SlideShare una empresa de Scribd logo

CISSP Week 20

Descargar como ODP, PDF
J
jemtallon
EducaciónTecnología
1 de 53
Asymmetric Cryptography Domain 5 Pages 822-861 Official CISSP CBK Third Edition Tim Jensen & Jem Jensen StaridLabs
Symmetric Vs Asymmetric
In the Beginning... ● ● ● Asymmetric cryptography is very new. Largely attributed to Dr Whit Diffie and Dr Martin Hellman (Diffie-Hellman) Diffie-Hellman released a paper in 1976 called “New Directions in Cryptography” which brought asymmetric cryptography mainstream
Basics of Asymmetric 1) A keypair is generated 1)generally by the application to ensure the strength of key generation (keygen) 2) One key is designated the private key and is kept secret by the user. 3) The other key is designated the public key and is freely given to anyone 4) Algorithms use one way functions to encrypt data with a key that can only be decrypted by the other key in a keypair. Not even the key used to encrypt can decrypt
Private to Public ● ● When the private key is used to encrypt a message, the message can be ready by anyone who possesses the corresponding public key. This provides non-repudiation since the receiver can have reasonable assurance that the message came from the intended sender. This is only applicable if the private key is properly secured.
RSA ● ● Developed in 1978 by Ron Rivest, Adi Shamir, and Len Adleman Based on the mathematical challenge of factoring the product of two large prime numbers
RSA Factoring Attacks ● 512 bit factoring attacks have been successful. – ● Took 8000 MIPS years. 1 MIPS is 1 million instructions per second. MIPS year is 31.5 trillion instructions per year. An i7 processor does 147,600 MIPS or 12.7 quadrillion instructions per year(if my calculation is correct) 1024 bit factoring attacks are quickly becoming economically feasible. NIST recommended moving away from 1024 by the end of 2010. Users weren't listening so the Certificate Authority Forum mandated that CA's stop issuing 1024 bit web certificates by Oct 1, 2014
Attacking RSA ● ● ● Brute force: Trying all possible private keys Mathematical attacks: Factoring the product of two prime numbers Timing attacks: Measuring the running time of the decryption algorithm
Diffie-Hellmann Algorithm ● ● ● Algorithm for key exchange. Uses discrete logarithms Allows two users to exchange or negotiate a secret symmetric key Diffie-Hellman does not provide message confidentiality
Diffie in a GIF
El Gamal ● Based on Diffie-Hellmann but included the ability to provide message confidentiality and digital signature service
Elliptical Curve Cryptography (ECC) ● ● ● Uses discrete logarithmic algorithms based on the complex mathematics of elliptic curves. Fast and high strength Highest strength per bit of key length of any asymmetric algorithm. ● Shorter keys allow computational power savings. ● Beneficial in smart cards, wireless, etc ● Provides confidentiality, digital signatures, and message authentication
Asymmetric advantages ● Ability to send a message across an untrusted medium in a secure manner without prior key exchange ● Non-repudiation of origin ● Access control ● Data integrity ● Non-repudiation of delivery
Asymmetric Disadvantages ● ● ● Extremely slow compared to symmetric Impractical for large amounts of data and frequent transactions Ciphertext output from asymmetric may be much larger than the plaintext making storage and transmission costly
Hybrid Cryptography ● ● Symmetric can be used for encrypting large files and handling encryption/decryption without impacting delivery time or performance Asymmetric crypto can handle the initial setup of the communications session through the exchange and negotiation of the symmetric keys
Message Digests ● ● A message digest is a small representation of a larger message. Message digests are used to ensure the authentication and integrity of information and not confidentiality Example MD5
Message Authentication Code ● ● MAC, also known as a cryptographic checksum, is a small block of data that is generated using a secret key and then appended to the message. When message is received, the recipient generates their own MAC using the secret key and can validate that the message has not changed during transit
MAC Characteristics ● ● ● A MAC is much smaller than the message generating it Given a MAC, it is impractical to compute the message that generated it Given a MAC and the message that generated it, it is impractical to find another message generating the same MAC
MAC Example ● ● If a sending is using DES-CBC and generates a MAC during the transaction, the MAC is the last block of ciphertext generated by the algorithm. This block of data is transmitted to the recipient. If the recipient runs the decrypt operation and receives the same last block of ciphertext then the checksum is valid and can prove authentication since only someone with the secret key could generate the message.
HMAC ● ● A hash MAC operation uses a hash function to verify message integrity. HMAC's are calculated by taking a secret key balue to a hash input function along witht he source message. ● HMAC's are more efficient than MAC's ● Used often with SSL/TLS, IPSEC, etc
Hashing ● ● A hash function accepts an input message of any length and generates, through a one-way operation, a fixed-length output. It does not use a secret key. The only input is the input message.
Key properties of a hash function ● ● ● ● ● Uniformly distributed – The hash output value should not be predictable Weak collision resistance - Difficult to find a second input value that hashes to the same value as another input Difficult to invert – Should be one way, should not be able to derive hash input x by reversing the hash function on output y Strong collision Resistance – Difficult to find any two inputs that hash to the same value Deterministic – Given an input x, it must always generate the same hash value y
MD5 Message Digest Algorithm ● Developed by Ron Rivest at MIT in 1992 ● Generates a 128 bit digest from a message of any length ● Processes the message in 512 bit blocks and does 4 rounds of processing. Each round contains 16 steps ● Hash/message collision odds are 264 ● Odds of reversing a message from a hash are 2 128 ● ● ● Commonly used in forensic investigations to ensure that the original media has not been altered since seizure Recently there have been several attacks developed against MD5 where it is now possible to find collisions. MD5 should be phased out. MD4 is weaker than MD5 and should not be used
SHA/SHA-1 ● The Secure Hash Algorithm was developed by NIST in 1993 and issued as FIPS 180 ● A revised version (FIPS 180-1) was issued in 1995 for SHA-1 ● SHA was based on the MD4 algorithm whereas SHA-1 uses MD5 ● ● ● ● SHA-1 operates on 512 bit blocks and can handle any message up to 2 64 bits in length. The output hash is 160 bits Processing includes 4 rounds of operations of 20 steps each Recently there have been several attacks descripbed against SHA-1 despite it being considerably stronger than MD5 NIST issued FIPS 180-3 which recognizes SHA-1, SHA-224, SHA-256, SHA384, SHA-512 as part of the secure hash standard. Output varies from 160 to 512 bits
SHA-3 ● ● NIST is currently evaluating hash algorithms to choose SHA-3. (Update: Keccak has tentatively been chosen, but there is some controversy)
HAVAL ● ● ● ● HAVAL was developed at the University of Wollongong in Australia It combines a variable length output with a variable number of rounds of operation on 1024 bit input blocks. The output can be 128, 160, 192, 224, or 256 bit and the number of rounds may vary from 3 to 5 HAVAL operates 60% faster than MD5 when only 3 rounds are used and just as fast when 5 rounds are used Not to be confused with HALAL
