrypt your emails then you can very securely send mails to others over internet without fear of eavesdropping by cryptanalyst.
Module 1: Introduction to Cryptography and Symmetric Key Ciphers
Computer Security Concepts - OSI Security Architecture -Security Attacks - Services, Mechanisms -
Symmetric Cipher Model - Traditional Block Cipher Structure - The Data Encryption Standard -The Strength of DES - Advanced Encryption Standard.
SECURITY PRACTICE & SYSTEM SECURITY
Authentication applications – Kerberos – X.509 Authentication services – Internet Firewalls for Trusted System: Roles of Firewalls – Firewall related terminology- Types of Firewalls – Firewall designs – SET for E-Commerce Transactions. Intruder – Intrusion detection system – Virus and related threats – Countermeasures – Firewalls design principles – Trusted systems – Practical implementation of
cryptography and security.
Slides for a college course at City College San Francisco. Based on "Hands-On Ethical Hacking and Network Defense, Third Edition" by Michael T. Simpson, Kent Backman, and James Corley -- ISBN: 9781285454610.
Instructor: Sam Bowne
Class website: https://samsclass.info/123/123_S17.shtml
Security+ Guide to Network Security Fundamentals, 3rd Edition, by Mark Ciampa
Knowledge and skills required for Network Administrators and Information Technology professionals to be aware of security vulnerabilities, to implement security measures, to analyze an existing network environment in consideration of known security threats or risks, to defend against attacks or viruses, and to ensure data privacy and integrity. Terminology and procedures for implementation and configuration of security, including access control, authorization, encryption, packet filters, firewalls, and Virtual Private Networks (VPNs).
CNIT 120: Network Security
http://samsclass.info/120/120_S09.shtml#lecture
Policy: http://samsclass.info/policy_use.htm
Many thanks to Sam Bowne for allowing to publish these presentations.
Module 6: IP and System Security
IP security overview-IP security policy-Encapsulating Security payload-intruders-intrusion detectionvirus/worms-countermeasure-need for firewalls-firewall characteristics-types of fire
As data security becomes of paramount importance, we are going to need to have a reasonable understanding of encryption and encryption techniques. We will discuss the different types of encryption techniques and understand the difference between hashing (one way encryption) and encryption (designed to be two way). We will look at what is industry best practice for encryption today, and why. We will also look at some issues relating to performance of encryption.
This presentation is created for Applied Data Communication lecture of Computer Systems Engineering master programme at Tallinn University of Technology
Information and network security 11 cryptography and cryptanalysisVaibhav Khanna
The purpose of cryptography is to hide the contents of messages by encrypting them so as to make them unrecognizable except by someone who has been given a special decryption key. The purpose of cryptanalysis is then to defeat this by finding ways to decrypt messages without being given the key
Pgp-Pretty Good Privacy is the open source freely available tool to encrypt your emails then you can very securely send mails to others over internet without fear of eavesdropping by cryptanalyst.
Module 1: Introduction to Cryptography and Symmetric Key Ciphers
Computer Security Concepts - OSI Security Architecture -Security Attacks - Services, Mechanisms -
Symmetric Cipher Model - Traditional Block Cipher Structure - The Data Encryption Standard -The Strength of DES - Advanced Encryption Standard.
Cryptography is both an art and a science – the use of deception and mathematics, to hide, transmit, and receive data. This short course covers Cryptography as it relates to the CISSP certification. The full video course is located here: http://resources.infosecinstitute.com/cryptography-CISSP-use-of-cryptography
The SlideShare 101 is a quick start guide if you want to walk through the main features that the platform offers. This will keep getting updated as new features are launched.
The SlideShare 101 replaces the earlier "SlideShare Quick Tour".
Symmetric Cipher Model,BruteForce attack, Cryptanalysis,Advantages of Symmetric cryptosystem,Model of conventional Encryption, model of conventional cryptosystem,Cryptography,Ciphertext,Plaintext,Decryption algorithm,Diadvantages of Symmetric Cryptosystem,Types of attacks on encrypted messages,Average time required for exhaustive key search
This material covers Authentication requirement, Authentication function, MAC, Hash function, Security of hash function and MAC, SHA, Digital signature and authentication protocols, DSS, Authentication protocols like Kerberos and X.509, entity authentication
This material covers Authentication requirement, Authentication function, MAC, Hash function, Security of hash function and MAC, SHA, Digital signature and authentication protocols, DSS, Authentication protocols like Kerberos and X.509, entity authentication
This presentation consists of the Seminar, provided by me in the partial fulfillment of my Bachelors Degree in G B Pant Engineering College. Seminar included information about Encryption, Decryption, Cryptosystems and Authenticity in crytosystem.
