Chapter 5 Outline

advertisement

Chapter 5 Outline

I. Algorithms: All current encryption schemes are based upon an algorithm .

A. An algorithm is a recursive computational procedure for solving a problem in finite steps.

B. The cryptographic algorithm, or what is commonly called the encryption algorithm or cipher, is made up of mathematical steps for encrypting and decrypting information.

C. The actual steps for encrypting data can be published because of the design of the systems.

1. Algorithms are designed to use a key , which is a special piece of data used in both the encryption and the decryption process.

2. The algorithms that are used remain the same, but every implementation uses a different key, which ensures that even if someone knows the algorithm that is being used, they cannot break the security.

D. Caesar's cipher uses an algorithm and a key. The algorithm specifies whether the alphabet is offset either to the right (forwards) or to the left (backwards), and the key specifies how many letters the offset should be.

E. The ease with which shift ciphers were broken led to the development of substitution ciphers.

1. Substitution ciphers work on the principle of substituting a different letter for every letter.

2. This system permits 26 possible values for every letter in the message, making the cipher much more complex than a standard shift cipher.

3. Simple analysis of the cipher could be performed to retrieve the key. By looking for common letters and patterns that would become words, it could be determined which cipher letter corresponds to which plaintext letter and subsequently the key value of the system.

F. The Vigenère cipher works as a polyalphabetic substitution cipher that depends on a password.

1. This is done by setting up a substitution table.

2. The password is matched with the text it is meant to encipher.

3. If the password is not long enough, it is repeated until one character of the password is matched with each character of the plaintext.

4. The cipher letter is determined using the previous table, matching the plaintext character's row with the password character's column. The result is a single ciphertext character derived from where the two meet. The process is then repeated for every letter of the message.

G. Even if someone knows the table (or algorithm), they cannot decrypt the message without the key.

H. The more complex the key, the greater the security of the system.

1. Key complexity is achieved by assigning a large number of possible values to the key.

2. Keyspace is the size of every possible key value.

I. All encryption ciphers except a “one-time pad” cipher are susceptible to a bruteforce attack—attempting every possible key.

J. Since computers in cryptography handle data in a bit format, they use a logical function called an XOR, which is the bitwise exclusive OR.

K. Modes of encryption include symmetric, asymmetric, and hash functions.

II. Hashing: A hash is a special mathematical function that performs one-way encryption, which means that once the algorithm is processed, there is no feasible way to take the ciphertext and retrieve the plaintext that was used to generate it.

Also, there is no feasible way to generate two different plaintexts that compute to the same hash value. Common uses of hashing functions are storing computer passwords and ensuring message integrity.

A. SHA

1. Secure Hash Algorithm (SHA) was developed in 1993 by the National

Institute of Standards and Technology (NIST) and National Security

Agency (NSA). It was designed as the algorithm to be used for secure hashing in the U.S. Digital Signature Standard (DSS).

2. SHA works in block mode, separating the data into words first and then grouping the words into blocks. It accepts an input of up to 2 64 bits or less and compresses a hash of 160 bits.

3. Following the hash of all blocks, the message is represented by a 160-bit string.

4. SHA is one of the more secure hash functions. Its output is 160 bits long versus the more common 128-bit result from MD5.

B. Message Digest (MD) is the generic version of one of the three algorithms, designed to create a message digest or hash from data input into the algorithm.

1. MD2 a) Message Digest 2 takes a data input of any length and produces a hash output of 128 bits. b) It is different from MD4 and MD5 in that MD2 is optimized for 8-bit machines, whereas the other two are optimized for 32-bit machines. c) The only known attack that is successful against MD2 is dependant on the checksum not being appended to the message before the hash function is run.

2. MD4 a) Message Digest 4 is a fast but insecure algorithm optimized for 32-bit computers. b) The data is divided into blocks and also into 16 words of 32 bits. All blocks of the message are processed in three distinct rounds. The digest

is then computed using a four-word buffer. The final four words left after compression are the 128-bit hash. c) There is an extended version of MD4 that computes the message in parallel and produces two 128-bit outputs. Though a longer hash is produced, security has not been improved because of basic flaws in the algorithm. d) Most people are moving away from MD4 to MD5 or SHA.