RIPEMD-160 ● ● ● ● ● Developed by the European RACE Integrity Primitives Evaluation project In response to vulnerabilities found in MD4 and MD5 The original algorithm RIPEMD-128 had the same vulnerabilities as MD4/MD5. Output for RIPEMD-160 is 160 bits and operates on 512 bit blocks. Performs 5 paired rounds of 16 steps each for 160 operations
Hash/MAC attacks ● Primary attack methods: – Brute force ● ● – Must find a weakness in the hashing algorithm that would allow an attack to reconstruct the original message from the hash value, find another message with the same hash value, or find any pair of messages with the same hash value Oorschot and Weiner developed a machine that could find a collision on a 128 bit hash in about 24 days Cryptanalysis ● ● Side channel attack – Attack implementation of algorithm rather than the algorithm directly Rainbow tables – pre-computed lists of hashes. Can be defeated by salting
Birthday Paradox ● ● ● ● Describes the probability of finding two people with the same birthday from a group of people In a room of 23 people there's more than a 50% chance of two of them sharing the same birth day Same principal can theoretically be used in hashing to find a collision Attacker wants to 1: Change the message contents to what he wants or 2: cast some doubt on the authenticity of the original message
Key Management ● Auguste Kerchhoff's law: – ● “A cryptosystem should be secure even if everything about the system, except the key, is public knowledge” Claude Shannon: – “The enemy knows the system”
Key Management ● ● Loss of a key is the same as loss of the data itself – protect it! Control issuance, revocation, recovery, and distribution of keys
XKMS ● Why is this here? Seems tangential ● XML Key Management Specification – ● Spec defines protocols for distributing and registering public keys (W3C) Consists of 2 parts: – XML Key Information Sercive Spec (X-KISS) – XML Key Registration Service Spec (X-KRSS)
XKMS ● X-KISS – ● Client delegates tasks to a trust server X-KRSS – Registers public keys
Creating & Distributing Keys ● Automated key generation – ● ● Hopefully quicker and more random than manual Keys must take a sufficient amount of time and effort for an attacker to break them The two main factors in a strong key are: – Randomness – Key length/size
Randomness ● ● If an attacker can easily guess at a key or find patterns in the key, it takes less effort to break Computers are designed for predictability and order so creating pseudo randomness can be troublesome
Cupcakes Sausage ● ● If we generate randomness with an algorithm, it isn't really random since it follows the formula The solution? SEEDS! … … ... ● Not those kinds of seeds!
Randomness ● An initialization vector (IV) or seed is: – A value fed into a randomness algorithm to produce apparently random results – Common seeds are mouse movements or time between keyboard inputs – Could also be manually input like with WEP/WPA ● As we've shown in previous classes, wireless keys are rarely random... ex: “password123”
Random Example!
Key Length ● ● Cryptographic security is a logarithmic measure of the fastest known computational attack on the algorithm Key length is distinct from cryptographic security, meaning a longer key doesn't necessarily mean more security Ex: 3DES with a key length of 168 (3x 56 bit keys) only has an effective security of 112 (2x 56) due to the meet in the middle attack
Key Length ● ● ● The longer the key, the more expensive to encrypt/decrypt The goal should be a key of just enough length to protect the information Depends on the worth of the information – Many websites use HTTP for much of their site because it's public and of low worth to protect – When they use HTTPS, they may use the lowest level they can so that the site is fast and doesn't tax their server
Asymmetric Key Length ● ● Asymmetric cryptography relies on the difficulty of solving certain mathematical problems That means it's easier to brute-force answers than to run the computations – Therefore asymmetric keys must be longer than symmetric to resist these attacks RSA (asymmetric) key length Equivalent to symmetric key length 1024-bit 80-bit 2048-bit 112-bit 3072-bit 128-bit 15,360 256-bit
Key Distribution ● ● Exchanging keys is dangerous – if anyone intercepts the key, they can decrypt messages One solution is a Key Encrypting Key (KEK) – Process of using a KEK called Key Wrapping – Protocols which use KEK: SSL, PGP, S/MIME
Key Distribution ● Methods: – Out-of-band exchange (CD, Fax, Phone call) – PKI key server ● – Central repository of public keys Key distribution center (KDC) ● ● Each user has a master (secret) key to talk to KDC KDC sets up session keys to talk to other users
Key Storage ● Often buried within equipment, inaccessible to the users – ● Stored in protected smart cards (KEK cards) Keys must have expiration dates to prevent longterm cryptanalytic attacks
NIST Guidelines ● Keys should be signed with a MAC and encrypted ● Make backup copies of central/root keys ● Provide key recovery capabilities ● Archive user keys for the period of time where a key can be used to protect information
Risk Factors (NIST) ● Strength of cryptographic mechanisms ● The implementation of the mechanism ● The operating environment ● The volume of information/# of transactions ● The security life of the data ● The security function (encryption, signing) ● The re-keying method ● The key update process ● The number of nodes with shared keys ● The number of copies of shared keys ● The threat to the information (who might be attacking)
Key Destruction ● ● Generally, shorter key periods enhance security Once deleted, the key could still reside in memory or on disk until sufficiently overwritten – Actually erasing can take multiple passes of overwriting the memory – Sometimes a key will reside in memory for so long that it gets “burned in” ● Can be mitigated by splitting the key in memory
Key Destruction ● Manual keys – ● Higher risk to update and distribute – sometimes more secure to update less frequently and control keys more closely with compensating controls Different key lifetimes depending on user roles – Key to use the printer could last much longer than key to open the datacenter due to lower risk
Key Destruction ● Balancing act – – ● Reissuing too often can become excessively burdensome Still has to happen enough to minimize loss Handle lost/compromised keys – Data signed before compromise should still be good – Should just prevent use of the key after the date it was compromised
Cost of Certificate Replacement ● Re-keying a large database or replacing a large number of keys is very expensive – ● Might justify expensive security measures to offset longer key lifecycle Conversely, you might justify shorter periods – Example: Employee keys expires more often so they must continually prove they are still authorized to have access. If they quit/change jobs, the shorter lifecycle will ensure they lose access
Key Recovery ● Methods: – Common trusted directory – Policy requiring all keys be registered with security department – Stenography? (bury key in an image) – Password wallet
Key Recovery ● Multiparty key recovery – – ● Divide the key into multiple parts Pass out to multiple parties Key escrow – Ensure third-party retains a copy of the key or their own key – Must be explicit trust between company and the third-party