Biological screening of herbal drugs: Introduction and Need for
Phyto-Pharmacological Screening, New Strategies for evaluating
Natural Products, In vitro evaluation techniques for Antioxidants, Antimicrobial and Anticancer drugs. In vivo evaluation techniques
for Anti-inflammatory, Antiulcer, Anticancer, Wound healing, Antidiabetic, Hepatoprotective, Cardio protective, Diuretics and
Antifertility, Toxicity studies as per OECD guidelines
The French Revolution, which began in 1789, was a period of radical social and political upheaval in France. It marked the decline of absolute monarchies, the rise of secular and democratic republics, and the eventual rise of Napoleon Bonaparte. This revolutionary period is crucial in understanding the transition from feudalism to modernity in Europe.
For more information, visit-www.vavaclasses.com
Model Attribute Check Company Auto PropertyCeline George
In Odoo, the multi-company feature allows you to manage multiple companies within a single Odoo database instance. Each company can have its own configurations while still sharing common resources such as products, customers, and suppliers.
Palestine last event orientationfvgnh .pptxRaedMohamed3
An EFL lesson about the current events in Palestine. It is intended to be for intermediate students who wish to increase their listening skills through a short lesson in power point.
Unit 8 - Information and Communication Technology (Paper I).pdfThiyagu K
This slides describes the basic concepts of ICT, basics of Email, Emerging Technology and Digital Initiatives in Education. This presentations aligns with the UGC Paper I syllabus.
Synthetic Fiber Construction in lab .pptxPavel ( NSTU)
Synthetic fiber production is a fascinating and complex field that blends chemistry, engineering, and environmental science. By understanding these aspects, students can gain a comprehensive view of synthetic fiber production, its impact on society and the environment, and the potential for future innovations. Synthetic fibers play a crucial role in modern society, impacting various aspects of daily life, industry, and the environment. ynthetic fibers are integral to modern life, offering a range of benefits from cost-effectiveness and versatility to innovative applications and performance characteristics. While they pose environmental challenges, ongoing research and development aim to create more sustainable and eco-friendly alternatives. Understanding the importance of synthetic fibers helps in appreciating their role in the economy, industry, and daily life, while also emphasizing the need for sustainable practices and innovation.
Acetabularia Information For Class 9 .docxvaibhavrinwa19
Acetabularia acetabulum is a single-celled green alga that in its vegetative state is morphologically differentiated into a basal rhizoid and an axially elongated stalk, which bears whorls of branching hairs. The single diploid nucleus resides in the rhizoid.
Embracing GenAI - A Strategic ImperativePeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
A Strategic Approach: GenAI in EducationPeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
Honest Reviews of Tim Han LMA Course Program.pptxtimhan337
Personal development courses are widely available today, with each one promising life-changing outcomes. Tim Han’s Life Mastery Achievers (LMA) Course has drawn a lot of interest. In addition to offering my frank assessment of Success Insider’s LMA Course, this piece examines the course’s effects via a variety of Tim Han LMA course reviews and Success Insider comments.
2024.06.01 Introducing a competency framework for languag learning materials ...Sandy Millin
http://sandymillin.wordpress.com/iateflwebinar2024
Published classroom materials form the basis of syllabuses, drive teacher professional development, and have a potentially huge influence on learners, teachers and education systems. All teachers also create their own materials, whether a few sentences on a blackboard, a highly-structured fully-realised online course, or anything in between. Despite this, the knowledge and skills needed to create effective language learning materials are rarely part of teacher training, and are mostly learnt by trial and error.
Knowledge and skills frameworks, generally called competency frameworks, for ELT teachers, trainers and managers have existed for a few years now. However, until I created one for my MA dissertation, there wasn’t one drawing together what we need to know and do to be able to effectively produce language learning materials.
This webinar will introduce you to my framework, highlighting the key competencies I identified from my research. It will also show how anybody involved in language teaching (any language, not just English!), teacher training, managing schools or developing language learning materials can benefit from using the framework.
3. In the Beginning...
●
●
●
Asymmetric cryptography is very new.
Largely attributed to Dr Whit Diffie and Dr Martin
Hellman (Diffie-Hellman)
Diffie-Hellman released a paper in 1976 called
“New Directions in Cryptography” which brought
asymmetric cryptography mainstream
4. Basics of Asymmetric
1) A keypair is generated
1)generally by the application to ensure the strength of key
generation (keygen)
2) One key is designated the private key and is kept secret by
the user.
