CCNAS Chap. 7 Cryptographic Systems
Definition of Cryptology;
The science of making and breaking codes, and is used to encrypt and decrypt messages.
Cryptology is used to secure communications over public networks, such as the internet, ensuring
the packets cannot be intercepted along the way.
There are 3 main areas where cryptology is used:



Authentication
o The guarantee that the data is coming from an authenticated source
o HMAC (Hash Based Message Authentication Code)
Integrity
o The guarantee that the message has not been altered in transit
o Uses the MD5 of SHA-1 algorithms to generate a ‘checksum’
o The checksum is later compared to the original
Confidentiality
o The guarantee that the message cannot be read en route
o Uses either symmetric (pre-shared key)
 AES, DES, 3DES
o Asymmetric algorithms (Public/Private Keys)
 RSA
 PKI (Public Key Infrastructure)
Cryptography
Creating Cipher text using a cipher



Transposition
o No Letters are replaced, only moved
o Still used partially in DES and 3DES
Substitution
o Substitute one letter for another
Vernam
o Used in RC4
Cryptanalysis
Definition; The art and science of cracking encrypted messages and or the ciphers that were used to
make them
Brute-force attack


Attackers try all possible combinations of a key to try and crack it
Works on all encryption algorithms
Ciphertext-Only Attack



Uses multiple ciphertext messages, encrypted in the same way, to derive the key used
Attacker can use statistical analysis to deduce the key
Is no longer practical
Known-Plaintext Attack


Attacker knows something about the plaintext message
Uses the brute-force method supported by assumptions
Chosen-Plaintext Attack and Chosen-Ciphertext Attack


Uses both plaintext and the ciphertext to devise the key used to encrypt the text
Useless unless you already have access
Meet-in-the-Middle



Attacker knows a bit of the plaintext and the corresponding ciphertext
Plaintext is encrypted with every possible key and the results stored
Ciphertext is then decrypted using every key until it matches a stored value
Hashing
Takes a variable block of data and returns a fixed-length hash or message-digest. If the contents of
the data changes in any way, the hash value will be different.
Two majorly used types


MD5
o
o
o
SHA1
o
o
o
o
Based on MD4
Involves 64 steps to generate the hash, therefore is faster than SHA
Smaller hash than SHA1 means it’s more likely to be brute-forced
Based on MD4 (MD5s predecessor) but is slower than MD5
Has a larger digest than MD5 (160-bit)
Involves 80 steps (16 more than MD5)
Larger hash than MD5 means its less likely to be brute-forced
Hashes are commonly used in:





Symmetric secret authentication keys
o IPsec
o Routing Protocol authentication
One-way responses to challenges (like in CHAP)
Digitally signed contracts i.e. SSL certificates
Ensuring data hasn’t changed in transit
Integrity checking of data
o Vulnerable to man-in-the-middle attack
 Data packet can be intercepted, altered, and hash recalculated
HMAC (Hash Message Authentication Code)
HMAC uses a hash with a secret key to function as a protection mechanism.
Both parties have a copy of the key, and generates a hash using the data and the secret key. If the
key is identical on both sides, the data is authenticated to be from the other party.


Is used in IPsec
Used in routing updates
Cisco uses:


Keyed MD5 (HMAC-MD5)
Keyed SHA-1 (HMAC-SHA-1)
Digital Signatures
Key management





Generation
o Formally decided by the end user
o Presently, random generators are used to reduce the predictability of the key
Verification
o Verify the key is not weak (0 or 25 don’t work on the Caesar cipher for e.g.)
Storage
o Normally stored in memory when in use, therefore when swapping back to the disk,
a Trojan could intercept
Exchange
o A mechanism to facilitate secure agreement on the way the keys will be swapped
over a (usually) untrusted network
Revocation and Destruction
o Notify all interested parties if a key has been compromised
o Destroy the keys involved ensuring it cannot be recovered
What Is a Key?
A key is made up of


Length
o How many bits long the key is
Keyspace
o The amount of keys that can be made using different combinations in binary
DES



Has 4 keys that will encrypt but also decrypt (which is a problem with an asymmetric key)
Doubles the time required to search the keyspace for a code with every bit added to the key
Requires more resources for longer codes
Types of Cryptographic Keys




Symmetric
o Use the same key to encrypt as to decrypt
o Uses a pre-shared key
o Faster than Asymmetric
Asymmetric
o Uses a different key to decrypt than to encrypt
o Significantly slower than symmetric
o Requires much larger key length to avoid attackers
Digital Signatures
Hash Keys
Performance
The longer the key, the slower it will be (hey that rhymes =D)
Cryptography in the OSI model




Supported on Layer 2 – Data-link, by proprietary link encrypting systems
Supported on Layer 3 – Network Layer, by IPsec providing confidentiality
Supports Layer 5 – Session, by SSL or TLS confidentiality
Supports Layer 7 – Application layer confidentiality such as Email and Database connections