Recomendados

CISSP Week 21
CISSP Week 21CISSP Week 21
CISSP Week 21jemtallon
 
Network security
Network securityNetwork security
Network securityABHISHEK KUMAR
 
Cryptographic tools
Cryptographic toolsCryptographic tools
Cryptographic toolsCAS
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
Cryptography and Encryptions,Network Security,Caesar Cipher
Cryptography and Encryptions,Network Security,Caesar CipherCryptography and Encryptions,Network Security,Caesar Cipher
Cryptography and Encryptions,Network Security,Caesar CipherGopal Sakarkar
 
Security attacks
Security attacksSecurity attacks
Security attacksTejaswi Potluri
 
CS6004 CYBER FORENSICS
CS6004 CYBER FORENSICS CS6004 CYBER FORENSICS
CS6004 CYBER FORENSICS Kathirvel Ayyaswamy
 
Introduction to cryptography part1-final
Introduction to cryptography part1-finalIntroduction to cryptography part1-final
Introduction to cryptography part1-finalTaymoor Nazmy
 

Recomendados

CISSP Week 21
CISSP Week 21CISSP Week 21
CISSP Week 21jemtallon
 
Network security
Network securityNetwork security
Network securityABHISHEK KUMAR
 
Cryptographic tools
Cryptographic toolsCryptographic tools
Cryptographic toolsCAS
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
Cryptography and Encryptions,Network Security,Caesar Cipher
Cryptography and Encryptions,Network Security,Caesar CipherCryptography and Encryptions,Network Security,Caesar Cipher
Cryptography and Encryptions,Network Security,Caesar CipherGopal Sakarkar
 
Security attacks
Security attacksSecurity attacks
Security attacksTejaswi Potluri
 
CS6004 CYBER FORENSICS
CS6004 CYBER FORENSICS CS6004 CYBER FORENSICS
CS6004 CYBER FORENSICS Kathirvel Ayyaswamy
 
Introduction to cryptography part1-final
Introduction to cryptography part1-finalIntroduction to cryptography part1-final
Introduction to cryptography part1-finalTaymoor Nazmy
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network SecurityKathirvel Ayyaswamy
 
RSA Algoritmn
RSA AlgoritmnRSA Algoritmn
RSA AlgoritmnDr. Kapil Gupta
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
Cryptography
CryptographyCryptography
CryptographyJohnsonDaniel JohnsonDaniel
 
BAIT1103 Chapter 3
BAIT1103 Chapter 3BAIT1103 Chapter 3
BAIT1103 Chapter 3limsh
 
BAIT1103 Chapter 2
BAIT1103 Chapter 2BAIT1103 Chapter 2
BAIT1103 Chapter 2limsh
 
Types of Cryptosystem and Cryptographic Attack
Types of Cryptosystem and Cryptographic AttackTypes of Cryptosystem and Cryptographic Attack
Types of Cryptosystem and Cryptographic AttackMona Rajput
 
Ch 12: Cryptography
Ch 12: CryptographyCh 12: Cryptography
Ch 12: CryptographySam Bowne
 
CISSP Week 6
CISSP Week 6CISSP Week 6
CISSP Week 6jemtallon
 
Ch11 Basic Cryptography
Ch11 Basic CryptographyCh11 Basic Cryptography
Ch11 Basic CryptographyInformation Technology
 
Cryptography
CryptographyCryptography
CryptographyMuhammad Shoaib Saleem
 
network security
network securitynetwork security
network securityBishalWosti1
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network SecurityKathirvel Ayyaswamy
 
Encryption Techniques
Encryption TechniquesEncryption Techniques
Encryption TechniquesDel Elson
 
Encryption and Key Distribution Methods
Encryption and Key Distribution MethodsEncryption and Key Distribution Methods
Encryption and Key Distribution MethodsGulcin Yildirim Jelinek
 
Information and network security 11 cryptography and cryptanalysis
Information and network security 11 cryptography and cryptanalysisInformation and network security 11 cryptography and cryptanalysis
Information and network security 11 cryptography and cryptanalysisVaibhav Khanna
 
Pgp pretty good privacy
Pgp pretty good privacyPgp pretty good privacy
Pgp pretty good privacyPawan Arya
 
CS6004 CYBER FORENSICS
CS6004 CYBER FORENSICS CS6004 CYBER FORENSICS
CS6004 CYBER FORENSICS Kathirvel Ayyaswamy
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network SecurityKathirvel Ayyaswamy
 
Cissp Week 24
Cissp Week 24Cissp Week 24
Cissp Week 24jemtallon
 
CISSP Week 13
CISSP Week 13CISSP Week 13
CISSP Week 13jemtallon
 

Más contenido relacionado

La actualidad más candente

18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network SecurityKathirvel Ayyaswamy
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
BAIT1103 Chapter 3
BAIT1103 Chapter 3BAIT1103 Chapter 3
BAIT1103 Chapter 3limsh
 