3) The other key is designated the public key and is freely given
to anyone
4) Algorithms use one way functions to encrypt data with a key
that can only be decrypted by the other key in a keypair. Not
even the key used to encrypt can decrypt
5. Private to Public
●
●
When the private key is used to encrypt a message,
the message can be ready by anyone who possesses
the corresponding public key.
This provides non-repudiation since the receiver can
have reasonable assurance that the message came
from the intended sender. This is only applicable if
the private key is properly secured.
6. RSA
●
●
Developed in 1978 by Ron Rivest, Adi Shamir, and
Len Adleman
Based on the mathematical challenge of factoring
the product of two large prime numbers
7. RSA Factoring Attacks
●
512 bit factoring attacks have been successful.
–
●
Took 8000 MIPS years. 1 MIPS is 1 million instructions per
second. MIPS year is 31.5 trillion instructions per year. An i7
processor does 147,600 MIPS or 12.7 quadrillion instructions per
year(if my calculation is correct)
1024 bit factoring attacks are quickly becoming economically
feasible. NIST recommended moving away from 1024 by the
end of 2010. Users weren't listening so the Certificate
Authority Forum mandated that CA's stop issuing 1024 bit
web certificates by Oct 1, 2014
8. Attacking RSA
●
●
●
Brute force: Trying all possible private keys
Mathematical attacks: Factoring the product of two
prime numbers
Timing attacks: Measuring the running time of the
decryption algorithm
9. Diffie-Hellmann Algorithm
●
●
●
Algorithm for key exchange. Uses discrete
logarithms
Allows two users to exchange or negotiate a secret
symmetric key
Diffie-Hellman does not provide message
confidentiality
11. El Gamal
●
Based on Diffie-Hellmann but included the ability to
provide message confidentiality and digital signature
service
12. Elliptical Curve Cryptography (ECC)
●
●
●
Uses discrete logarithmic algorithms based on the complex
mathematics of elliptic curves.
Fast and high strength
Highest strength per bit of key length of any asymmetric
algorithm.
●
Shorter keys allow computational power savings.
●
Beneficial in smart cards, wireless, etc
●
Provides confidentiality, digital signatures, and message
authentication
13. Asymmetric advantages
●
Ability to send a message across an untrusted
medium in a secure manner without prior key
exchange
●
Non-repudiation of origin
●
Access control
●
Data integrity
●
Non-repudiation of delivery
14. Asymmetric Disadvantages
●
●
●
Extremely slow compared to symmetric
Impractical for large amounts of data and frequent
transactions
Ciphertext output from asymmetric may be much
larger than the plaintext making storage and
transmission costly
15. Hybrid Cryptography
●
●
Symmetric can be used for encrypting large files and
handling encryption/decryption without impacting
delivery time or performance
Asymmetric crypto can handle the initial setup of
the communications session through the exchange
and negotiation of the symmetric keys
16.
17. Message Digests
●
●
A message digest is a small representation of a
larger message. Message digests are used to ensure
the authentication and integrity of information and
not confidentiality
Example MD5
18. Message Authentication Code
●
●
MAC, also known as a cryptographic checksum, is a
small block of data that is generated using a secret
key and then appended to the message.
When message is received, the recipient generates
their own MAC using the secret key and can
validate that the message has not changed during
transit
19. MAC Characteristics
●
●
●
A MAC is much smaller than the message
generating it
Given a MAC, it is impractical to compute the
message that generated it
Given a MAC and the message that generated it, it is
impractical to find another message generating the
same MAC
20. MAC Example
●
●
If a sending is using DES-CBC and generates a
MAC during the transaction, the MAC is the last
block of ciphertext generated by the algorithm.
This block of data is transmitted to the recipient. If
the recipient runs the decrypt operation and receives
the same last block of ciphertext then the checksum
is valid and can prove authentication since only
someone with the secret key could generate the
message.
21. HMAC
●
●
A hash MAC operation uses a hash function to
verify message integrity.
HMAC's are calculated by taking a secret key balue
to a hash input function along witht he source
message.
●
HMAC's are more efficient than MAC's
●
Used often with SSL/TLS, IPSEC, etc
22. Hashing
●
●
A hash function accepts an input message of any
length and generates, through a one-way operation,
a fixed-length output.
It does not use a secret key. The only input is the
input message.
