This week's lesson was on cryptography. There was a lot of interesting information in this section and it gave a good overview of the encryption and decryption processes. My one complaint was the attacks and the countermeasures were sort of glazed over and not given much detail or explanation. Some of these could have given examples.
Cryptography is a scientific study of converting data into a secret code so that the contents of the message cannot be read by anyone other than the intended recipient during its transmission.
Some terminology that was elaborated on was:
Plain text
* This is a readable form of a message or data. Often it is confused with clear text, but they are not the same thing. The main difference is that clear text is not intended to be encrypted, whereas plain text is intended to be put through encryption.
Ciphertext
* Encrypted form. Unreadable to all except for the intended recipient.
Cryptanalysis
* Method to recover original data without access to the encryption key. Can be used to measure and validate strength. Can also be used to breach confidentiality and integrity.
Key
* Cipher variable - used to encrypt or decrypt. Secret.
Algorithm
* Process or formula to convert data to hide its contents.
* transposition cipher (anagram) - changes position of characters in plain text messages
* substitution cipher - replaces a set of characters with symbols or another character sets - usually uses unrelated terms to obscure hidden terms
* one-time pad - plain text is translated to binary and mixed together with randomly generated binary numbers (known as the pad). A form of substitution.
Encryption
* uses an algorithm to convert plain text to ciphertext.
* purpose is for confidentiality, integrity and authenticity
Decryption
* opposite of encryption, translates the ciphertext to plain text.
Steganography
* "concealed writing" is its literal translation
* hidden messages in clear text - typically embedded in files like pictures, videos
Symmetric
* uses one shared key
* well-suited for bulk encryption b/c it takes less toll on the CPU, but at the price of less security
* out-of-band distribution is a manual method of key exchange - copying the key to a USB drive or sending it to the recipient
* in-band uses a key distribution algorithm (like Diffie-Hellman) or asymmetric technology to encrypt the key
* Each shared key needs to be unique - i.e. 1000 users in a system require generation of about 500,000 keys
* usually short - 56-512 bits (security increases with the increase of bits, but increases the amount of CPU needed to work)
* Because there are duplicates of a key, it is more difficult to secure
* 2 types: Block & Stream
* Block - encrypt by transposing plain text to ciphertext block by block (chunks), fast - processing large amounts of data, often used with software, use substitution/transposition function
* Stream - uses sequence of bits known as keystream, performs encryption on each bit within stream in real-time, used often with ATMs & PINs & smartcards, slower, used for small amounts of data less the 64 bits, best implemented in hardware, can be used with blocks, frequent used implementations - Ron's Code v4 (RC4) - variable keys up to 256bits, used with WEP & SSL, uses Key Scheduling Algorithm (KSA) and Pseudo-Random Generation Algorithm (PRGA)
Common symmetric methods:
RC5, RC6, IDEA, DES, 3DES, AES, Blowfish, Twofish
Asymmetric
* 2 keys (public & private) - created on local machine by Local Security Authority (security kernel) & a Cryptographic Service Provider (CSP)
* one key encrypts, the other decrypts (ex: encrypt with private, public decrypts; encrypt with public, decrypt with private)
* requires more resources (CPU)
* used in data encryption, digital signing, key exchange (secure transit of keys)
* used with SSL/TLS, IPsec, VPNs(PPTP, L2TP, SSTP), S/MIME & PGP (email security), SSH tunnels
* CHAP (challenge-handshake authentication protocol), Diffie-Hellman Key Exchange, DSA (Digital Signature Algorithm), ECC (Elliptic Curve Cryptography), EAP (Extensible Authentication Protocol), MD5 (Message Digest Function), RSA (Rivest, Shamir, Adleman), SHA (Secure Hashing Algorithm)
Cryptographic Tools
MD5 Calculator, HashMyFiles
Public Key Infrastructure (PKI)
Certificate Management System-
* primary component - manages certificate process and creates key pairs (public & private)
* stores private key and helps ensure safely kept
* distributes public key
* ensures authenticity & validity of certificates
Digital certificates
* electronic passwords - identifies a person/entity with public/private key pair
Validation Authority (VA)
* verifies digital certificate is valid
* uses X.509 standard and RFC 5280
* stores certificates with public/private keys
Certificate Authority (CA)
* issues digital certificate
* controller of PKI certificates (mints and specifies critical pieces of information - organization name & expiration date of - certificates)
Registration Authority (RA)
* Can verify for the CA
* Can register and validate when organization is geographically dispersed or PKI resources increased.
End user
* consumer who requests and uses certificates
Common CAs
Comodo, GoDaddy, IdenTrust
There is the option of self-signing keys
Cryptoanalysis
Liner - based on finding linear approximation of cipher, common on blocks, works on statistical differences between plain and cipher text.
Differential - symmetric key algorithms, statistical differences between ciphertexts of chosen data
Integral - useful against block ciphers, substitution-permutation networks, extension of differential
Code breaking methods
Brute force, Frequency Analysis, Trickery & deceit, one-time pad method
Cryptographic attacks:
Ciphertext only
* Goal: recover encryption key from ciphertext
* Needs to obtain encrypted message
* Does not require having the plain text if the statistical analysis is enough
Adaptive chosen plain text
* Hacker makes series of interactive queries, using subsequent plain texts based on information from previous encryptions
Chosen plain text
* Hacker creates plain text, feeds to cipher, analyzes results of ciphertext
* only occurs if hacker can choose information that is encrypted - so they can find patterns and uncover vulnerability or discover the key
Related key
* Hacker obtains ciphertexts encrypted under 2 different keys
* useful if has both matching plain text and ciphertext
Dictionary
* Attacks using dictionary of plain text with corresponding ciphertext collected over time
Known plain text
* only information available to hacker - must have both plain and ciphertext of one or more messages in order to gain the encryption key and decrypt the remaining messages
Chosen ciphertext
* hacker analyzes plain text to arbitrary sets of ciphertexts
* Early RSA & SSL were vulnerable to this attack
Rubber hose
* torture and coercion used to obtain cryptographic secrets
Chosen key
* hacker breaks ciphertext and the bigger system that was dependent on the ciphertext
Timing
* repeatedly measuring exact execution times of modular exponentiation operations
Tools used: CrypTool
Attack Countermeasures
* Restrict access to keys (keys given to application or the user directly)
* IDS - monitor exchanges and access of keys
* passphrases & passwords
* keys should not be in source code or binaries
* Certificate signing - private keys must never be transferred
* symmetric algorithms - should use key size of 168 or 256 bits (especially in large transactions)
This week's article:
Cybersecurity News - Unprotected US Critical Infrastructure Can be Hacked By Anyone – A Shocking Report
This article discussed a critical infrastructure that was found to be vulnerable to exploitation. The ICS (Industry Control Systems) panel was the piece found by researches as the vulnerability. A key aspect is the increased use of IoT and the lack of security implementation on them. Many companies are using these objects more, and they are connecting to a network. This connection is all the hacker needs to begin exploitation. Access points included water and energy industries. Hopefully upon this discoveries, the security of these systems become more important.
No comments:
Post a Comment