BAIT1103 Chapter 2
BAIT1103 Chapter 2BAIT1103 Chapter 2
BAIT1103 Chapter 2limsh
 
Types of Cryptosystem and Cryptographic Attack
Types of Cryptosystem and Cryptographic AttackTypes of Cryptosystem and Cryptographic Attack
Types of Cryptosystem and Cryptographic AttackMona Rajput
 
Ch 12: Cryptography
Ch 12: CryptographyCh 12: Cryptography
Ch 12: CryptographySam Bowne
 
CISSP Week 6
CISSP Week 6CISSP Week 6
CISSP Week 6jemtallon
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network SecurityKathirvel Ayyaswamy
 
Encryption Techniques
Encryption TechniquesEncryption Techniques
Encryption TechniquesDel Elson
 
Information and network security 11 cryptography and cryptanalysis
Information and network security 11 cryptography and cryptanalysisInformation and network security 11 cryptography and cryptanalysis
Information and network security 11 cryptography and cryptanalysisVaibhav Khanna
 
Pgp pretty good privacy
Pgp pretty good privacyPgp pretty good privacy
Pgp pretty good privacyPawan Arya
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network SecurityKathirvel Ayyaswamy
 

La actualidad más candente (20)

18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
 
RSA Algoritmn
RSA AlgoritmnRSA Algoritmn
RSA Algoritmn
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
 
Cryptography
CryptographyCryptography
Cryptography
 
BAIT1103 Chapter 3
BAIT1103 Chapter 3BAIT1103 Chapter 3
BAIT1103 Chapter 3
 
BAIT1103 Chapter 2
BAIT1103 Chapter 2BAIT1103 Chapter 2
BAIT1103 Chapter 2
 
Types of Cryptosystem and Cryptographic Attack
Types of Cryptosystem and Cryptographic AttackTypes of Cryptosystem and Cryptographic Attack
Types of Cryptosystem and Cryptographic Attack
 
Ch 12: Cryptography
Ch 12: CryptographyCh 12: Cryptography
Ch 12: Cryptography
 
CISSP Week 6
CISSP Week 6CISSP Week 6
CISSP Week 6
 
Ch11 Basic Cryptography
Ch11 Basic CryptographyCh11 Basic Cryptography
Ch11 Basic Cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
network security
network securitynetwork security
network security
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
 
Encryption Techniques
Encryption TechniquesEncryption Techniques
Encryption Techniques
 
Encryption and Key Distribution Methods
Encryption and Key Distribution MethodsEncryption and Key Distribution Methods
Encryption and Key Distribution Methods
 
Information and network security 11 cryptography and cryptanalysis
Information and network security 11 cryptography and cryptanalysisInformation and network security 11 cryptography and cryptanalysis
Information and network security 11 cryptography and cryptanalysis
 
Pgp pretty good privacy
Pgp pretty good privacyPgp pretty good privacy
Pgp pretty good privacy
 
CS6004 CYBER FORENSICS
CS6004 CYBER FORENSICS CS6004 CYBER FORENSICS
CS6004 CYBER FORENSICS
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
 

Destacado

Cissp Week 24
Cissp Week 24Cissp Week 24
Cissp Week 24jemtallon
 
CISSP Week 13
CISSP Week 13CISSP Week 13
CISSP Week 13jemtallon
 
CISSP Week 9
CISSP Week 9CISSP Week 9
CISSP Week 9jemtallon
 
CISSP Week 7
CISSP Week 7CISSP Week 7
CISSP Week 7jemtallon
 
CISSP Week 12
CISSP Week 12CISSP Week 12
CISSP Week 12jemtallon
 
CISSP Week 5
CISSP Week 5CISSP Week 5
CISSP Week 5jemtallon
 
CISSP Proposal
CISSP ProposalCISSP Proposal
CISSP Proposaljemtallon
 
Cissp Week 23
Cissp Week 23Cissp Week 23
Cissp Week 23jemtallon
 
access-control-week-2
access-control-week-2access-control-week-2
access-control-week-2jemtallon
 
CISSP week 26
CISSP week 26CISSP week 26
CISSP week 26jemtallon
 
access-control-week-3
access-control-week-3access-control-week-3
access-control-week-3jemtallon
 
CISSP Week 14
CISSP Week 14CISSP Week 14
CISSP Week 14jemtallon
 
CISSP Week 16
CISSP Week 16CISSP Week 16
CISSP Week 16jemtallon
 
Cissp d5-cryptography v2012-mini coursev2
Cissp d5-cryptography v2012-mini coursev2Cissp d5-cryptography v2012-mini coursev2
Cissp d5-cryptography v2012-mini coursev2infosecedu
 
Access Control - Week 4
Access Control - Week 4Access Control - Week 4
Access Control - Week 4jemtallon
 
CISSP Week 22
CISSP Week 22CISSP Week 22
CISSP Week 22jemtallon
 
CISSP week 25
CISSP week 25CISSP week 25
CISSP week 25jemtallon
 
CISSP Week 18
CISSP Week 18CISSP Week 18
CISSP Week 18jemtallon
 

Destacado (19)

Cissp Week 24
Cissp Week 24Cissp Week 24
Cissp Week 24
 
CISSP Week 13
CISSP Week 13CISSP Week 13
CISSP Week 13
 
CISSP Week 9
CISSP Week 9CISSP Week 9
CISSP Week 9
 
CISSP Week 7
CISSP Week 7CISSP Week 7
CISSP Week 7
 
CISSP Week 12
CISSP Week 12CISSP Week 12
CISSP Week 12
 
CISSP Week 5
CISSP Week 5CISSP Week 5
CISSP Week 5
 
CISSP Proposal
CISSP ProposalCISSP Proposal
CISSP Proposal
 
Cissp Week 23
Cissp Week 23Cissp Week 23
Cissp Week 23
 
access-control-week-2
access-control-week-2access-control-week-2
access-control-week-2
 
CISSP week 26
CISSP week 26CISSP week 26
CISSP week 26
 
access-control-week-3
access-control-week-3access-control-week-3
access-control-week-3
 