23. Key properties of a hash function
●
●
●
●
●
Uniformly distributed – The hash output value should not be
predictable
Weak collision resistance - Difficult to find a second input
value that hashes to the same value as another input
Difficult to invert – Should be one way, should not be able to
derive hash input x by reversing the hash function on output y
Strong collision Resistance – Difficult to find any two inputs
that hash to the same value
Deterministic – Given an input x, it must always generate the
same hash value y
24. MD5 Message Digest Algorithm
●
Developed by Ron Rivest at MIT in 1992
●
Generates a 128 bit digest from a message of any length
●
Processes the message in 512 bit blocks and does 4 rounds of processing.
Each round contains 16 steps
●
Hash/message collision odds are 264
●
Odds of reversing a message from a hash are 2 128
●
●
●
Commonly used in forensic investigations to ensure that the original media
has not been altered since seizure
Recently there have been several attacks developed against MD5 where it is
now possible to find collisions. MD5 should be phased out.
MD4 is weaker than MD5 and should not be used
25. SHA/SHA-1
●
The Secure Hash Algorithm was developed by NIST in 1993 and issued as
FIPS 180
●
A revised version (FIPS 180-1) was issued in 1995 for SHA-1
●
SHA was based on the MD4 algorithm whereas SHA-1 uses MD5
●
●
●
●
SHA-1 operates on 512 bit blocks and can handle any message up to 2 64 bits in
length. The output hash is 160 bits
Processing includes 4 rounds of operations of 20 steps each
Recently there have been several attacks descripbed against SHA-1 despite it
being considerably stronger than MD5
NIST issued FIPS 180-3 which recognizes SHA-1, SHA-224, SHA-256, SHA384, SHA-512 as part of the secure hash standard. Output varies from 160 to
512 bits
26. SHA-3
●
●
NIST is currently evaluating hash algorithms to
choose SHA-3.
(Update: Keccak has tentatively been chosen, but
there is some controversy)
27. HAVAL
●
●
●
●
HAVAL was developed at the University of Wollongong in
Australia
It combines a variable length output with a variable number
of rounds of operation on 1024 bit input blocks.
The output can be 128, 160, 192, 224, or 256 bit and the
number of rounds may vary from 3 to 5
HAVAL operates 60% faster than MD5 when only 3 rounds
are used and just as fast when 5 rounds are used
Not to be confused with HALAL
28. RIPEMD-160
●
●
●
●
●
Developed by the European RACE Integrity Primitives
Evaluation project
In response to vulnerabilities found in MD4 and MD5
The original algorithm RIPEMD-128 had the same
vulnerabilities as MD4/MD5.
Output for RIPEMD-160 is 160 bits and operates on 512 bit
blocks.
Performs 5 paired rounds of 16 steps each for 160 operations
29. Hash/MAC attacks
●
Primary attack methods:
–
Brute force
●
●
–
Must find a weakness in the hashing algorithm that would allow an attack to
reconstruct the original message from the hash value, find another message with
the same hash value, or find any pair of messages with the same hash value
Oorschot and Weiner developed a machine that could find a collision on a 128
bit hash in about 24 days
Cryptanalysis
●
●
Side channel attack – Attack implementation of algorithm rather than the
algorithm directly
Rainbow tables – pre-computed lists of hashes. Can be defeated by salting
30. Birthday Paradox
●
●
●
●
Describes the probability of finding two people with the
same birthday from a group of people
In a room of 23 people there's more than a 50% chance
of two of them sharing the same birth day
Same principal can theoretically be used in hashing to
find a collision
Attacker wants to 1: Change the message contents to
what he wants or 2: cast some doubt on the authenticity
of the original message
31. Key Management
●
Auguste Kerchhoff's law:
–
●
“A cryptosystem should be secure even if everything
about the system, except the key, is public knowledge”
Claude Shannon:
–
“The enemy knows the system”
32. Key Management
●
●
Loss of a key is the same as loss of the data itself –
protect it!
Control issuance, revocation, recovery, and
distribution of keys
33. XKMS
●
Why is this here? Seems tangential
●
XML Key Management Specification
–
●
Spec defines protocols for distributing and registering
public keys (W3C)
Consists of 2 parts:
–
XML Key Information Sercive Spec (X-KISS)
–
XML Key Registration Service Spec (X-KRSS)
35. Creating & Distributing Keys
●
Automated key generation
–
●
●
Hopefully quicker and more random than manual
Keys must take a sufficient amount of time and
effort for an attacker to break them
The two main factors in a strong key are:
–
Randomness
–
Key length/size
36. Randomness
●
●
If an attacker can easily guess at a key or find
patterns in the key, it takes less effort to break
Computers are designed for
predictability and order so
creating pseudo randomness
can be troublesome
37. Cupcakes Sausage
●
●
If we generate randomness with an algorithm, it isn't
really random since it follows the formula
The solution? SEEDS!
