Using encryption

advertisement
Security fundamentals
Topic 4
Encryption
Agenda
•
•
•
•
•
•
Using encryption
Cryptography
Symmetric encryption
Hash functions
Public key encryption
Applying cryptography
Cryptography
• Means ‘secret writing’
– Taking plaintext and encrypting it into ciphertext
– Ensure confidentiality and integrity
– Store confidential data
– Authenticate users
– Protect passwords
– Ensure identity
Uses of cryptography
• Confidentiality
– Only authorised people can access data
• Data Integrity
– Unauthorised modifications to the data are detected (protection
from man-in-middle attacks)
• Authentication
– Data originates from the legitimate source/destination
• Non-repudiation
– Ensures a user cannot deny performing a task or sending data
(cannot refute signing a contract)
• Anti-replay protection
– Prevents a message being intercepted and replayed (re-sent) at a
later time
Algorithms and keys
• A mathematical formula that is applied to data to
convert plaintext to ciphertext or ciphertext to
plaintext. C = f(M)
• Weakness: If the algorithm is not secret it can be
used to decrypt any message
• Key: A key varies the function of the algorithm
• The strength of the encryption is in the key not
the algorithm
• If the key is discovered, only the messages
encrypted with that key are compromised
Strength of cryptographic methods
• How difficult it is for unauthorised people to reconstruct the plaintext
from ciphertext?
• The strongest algorithms are those that have been made publicly available
for cryptographers to try to break
• Good cryptography creates ciphertext that appears to be entirely random
• It can only be broken by discovery of the key (theft or social engineering)
or by brute force: Trying every possible combination
• Increase the strength of encryption by increasing the key length,
complexity and/or changing the key frequently
• 64 bit key length = 12000 years to brute force
• Encryption is strong enough when it becomes impractical for an attacker
to carry out a brute force attack
Making encryption secure
• Increase the key length
• Keys should be chosen at random and not be
predictable
• Change keys where appropriate
• Some governments (USA) restrict the use and
import/export of encryption technologies
Symmetric encryption
• Uses the same key for encrypting and
decrypting data
• Uses a shared secret
Uses of symmetric encryption
• Primary use is to provide confidentiality (not data
integrity, authentication, non-repudiation or antireplay protection)
• Anyone who possesses the key can decrypt the
message
• Symmetric encryption works well to provide
confidentiality and the key can easily be kept secret –
does not work well where the key has to be distributed
to many others.
• Number of keys required n(n-1)/2 (10 people will
require 45 keys)
• If many people share a single key there is greater
probability that the key will be not be kept secret
Advantages of symmetric encryption
• Easy to use
• Encryption/decryption is fast
• Used when the confidentiality of the key can
be easily managed and large amounts of data
need to be encrypted
Symmetric encryption algorithms
• DES: Data Encryption Standard
– 56 bit key, relatively slow
– Used in EFS for Windows 2000
• 3DES: Triple DES
– 3 encryption passes on the data using 56 bit keys
– More secure and widely used
• AES Advanced Encryption Standard, Rijndael
– Key lengths of 128, 192, 256 bits
– Current standard used by NIST National Institute for
Standards US
Symmetric encryption algorithms
• IDEA: International Data Encryption Algorithm
– 128 bit keys
– Patented and requires licensing for commercial use
• Blowfish:
– Extremely fast, variant is Twofish, free for use of any kind
– Variable length keys from 32 bits to 448 bits
• RC4:
– Stream cipher, use in WEP for wireless, modifies the key as
successive portions of text are encrypted
– Uses variable key lengths
Hash functions
• Is a type of encryption that takes data of any length and encrypts it
to a fixed length string called a hash (or a digest)
• Hash functions are one way functions, the original data cannot be
reconstructed from the hash
• A hash is used to prove data integrity and not used for
confidentiality. Hashes are generated at different times and
compared, if the hashes are identical then the message has not
been changed
• A good hash results in a large unpredictable change in hash, even
when there is just a very small change in the original data
• Hashes are a fixed length so that an attacker cannot deduce the
original length of data
• A good hash ensures that it is unlikely that another message will
produce the same hash
Hash uses
• To guarantee data integrity
• To store passwords (Windows NT
Challenger/Response NTLM)
• Digital signing
Hash algorithms
• SHA1: Secure Hash Algorithm:
– 160 bits long slower
– use in govt agencies
• MD5/MD4 Message Digest:
– 128 bits long
– used in applications that don’t have to comply
with US government requirements
Public key encryption
• Public key available to anyone, private key must be kept secret
• Person who uses private key, generates key pair- the public key stored in a
certificate (send the private key to a CA to create the certificate)
• A brute force attack can derive a private key from the public key – increase
the key length to make that infeasible
• Anyone can encrypt data using your pubic key: only you can decrypt using
the private key
• You can encrypt using private key and anyone can decrypt using the public
key
• In a key pair the public key is based on the product of two large prime
numbers: the private key is based on the numbers itself
• Based on the idea that there is no known way to discover two large prime
numbers from just their product
Digital signing
• Authenticate an email, file or program
• Encrypt the item with the private key, recipient decrypts with
the public key
• Encrypt a hash of the message (saves time)
• Create a hash of email message, sign the hash by encrypting
with private key
• Recipient decrypts the hash by using your public key to verify
that you sent the message
• Recipient performs the same hashing function to compare the
hash sent with message, if both match then integrity is
verified
• Because only the public key can be used to decrypt a message
signed with the private key, signing proves non-repudiation
Public key encryption uses
• Confidentiality:
– encrypt with your public key
– only your private key can decrypt
• Data Integrity:
– digital signing ensures that a message is not changed
• Authentication:
– ensures a specific private key was used to sign the
message
• Non-Repudiation:
– recipient can be sure that only the owner signed the
message (if key not compromised)
Algorithms
• Public key encryption is slow, inefficient for large amounts of data
• RSA: Ron Rivest, Adi Shamir, Leonard Adleman
– Now free and de facto standard
• Diffie-Hellman: Whitfield Diffie and Martin Hellman
– Enables two people to exchange a secret key over an insecure
medium without first agreeing on a shared secret
– used to establish a VPN tunnel
• Elliptic Curve cryptography:
– Uses secure shorter keys for small storage spaces- smart cards
and handhelds
Combining symmetric and asymmetric
encryption
• The EFS process:
– OS creates a random File Encryption Key
– Symmetric algorithm (3DES, DES) used to encrypt the file using the FEK
as the key
– OS retrieves the users public key from users profile
– OS uses RSA to encrypt the FEK with the users public key and stores in
DDF field of header
– OS retrieves the public key for each EFS recovery agent
– OS uses RSA to encrypt the FEK of each recovery agent with their
public key and stores in DRF field of file header
• To open file:
– OS retrieves users private key – stored on users computer
– OS uses RSA with users private key to decrypt DDF and retrieve FEK
– OS uses FEK to decrypt the file
Summary
• Why we use encryption
• What the term cryptography means and
why we use it in computer security
• How symmetric encryption, hash
functions and public key or asymmetric
encryption work
• Applying cryptography and uses of
cryptographic functions
Download