CISSP Week 14
CISSP Week 14CISSP Week 14
CISSP Week 14
 
CISSP Week 16
CISSP Week 16CISSP Week 16
CISSP Week 16
 
Cissp d5-cryptography v2012-mini coursev2
Cissp d5-cryptography v2012-mini coursev2Cissp d5-cryptography v2012-mini coursev2
Cissp d5-cryptography v2012-mini coursev2
 
Access Control - Week 4
Access Control - Week 4Access Control - Week 4
Access Control - Week 4
 
CISSP Week 22
CISSP Week 22CISSP Week 22
CISSP Week 22
 
CISSP week 25
CISSP week 25CISSP week 25
CISSP week 25
 
CISSP Week 18
CISSP Week 18CISSP Week 18
CISSP Week 18
 
SlideShare 101
SlideShare 101SlideShare 101
SlideShare 101
 

Similar a CISSP Week 20

IS413 Topic 5.pptx
IS413 Topic 5.pptxIS413 Topic 5.pptx
IS413 Topic 5.pptxWarrenPhiri4
 
Symmetric ciphermodel
Symmetric ciphermodelSymmetric ciphermodel
Symmetric ciphermodelpriyapavi96
 
Cs8792 cns - unit iv
Cs8792 cns - unit ivCs8792 cns - unit iv
Cs8792 cns - unit ivArthyR3
 
Cs8792 cns - unit iv
Cs8792 cns - unit ivCs8792 cns - unit iv
Cs8792 cns - unit ivArthyR3
 
Message authentication and hash function
Message authentication and hash functionMessage authentication and hash function
Message authentication and hash functionomarShiekh1
 
2. public key cryptography and RSA
2. public key cryptography and RSA2. public key cryptography and RSA
2. public key cryptography and RSADr.Florence Dayana
 
Meessage authentication and hash functions.pptx
Meessage authentication and hash functions.pptxMeessage authentication and hash functions.pptx
Meessage authentication and hash functions.pptxJohnLagman3
 
Cryptography and Message Authentication NS3
Cryptography and Message Authentication NS3Cryptography and Message Authentication NS3
Cryptography and Message Authentication NS3koolkampus
 
UNIT3_class (1).ppt CRYPTOGRAPHY NOTES AND NETWORK
UNIT3_class (1).ppt CRYPTOGRAPHY NOTES AND NETWORKUNIT3_class (1).ppt CRYPTOGRAPHY NOTES AND NETWORK
UNIT3_class (1).ppt CRYPTOGRAPHY NOTES AND NETWORKjeevasreemurali
 
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptxUNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptxssuserd5e356
 
Post quantum cryptography
Post quantum cryptographyPost quantum cryptography
Post quantum cryptographySamy Shehata
 
Seminar on Encryption and Authenticity
Seminar on Encryption and AuthenticitySeminar on Encryption and Authenticity
Seminar on Encryption and AuthenticityHardik Manocha
 
CNIT 141 6. Hash Functions
CNIT 141 6. Hash FunctionsCNIT 141 6. Hash Functions
CNIT 141 6. Hash FunctionsSam Bowne
 
Cryptography Lecture by Sam Bowne
Cryptography Lecture by Sam BowneCryptography Lecture by Sam Bowne
Cryptography Lecture by Sam BowneSecurityTube.Net
 
Public Key Encryption & Hash functions
Public Key Encryption & Hash functionsPublic Key Encryption & Hash functions
Public Key Encryption & Hash functionsDr.Florence Dayana
 
Ch12 Cryptography it-slideshares.blogspot.com
Ch12 Cryptography it-slideshares.blogspot.comCh12 Cryptography it-slideshares.blogspot.com
Ch12 Cryptography it-slideshares.blogspot.comphanleson
 

Similar a CISSP Week 20 (20)

IS413 Topic 5.pptx
IS413 Topic 5.pptxIS413 Topic 5.pptx
IS413 Topic 5.pptx
 
Symmetric ciphermodel
Symmetric ciphermodelSymmetric ciphermodel
Symmetric ciphermodel
 
Cs8792 cns - unit iv
Cs8792 cns - unit ivCs8792 cns - unit iv
Cs8792 cns - unit iv
 
Cs8792 cns - unit iv
Cs8792 cns - unit ivCs8792 cns - unit iv
Cs8792 cns - unit iv
 
Cryto Party at CCU
Cryto Party at CCUCryto Party at CCU
Cryto Party at CCU
 
Message authentication and hash function
Message authentication and hash functionMessage authentication and hash function
Message authentication and hash function
 
2. public key cryptography and RSA
2. public key cryptography and RSA2. public key cryptography and RSA
2. public key cryptography and RSA
 
Meessage authentication and hash functions.pptx
Meessage authentication and hash functions.pptxMeessage authentication and hash functions.pptx
Meessage authentication and hash functions.pptx
 
Encryption
EncryptionEncryption
Encryption
 
Hash Function
Hash FunctionHash Function
Hash Function
 
Cryptography and Message Authentication NS3
Cryptography and Message Authentication NS3Cryptography and Message Authentication NS3
Cryptography and Message Authentication NS3
 
UNIT3_class (1).ppt CRYPTOGRAPHY NOTES AND NETWORK
UNIT3_class (1).ppt CRYPTOGRAPHY NOTES AND NETWORKUNIT3_class (1).ppt CRYPTOGRAPHY NOTES AND NETWORK
UNIT3_class (1).ppt CRYPTOGRAPHY NOTES AND NETWORK
 
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptxUNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
 
Post quantum cryptography
Post quantum cryptographyPost quantum cryptography
Post quantum cryptography
 
Seminar on Encryption and Authenticity
Seminar on Encryption and AuthenticitySeminar on Encryption and Authenticity
Seminar on Encryption and Authenticity
 
CNIT 141 6. Hash Functions
CNIT 141 6. Hash FunctionsCNIT 141 6. Hash Functions
CNIT 141 6. Hash Functions
 
Cryptography Lecture by Sam Bowne
Cryptography Lecture by Sam BowneCryptography Lecture by Sam Bowne
Cryptography Lecture by Sam Bowne
 