3. MD5 a) Message Digest 5 is very similar to the MD4 algorithm, but it is slightly slower and more secure. b) MD5 creates a 128-bit hash of a message of any length.

III. Symmetric Encryption: Symmetric encryption is when both the sender and the receiver of the message have previously obtained the same key. All symmetric algorithms are based upon this shared secret principle. Symmetric encryption involves a cryptographic key, requiring key management . For symmetric algorithms, the most important lesson is to store and send the key only by known secure means.

A. DES c) Currently, there are no true known attacks against MD5, but there has been cryptanalysis that displays weaknesses in the compression function. There are methods to brute force hash functions for collisions, but the cost of hardware to perform the attack and the length of time required to produce the collision make the technique impractical.

1. DES (Data Encryption Standard) was first developed over 20 years ago from IBM’s “Lucifer” as a standard cryptographic algorithm.

2. The DES standard was recertified in 1993, but NIST is now looking at the

Advanced Encryption Standard (AES) to replace DES.

3. DES is a block cipher . It segments the input data into blocks of 64 bits, which outputs 64 bits of ciphertext. It uses a key length of 56 bits.

4. The same algorithm and key are used for both encryption and decryption.

5. DES performs 16 rounds of substitution and then permutation (a form of transposition) on the input, based upon the key.

6. After the completion of all the 16 rounds and the inverse permutation, the ciphertext is output as 64 bits. The algorithm picks up the next 64 bits and starts all over again. This is carried on until the entire message has been encrypted with DES.

7. Over the years that DES has been a cryptographic standard, there have been some concerns. a) Weak keys are less secure than the majority of keys allowed in the keyspace of the algorithm. b) There are also semi-weak keys, where two keys encrypt plaintext to identical ciphertext, meaning that either key will decrypt the ciphertext.

8. Any DES with fewer than 16 rounds could be analyzed more efficiently with the chosen plaintext than via a brute-force attack using differential cryptanalysis.

B. 3DES

1. 3DES (Triple DES) uses either two or three keys instead of the single key, and spins through the DES algorithm three times in multiple encryption .

2. Multiple encryption can be performed in different ways. a) The simplest method of performing multiple encryption is to stack algorithms on top of each other.

C. AES b) Another method is to encrypt with one key, decrypt with a second, and then encrypt with a third.

1. NIST requested a new Advanced Encryption Standard (AES) calling for a block cipher using symmetric key cryptography and supporting key sizes of

128, 192, and 256 bits. NIST considered the following algorithms: a) MARS developed by IBM b) RC6 developed by RSA c) Rijndael developed by John Daemen and Vincent Rijmen d) Serpent developed by Ross Anderson, Eli Biham, and Lars Knudsen e) Twofish developed by Bruce Schneier, John Kelsey, Doug Whiting,

David Wagner, Chris Hall, and Niels Ferguson

2. In the fall of 2000, NIST picked Rijndael to be the new AES.

3. Rijndael is a block cipher separating data input in 128-bit blocks that can also be configured to use blocks of 192 or 256 bits.

4. This new algorithm is well thought out and has suitable key length to provide security for many years to come.

D. CAST

1. CAST is an encryption algorithm submitted for the AES standard but was not chosen. It is similar to DES in its structure.

2. There is currently no better way known to break high-round CAST than by brute forcing the key, meaning that with sufficient key length, CAST should be placed with other trusted algorithms.

E. Rivest Cipher (RC) is a general term for several ciphers all designed by Ron

Rivest.

1. RC2 a) RC2 was designed to be a DES replacement. It is a variable-key-size block-mode cipher.

b) According to RSA, RC2 is up to three times faster than DES. However, the ability of RC2 to accept different key lengths is one of the larger vulnerabilities in the algorithm.

2. RC5 a) RC5 is a block cipher containing multiple variable elements, numbers of rounds, key sizes, and block sizes. b) RC5 seems to provide adequate security for the current brute forcing technology.

3. RC6 a) RC6 uses a 128-bit block size that is separated into four words of 32 bits each. b) It is a modern algorithm that runs well on 32-bit computers. c) The available key lengths make brute-force attacks extremely time consuming. However, RC6 should provide adequate security for some time to come.