…
…
...
●
Not those kinds of seeds!
38. Randomness
●
An initialization vector (IV) or seed is:
–
A value fed into a randomness algorithm to produce
apparently random results
–
Common seeds are mouse movements or time between
keyboard inputs
–
Could also be manually input like with WEP/WPA
●
As we've shown in previous classes, wireless keys are rarely
random... ex: “password123”
40. Key Length
●
●
Cryptographic security is a logarithmic measure of
the fastest known computational attack on the
algorithm
Key length is distinct from cryptographic security,
meaning a longer key doesn't necessarily mean more
security
Ex: 3DES with a key length of 168 (3x 56 bit keys) only
has an effective security of 112 (2x 56) due to the meet in
the middle attack
41. Key Length
●
●
●
The longer the key, the more expensive to
encrypt/decrypt
The goal should be a key of just enough length to
protect the information
Depends on the worth of the information
–
Many websites use HTTP for much of their site because it's
public and of low worth to protect
–
When they use HTTPS, they may use the lowest level they
can so that the site is fast and doesn't tax their server
42. Asymmetric Key Length
●
●
Asymmetric cryptography relies on the difficulty of
solving certain mathematical problems
That means it's easier to brute-force answers than to
run the computations
–
Therefore asymmetric keys must be longer than
symmetric to resist these attacks
RSA (asymmetric) key length
Equivalent to symmetric key length
1024-bit
80-bit
2048-bit
112-bit
3072-bit
128-bit
15,360
256-bit
43. Key Distribution
●
●
Exchanging keys is dangerous – if anyone intercepts
the key, they can decrypt messages
One solution is a Key Encrypting Key (KEK)
–
Process of using a KEK called Key Wrapping
–
Protocols which use KEK: SSL, PGP, S/MIME
44. Key Distribution
●
Methods:
–
Out-of-band exchange (CD, Fax, Phone call)
–
PKI key server
●
–
Central repository of public keys
Key distribution center (KDC)
●
●
Each user has a master (secret) key to talk to KDC
KDC sets up session keys to talk to other users
45. Key Storage
●
Often buried within equipment, inaccessible to the
users
–
●
Stored in protected smart cards (KEK cards)
Keys must have expiration dates to prevent longterm cryptanalytic attacks
46. NIST Guidelines
●
Keys should be signed with a MAC and encrypted
●
Make backup copies of central/root keys
●
Provide key recovery capabilities
●
Archive user keys for the period of time where a key
can be used to protect information
47. Risk Factors (NIST)
●
Strength of cryptographic mechanisms
●
The implementation of the mechanism
●
The operating environment
●
The volume of information/# of transactions
●
The security life of the data
●
The security function (encryption, signing)
●
The re-keying method
●
The key update process
●
The number of nodes with shared keys
●
The number of copies of shared keys
●
The threat to the information (who might be attacking)
48. Key Destruction
●
●
Generally, shorter key periods enhance security
Once deleted, the key could still reside in memory
or on disk until sufficiently overwritten
–
Actually erasing can take multiple passes of overwriting
the memory
–
Sometimes a key will reside in memory for so long that it
gets “burned in”
●
Can be mitigated by splitting the key in memory
49. Key Destruction
●
Manual keys
–
●
Higher risk to update and distribute – sometimes more
secure to update less frequently and control keys more
closely with compensating controls
Different key lifetimes depending on user roles
–
Key to use the printer could last much longer than key to
open the datacenter due to lower risk
50. Key Destruction
●
Balancing act
–
–
●
Reissuing too often can become excessively burdensome
Still has to happen enough to minimize loss
Handle lost/compromised keys
–
Data signed before compromise should still be good
–
Should just prevent use of the key after the date it was
compromised
51. Cost of Certificate Replacement
●
Re-keying a large database or replacing a large
number of keys is very expensive
–
●
Might justify expensive security measures to offset
longer key lifecycle
Conversely, you might justify shorter periods
–
Example: Employee keys expires more often so they
must continually prove they are still authorized to have
access. If they quit/change jobs, the shorter lifecycle will
ensure they lose access
52. Key Recovery
●
Methods:
–
Common trusted directory
–
Policy requiring all keys be registered with security
department
–
Stenography? (bury key in an image)
–
Password wallet
53. Key Recovery
●
Multiparty key recovery
–
–
●
Divide the key into multiple parts
Pass out to multiple parties
Key escrow
–
Ensure third-party retains a copy
of the key or their own key
–
Must be explicit trust between
company and the third-party