Public Key Encryption & Hash functions
Public Key Encryption & Hash functionsPublic Key Encryption & Hash functions
Public Key Encryption & Hash functions
 
Lesson 1
Lesson 1Lesson 1
Lesson 1
 
Ch12 Cryptography it-slideshares.blogspot.com
Ch12 Cryptography it-slideshares.blogspot.comCh12 Cryptography it-slideshares.blogspot.com
Ch12 Cryptography it-slideshares.blogspot.com
 

Último

Activity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translationActivity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translationRosabel UA
 
Transaction Management in Database Management System
Transaction Management in Database Management SystemTransaction Management in Database Management System
Transaction Management in Database Management SystemChristalin Nelson
 
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxAnupkumar Sharma
 
Expanded definition: technical and operational
Expanded definition: technical and operationalExpanded definition: technical and operational
Expanded definition: technical and operationalssuser3e220a
 
ClimART Action | eTwinning Project
ClimART Action | eTwinning ProjectClimART Action | eTwinning Project
ClimART Action | eTwinning Projectjordimapav
 
The Contemporary World: The Globalization of World Politics
The Contemporary World: The Globalization of World PoliticsThe Contemporary World: The Globalization of World Politics
The Contemporary World: The Globalization of World PoliticsRommel Regala
 
Measures of Position DECILES for ungrouped data
Measures of Position DECILES for ungrouped dataMeasures of Position DECILES for ungrouped data
Measures of Position DECILES for ungrouped dataBabyAnnMotar
 
Active Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdfActive Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdfPatidar M
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxHumphrey A Beña
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSJoshuaGantuangco2
 
Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4JOYLYNSAMANIEGO
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management systemChristalin Nelson
 
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdfVirtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdfErwinPantujan2
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPCeline George
 
Presentation Activity 2. Unit 3 transv.pptx
Presentation Activity 2. Unit 3 transv.pptxPresentation Activity 2. Unit 3 transv.pptx
Presentation Activity 2. Unit 3 transv.pptxRosabel UA
 
EMBODO Lesson Plan Grade 9 Law of Sines.docx
EMBODO Lesson Plan Grade 9 Law of Sines.docxEMBODO Lesson Plan Grade 9 Law of Sines.docx
EMBODO Lesson Plan Grade 9 Law of Sines.docxElton John Embodo
 
Oppenheimer Film Discussion for Philosophy and Film
Oppenheimer Film Discussion for Philosophy and FilmOppenheimer Film Discussion for Philosophy and Film
Oppenheimer Film Discussion for Philosophy and FilmStan Meyer
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfTechSoup
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Celine George
 

Último (20)

Activity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translationActivity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translation
 
Transaction Management in Database Management System
Transaction Management in Database Management SystemTransaction Management in Database Management System
Transaction Management in Database Management System
 
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
 
Expanded definition: technical and operational
Expanded definition: technical and operationalExpanded definition: technical and operational
Expanded definition: technical and operational
 
ClimART Action | eTwinning Project
ClimART Action | eTwinning ProjectClimART Action | eTwinning Project
ClimART Action | eTwinning Project
 
The Contemporary World: The Globalization of World Politics
The Contemporary World: The Globalization of World PoliticsThe Contemporary World: The Globalization of World Politics
The Contemporary World: The Globalization of World Politics
 
Measures of Position DECILES for ungrouped data
Measures of Position DECILES for ungrouped dataMeasures of Position DECILES for ungrouped data
Measures of Position DECILES for ungrouped data
 
Paradigm shift in nursing research by RS MEHTA
Paradigm shift in nursing research by RS MEHTAParadigm shift in nursing research by RS MEHTA
Paradigm shift in nursing research by RS MEHTA
 
Active Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdfActive Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdf
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
 
Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management system
 
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdfVirtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERP
 
Presentation Activity 2. Unit 3 transv.pptx
Presentation Activity 2. Unit 3 transv.pptxPresentation Activity 2. Unit 3 transv.pptx
Presentation Activity 2. Unit 3 transv.pptx
 
EMBODO Lesson Plan Grade 9 Law of Sines.docx
EMBODO Lesson Plan Grade 9 Law of Sines.docxEMBODO Lesson Plan Grade 9 Law of Sines.docx
EMBODO Lesson Plan Grade 9 Law of Sines.docx
 
Oppenheimer Film Discussion for Philosophy and Film
Oppenheimer Film Discussion for Philosophy and FilmOppenheimer Film Discussion for Philosophy and Film
Oppenheimer Film Discussion for Philosophy and Film
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17
 