4. RC4 a) RC4 is a stream cipher , whereas all the symmetric ciphers are blockmode ciphers. A stream mode cipher works by enciphering the plaintext in a stream, usually bit by bit. b) It can use a key length of 8 to 2,048 bits, though the most common versions use 128-bit keys. c) The algorithm is sometimes ten times faster than DES. d) The most vulnerable point of encryption is the possibility of weak keys.

F. Blowfish

1. Blowfish is a block-mode cipher using 64-bit blocks and a variable key length from 32 to 448 bits. It is designed to run on 32-bit microprocessors and is optimized for situations where there are few key changes.

2. Encryption is done by separating the 64-bit input block into two 32-bit words. The two words are then recombined to form the 64-bit output ciphertext.

3. There does not seem to be a weakness in the full 16-round version.

G. IDEA

1. International Data Encryption Algorithm (IDEA) is a block-mode cipher using a 64-bit block size and a 128-bit key.

2. The only known issue is that IDEA is susceptible to a weak key. A weak key is made of all zeros, but this is easy to check for, and the weakness is simple to mitigate.

IV. Asymmetric Encryption: Asymmetric cryptography, also known as public key cryptography, uses two keys instead of one. Public key systems typically work by using hard math problems known as trapdoor functions.

A. RSA

1. RSA, one of the first public key cryptosystems invented, can be used for both encryption and digital signatures.

2. This algorithm uses the product of two very large prime numbers (from 100 to 200 digits) to generate one key for decryption and another for encryption.

3. RSA in software can be 100 times slower than DES. To overcome the speed factor, RSA is used in conjunction with symmetric key cryptography.

4. Electronic key exchange is the process where the public key, which is the slower protocol, is used to exchange the private key, and then the communication uses the faster symmetric key protocol.

B. Diffie-Hellman

1. This protocol plays a role in the electronic key exchange method of the

Secure Sockets Layer (SSL) protocol. It is used by the SSH and IPsec protocols, and enables the sharing of a secret key between two people who have not contacted each other before.

2. The protocol, like RSA, uses large prime numbers to work.

3. It remains very effective because it protects a temporary secret key that is generated automatically and is only good for a single communication session.

C. ElGamal is used as the U.S. government standard for digital signatures but may also be used for encryption.

D. ECC

1. Elliptic curve cryptography (ECC) works on the basis of elliptic curves.

Two points can be added together on the curve to get a third point.

2. The security of elliptic curve systems has been questioned, mostly because of lack of analysis. Research on the security of ECC shows that it is more resistant to incremental advances.

V. Usage of encryption: Encryption can address the following components of security – confidentiality, integrity, nonrepudiation, and authentication.

A. Confidentiality is the ability to keep some piece of data a secret.

1. Symmetric encryption is favored to store and transmit data because of its speed.

2. Asymmetric cryptography does protect confidentiality, but its size and speed make it more efficient at protecting the confidentiality of small units, such as for electronic key exchange.

B. Integrity: When a message is sent, both the sender and the recipient need to know that the message was not altered in transmission.

1. This integrity is provided with one-way hash functions and digital signatures.

2. This hash value is combined with asymmetric cryptography by taking the message's hash value and encrypting it with the user's private key. This allows anyone with the user’s public key to decrypt the hash and compare it

to the locally computed hash. This process not only ensures the integrity of the message but also identifies the sender.

C. Nonrepudiation means that the sender cannot later deny of having sent the message. It is based upon public key cryptography, where only the owner of the key knows the private key.

D. Authentication is the process in which users prove their identity.

1. Authentication can be done by identifying factors such as a password, a token, or a biometric.

2. Digital certificates are one form of such tokens.

E. Digital signatures are based upon both hashing functions and asymmetric cryptography.

1. To protect against document editing, hashing functions are used to create a digest of the message that is unique and easily reproducible by both parties.

2. When a user decrypts the hash with the public key of the originator, the user knows that the hash was encrypted by the corresponding private key.

F. Key Escrow

1. Key escrow and key recovery are two issues in the use of asymmetric encryption.

2.

Key escrow is a system by which the private key is kept by the owner of the key and by the government.

Download