SAS InfoSec Training

advertisement
InfoSec Training
Encryption
Copyright Justin Klein Keane
<jukeane@sas.upenn.edu
Terminology

Plaintext

Ciphertext

Encrypt

Decrypt
Copyright Justin Klein Keane
<jukeane@sas.upenn.edu
About Encryption


Idea is to obscure messages from observation
Encryption can be used to protect secrets but
also:

To verify identity

To verify authenticity

To verify integrity

To verify authorization
Copyright Justin Klein Keane
<jukeane@sas.upenn.edu
Not Encryption - Encoding



Encoding is a method to alter data
Follows a set of guidelines about how to
represent data in a specific format
Encoding is formatting, not data hiding
Copyright Justin Klein Keane
<jukeane@sas.upenn.edu
Not Encryption - Hashing




Hashing uses a one way mathematical
algorithm to take an input and generate a
seemingly random, unique, output
Hashing the same input twice produces the
same output
There is no way to reverse a hash (i.e. You
can't go from a hash value to an original value)
Collisions – when two different inputs produce
the same hash
Copyright Justin Klein Keane
<jukeane@sas.upenn.edu
How Encryption works

Take data

Apply an algorithm to the data

Use a key so that the process can be repeated

Output should be unintelligible
Copyright Justin Klein Keane
<jukeane@sas.upenn.edu
Good Encryption




There is no good “proprietary” encryption
The best encryption schemes use open
standards and protocols
The standards and protocols are all well
understood, verified, reviewed and vetted
The secrecy is in the keys used
Copyright Justin Klein Keane
<jukeane@sas.upenn.edu
Encryption Types

Symmetric (two way encryption)


Shared key
Asymmetric (one way encryption)

Public key (think RSA and PGP)
Copyright Justin Klein Keane
<jukeane@sas.upenn.edu
Symmetric Encryption

Same key used to encrypt and decrypt

Very fast and computationally non-intensive

Issue is sharing the key


How do two parties trade keys in the presence
of an adversary?
Diffie-Hellman key exchange allows this
Copyright Justin Klein Keane
<jukeane@sas.upenn.edu
Asymmetric Encryption

RSA is best example

Public and private keys are used

Public key used to encrypt

Private key used to decrypt


Thus public keys can be shared, private keys
are held closely
Key management is still an issue (is the public
key you have for John the right one?)
Copyright Justin Klein Keane
<jukeane@sas.upenn.edu
Digital Signing




Uses public key crypto
A message is signed by turning it into a number,
and running an operation on the number using
the private key
Anyone with the public key can reverse the
operation and compare the numbers
This allows assertions that the holder of the
private key sent the message, and it was not
changed in transit
Copyright Justin Klein Keane
<jukeane@sas.upenn.edu
Attacks on Crypto

Brute force (a lot trickier than you'd think)

Chosen plaintext attacks

Chosen ciphertext attacks

Birthday attack

Dictionary (precomputation) attack

Differential cryptoanalysis
Copyright Justin Klein Keane
<jukeane@sas.upenn.edu
Digital Certificates




Used to validate the source of an encrypted
message
Certificate is passed to and verified by the client
Let's you know you're talking to the “real” bank
that you use
Certificate Authorities (CA's) are supposed to
verify identity before issuing certificates

Stolen certs are a very bad thing

Signing certs allow holders to issue sub-certs
Copyright Justin Klein Keane
<jukeane@sas.upenn.edu
Real World Crypto

Whole disk encryption

HTTPS/SSL

SSH

PGP

VPN

Hashing

Two factor authentication
Copyright Justin Klein Keane
<jukeane@sas.upenn.edu
Download