CISSP Week 20

  • 1. Asymmetric Cryptography Domain 5 Pages 822-861 Official CISSP CBK Third Edition Tim Jensen & Jem Jensen StaridLabs
  • 3. In the Beginning... ● ● ● Asymmetric cryptography is very new. Largely attributed to Dr Whit Diffie and Dr Martin Hellman (Diffie-Hellman) Diffie-Hellman released a paper in 1976 called “New Directions in Cryptography” which brought asymmetric cryptography mainstream
  • 4. Basics of Asymmetric 1) A keypair is generated 1)generally by the application to ensure the strength of key generation (keygen) 2) One key is designated the private key and is kept secret by the user. 3) The other key is designated the public key and is freely given to anyone 4) Algorithms use one way functions to encrypt data with a key that can only be decrypted by the other key in a keypair. Not even the key used to encrypt can decrypt
  • 5. Private to Public ● ● When the private key is used to encrypt a message, the message can be ready by anyone who possesses the corresponding public key. This provides non-repudiation since the receiver can have reasonable assurance that the message came from the intended sender. This is only applicable if the private key is properly secured.
  • 6. RSA ● ● Developed in 1978 by Ron Rivest, Adi Shamir, and Len Adleman Based on the mathematical challenge of factoring the product of two large prime numbers
  • 7. RSA Factoring Attacks ● 512 bit factoring attacks have been successful. – ● Took 8000 MIPS years. 1 MIPS is 1 million instructions per second. MIPS year is 31.5 trillion instructions per year. An i7 processor does 147,600 MIPS or 12.7 quadrillion instructions per year(if my calculation is correct) 1024 bit factoring attacks are quickly becoming economically feasible. NIST recommended moving away from 1024 by the end of 2010. Users weren't listening so the Certificate Authority Forum mandated that CA's stop issuing 1024 bit web certificates by Oct 1, 2014
  • 8. Attacking RSA ● ● ● Brute force: Trying all possible private keys Mathematical attacks: Factoring the product of two prime numbers Timing attacks: Measuring the running time of the decryption algorithm
  • 9. Diffie-Hellmann Algorithm ● ● ● Algorithm for key exchange. Uses discrete logarithms Allows two users to exchange or negotiate a secret symmetric key Diffie-Hellman does not provide message confidentiality
  • 10. Diffie in a GIF
  • 11. El Gamal ● Based on Diffie-Hellmann but included the ability to provide message confidentiality and digital signature service
  • 12. Elliptical Curve Cryptography (ECC) ● ● ● Uses discrete logarithmic algorithms based on the complex mathematics of elliptic curves. Fast and high strength Highest strength per bit of key length of any asymmetric algorithm. ● Shorter keys allow computational power savings. ● Beneficial in smart cards, wireless, etc ● Provides confidentiality, digital signatures, and message authentication
  • 13. Asymmetric advantages ● Ability to send a message across an untrusted medium in a secure manner without prior key exchange ● Non-repudiation of origin ● Access control ● Data integrity ● Non-repudiation of delivery
  • 14. Asymmetric Disadvantages ● ● ● Extremely slow compared to symmetric Impractical for large amounts of data and frequent transactions Ciphertext output from asymmetric may be much larger than the plaintext making storage and transmission costly
  • 15. Hybrid Cryptography ● ● Symmetric can be used for encrypting large files and handling encryption/decryption without impacting delivery time or performance Asymmetric crypto can handle the initial setup of the communications session through the exchange and negotiation of the symmetric keys
  • 16.
  • 17. Message Digests ● ● A message digest is a small representation of a larger message. Message digests are used to ensure the authentication and integrity of information and not confidentiality Example MD5
  • 18. Message Authentication Code ● ● MAC, also known as a cryptographic checksum, is a small block of data that is generated using a secret key and then appended to the message. When message is received, the recipient generates their own MAC using the secret key and can validate that the message has not changed during transit
  • 19. MAC Characteristics ● ● ● A MAC is much smaller than the message generating it Given a MAC, it is impractical to compute the message that generated it Given a MAC and the message that generated it, it is impractical to find another message generating the same MAC
  • 20. MAC Example ● ● If a sending is using DES-CBC and generates a MAC during the transaction, the MAC is the last block of ciphertext generated by the algorithm. This block of data is transmitted to the recipient. If the recipient runs the decrypt operation and receives the same last block of ciphertext then the checksum is valid and can prove authentication since only someone with the secret key could generate the message.
  • 21. HMAC ● ● A hash MAC operation uses a hash function to verify message integrity. HMAC's are calculated by taking a secret key balue to a hash input function along witht he source message. ● HMAC's are more efficient than MAC's ● Used often with SSL/TLS, IPSEC, etc
  • 22. Hashing ● ● A hash function accepts an input message of any length and generates, through a one-way operation, a fixed-length output. It does not use a secret key. The only input is the input message.
  • 23. Key properties of a hash function ● ● ● ● ● Uniformly distributed – The hash output value should not be predictable Weak collision resistance - Difficult to find a second input value that hashes to the same value as another input Difficult to invert – Should be one way, should not be able to derive hash input x by reversing the hash function on output y Strong collision Resistance – Difficult to find any two inputs that hash to the same value Deterministic – Given an input x, it must always generate the same hash value y
  • 24. MD5 Message Digest Algorithm ● Developed by Ron Rivest at MIT in 1992 ● Generates a 128 bit digest from a message of any length ● Processes the message in 512 bit blocks and does 4 rounds of processing. Each round contains 16 steps ● Hash/message collision odds are 264 ● Odds of reversing a message from a hash are 2 128 ● ● ● Commonly used in forensic investigations to ensure that the original media has not been altered since seizure Recently there have been several attacks developed against MD5 where it is now possible to find collisions. MD5 should be phased out. MD4 is weaker than MD5 and should not be used
  • 25. SHA/SHA-1 ● The Secure Hash Algorithm was developed by NIST in 1993 and issued as FIPS 180 ● A revised version (FIPS 180-1) was issued in 1995 for SHA-1 ● SHA was based on the MD4 algorithm whereas SHA-1 uses MD5 ● ● ● ● SHA-1 operates on 512 bit blocks and can handle any message up to 2 64 bits in length. The output hash is 160 bits Processing includes 4 rounds of operations of 20 steps each Recently there have been several attacks descripbed against SHA-1 despite it being considerably stronger than MD5 NIST issued FIPS 180-3 which recognizes SHA-1, SHA-224, SHA-256, SHA384, SHA-512 as part of the secure hash standard. Output varies from 160 to 512 bits
  • 26. SHA-3 ● ● NIST is currently evaluating hash algorithms to choose SHA-3. (Update: Keccak has tentatively been chosen, but there is some controversy)
  • 27. HAVAL ● ● ● ● HAVAL was developed at the University of Wollongong in Australia It combines a variable length output with a variable number of rounds of operation on 1024 bit input blocks. The output can be 128, 160, 192, 224, or 256 bit and the number of rounds may vary from 3 to 5 HAVAL operates 60% faster than MD5 when only 3 rounds are used and just as fast when 5 rounds are used Not to be confused with HALAL
  • 28. RIPEMD-160 ● ● ● ● ● Developed by the European RACE Integrity Primitives Evaluation project In response to vulnerabilities found in MD4 and MD5 The original algorithm RIPEMD-128 had the same vulnerabilities as MD4/MD5. Output for RIPEMD-160 is 160 bits and operates on 512 bit blocks. Performs 5 paired rounds of 16 steps each for 160 operations
  • 29. Hash/MAC attacks ● Primary attack methods: – Brute force ● ● – Must find a weakness in the hashing algorithm that would allow an attack to reconstruct the original message from the hash value, find another message with the same hash value, or find any pair of messages with the same hash value Oorschot and Weiner developed a machine that could find a collision on a 128 bit hash in about 24 days Cryptanalysis ● ● Side channel attack – Attack implementation of algorithm rather than the algorithm directly Rainbow tables – pre-computed lists of hashes. Can be defeated by salting
  • 30. Birthday Paradox ● ● ● ● Describes the probability of finding two people with the same birthday from a group of people In a room of 23 people there's more than a 50% chance of two of them sharing the same birth day Same principal can theoretically be used in hashing to find a collision Attacker wants to 1: Change the message contents to what he wants or 2: cast some doubt on the authenticity of the original message
  • 31. Key Management ● Auguste Kerchhoff's law: – ● “A cryptosystem should be secure even if everything about the system, except the key, is public knowledge” Claude Shannon: – “The enemy knows the system”
  • 32. Key Management ● ● Loss of a key is the same as loss of the data itself – protect it! Control issuance, revocation, recovery, and distribution of keys
  • 33. XKMS ● Why is this here? Seems tangential ● XML Key Management Specification – ● Spec defines protocols for distributing and registering public keys (W3C) Consists of 2 parts: – XML Key Information Sercive Spec (X-KISS) – XML Key Registration Service Spec (X-KRSS)
  • 34. XKMS ● X-KISS – ● Client delegates tasks to a trust server X-KRSS – Registers public keys
  • 35. Creating & Distributing Keys ● Automated key generation – ● ● Hopefully quicker and more random than manual Keys must take a sufficient amount of time and effort for an attacker to break them The two main factors in a strong key are: – Randomness – Key length/size
  • 36. Randomness ● ● If an attacker can easily guess at a key or find patterns in the key, it takes less effort to break Computers are designed for predictability and order so creating pseudo randomness can be troublesome
  • 37. Cupcakes Sausage ● ● If we generate randomness with an algorithm, it isn't really random since it follows the formula The solution? SEEDS! … … ... ● Not those kinds of seeds!
  • 38. Randomness ● An initialization vector (IV) or seed is: – A value fed into a randomness algorithm to produce apparently random results – Common seeds are mouse movements or time between keyboard inputs – Could also be manually input like with WEP/WPA ● As we've shown in previous classes, wireless keys are rarely random... ex: “password123”
  • 40. Key Length ● ● Cryptographic security is a logarithmic measure of the fastest known computational attack on the algorithm Key length is distinct from cryptographic security, meaning a longer key doesn't necessarily mean more security Ex: 3DES with a key length of 168 (3x 56 bit keys) only has an effective security of 112 (2x 56) due to the meet in the middle attack
  • 41. Key Length ● ● ● The longer the key, the more expensive to encrypt/decrypt The goal should be a key of just enough length to protect the information Depends on the worth of the information – Many websites use HTTP for much of their site because it's public and of low worth to protect – When they use HTTPS, they may use the lowest level they can so that the site is fast and doesn't tax their server
  • 42. Asymmetric Key Length ● ● Asymmetric cryptography relies on the difficulty of solving certain mathematical problems That means it's easier to brute-force answers than to run the computations – Therefore asymmetric keys must be longer than symmetric to resist these attacks RSA (asymmetric) key length Equivalent to symmetric key length 1024-bit 80-bit 2048-bit 112-bit 3072-bit 128-bit 15,360 256-bit
  • 43. Key Distribution ● ● Exchanging keys is dangerous – if anyone intercepts the key, they can decrypt messages One solution is a Key Encrypting Key (KEK) – Process of using a KEK called Key Wrapping – Protocols which use KEK: SSL, PGP, S/MIME
  • 44. Key Distribution ● Methods: – Out-of-band exchange (CD, Fax, Phone call) – PKI key server ● – Central repository of public keys Key distribution center (KDC) ● ● Each user has a master (secret) key to talk to KDC KDC sets up session keys to talk to other users
  • 45. Key Storage ● Often buried within equipment, inaccessible to the users – ● Stored in protected smart cards (KEK cards) Keys must have expiration dates to prevent longterm cryptanalytic attacks
  • 46. NIST Guidelines ● Keys should be signed with a MAC and encrypted ● Make backup copies of central/root keys ● Provide key recovery capabilities ● Archive user keys for the period of time where a key can be used to protect information
  • 47. Risk Factors (NIST) ● Strength of cryptographic mechanisms ● The implementation of the mechanism ● The operating environment ● The volume of information/# of transactions ● The security life of the data ● The security function (encryption, signing) ● The re-keying method ● The key update process ● The number of nodes with shared keys ● The number of copies of shared keys ● The threat to the information (who might be attacking)
  • 48. Key Destruction ● ● Generally, shorter key periods enhance security Once deleted, the key could still reside in memory or on disk until sufficiently overwritten – Actually erasing can take multiple passes of overwriting the memory – Sometimes a key will reside in memory for so long that it gets “burned in” ● Can be mitigated by splitting the key in memory
  • 49. Key Destruction ● Manual keys – ● Higher risk to update and distribute – sometimes more secure to update less frequently and control keys more closely with compensating controls Different key lifetimes depending on user roles – Key to use the printer could last much longer than key to open the datacenter due to lower risk
  • 50. Key Destruction ● Balancing act – – ● Reissuing too often can become excessively burdensome Still has to happen enough to minimize loss Handle lost/compromised keys – Data signed before compromise should still be good – Should just prevent use of the key after the date it was compromised
  • 51. Cost of Certificate Replacement ● Re-keying a large database or replacing a large number of keys is very expensive – ● Might justify expensive security measures to offset longer key lifecycle Conversely, you might justify shorter periods – Example: Employee keys expires more often so they must continually prove they are still authorized to have access. If they quit/change jobs, the shorter lifecycle will ensure they lose access
  • 52. Key Recovery ● Methods: – Common trusted directory – Policy requiring all keys be registered with security department – Stenography? (bury key in an image) – Password wallet
  • 53. Key Recovery ● Multiparty key recovery – – ● Divide the key into multiple parts Pass out to multiple parties Key escrow – Ensure third-party retains a copy of the key or their own key – Must be explicit trust between company and the third-party