330 likes | 531 Views
Cryptography was known anciently as Encryption which means : Hiding the information from unauthorized entities . Various methods were used to adopt this purpose , it could be implemented manually , mechanically or even electronically .
E N D
Cryptography Revealed Ayman Saeed
Cryptography ?? . • Encryption . • Symmetric Encryption . • Asymmetric Encryption. • Diffie-hellman. • Hashing . • Digital signature . • Authentication Protocols . • PKI . • Cryptosystems . • Cryptanalysis . • Demos . • MISC : Cryptographics . Agenda
Cryptography ?? . Cryptography is a framework of methodologies used to ensure the CIA triad for our information ; C for confidentiality , I for Integrity and A for authenticity. . The need for cryptographic techs was as old as the need to keep the critical info secure , safe and authentic . the techs were invented in different forms that can be compatible with their current age , while the concept is the same . . Cryptography was known anciently as Encryption which means : Hiding the information from unauthorized entities . Various methods were used to adopt this purpose , it could be implemented manually , mechanically or even electronically .
. SCYTALE , is an example for a really old tech that was used to cipher (encrypt) information . The concept of operation is so simple . Get a long strip of leather and wind it over a rode like the picture , write the clear data on the leather over the rod and then unwind it . . “ HELP ME I AM UNDER ATTACK “ will be "HENTEIDTLAEAPMRCMUAK“ , and it totally depends on the diameter of the rode , which is the key to decipher the message .
. Nowadays are a bit different , as we are not talking about only encryption when dealing with cryptography , hashing shares the place with encryption to form the whole framework (cryptographic framework) ; hashing role is to ensure the integrity of the message . So , back to the CIA triad , encryption is used to insure the confidentiality, hashing is for ensuring the integrity and a combination of encryption & hashing for ensuring the authenticity of the message sender . . Encryption and Hashing can be considered now as systems that need an input to deliver an output , this system is controlled by a set of mathematical equations which is known as an algorithm.
Encryption . As we stated before , Encryption is considered as a component of the cryptographic framework . It’s role is to offer the confidentiality axis of the CIA triad . . Recalling the systematic view of any cryptographic component , Encryption needs an input (Clear message & key) to deliver the cipher form (output) , this cipher form to be decrypted (converted to the clear form ) we shall need a key and the same algorithm .
. Encryption can be implemented symmetrically or asymmetrically . . If we are using symmetric encryption , then we will encrypt the clear message with one key and decrypt it with the same key ; encryptor and decryptor should have the same key .
. On the other hand , for Asymmetric encryption , the sender will use a key to encrypt the message and the receiver will use a different key to decrypt the message , in case we have a bidirectional communication , each pair will use two keys one of them is public for others and a private key for himself.
Symmetric Encryption . To wrap the concept let us discuss a case for three entities that need to communicate securely using symmetric encryption . . From the figure , we can conclude that we will use 9 different private keys for achieving bidirectional communication between xyz and abc . . We can conclude also that we need to define a way by which we can exchange these private keys in a secure manner between distant entities . . We will recall these two conclusions a bit later .
. DES , 3DES , Blowfish , IDEA , RC5 , Safer , Serpent and AES are the well known symmetric encryption algorithms .
Asymmetric Encryption . Back to the same case that was assumed when using symmetric encryption. . ABC and XYZ have their public keys distributed over each other , anyone needs to talk to the other will use the other’s public key to encrypt the traffic and the other will use his own private key to decrypt the traffic , X will use A’s public key to encrypt clear traffic A will receive the cipher to decrypt it using his own private key . . Less number of keys and simple key distribution .
. RSA is a famous asymmetric key encryption algorithm . Ron Rivest ## left Adi Shamir ## Middle Leonard Adleman ## Right
. Let us now compare them (symmetric and asymmetric) : 1- Symmetric key encryption suffers from scalability issues ; to achieve a secure communication between N points , we will need to generate (N(N-1))/2 different keys . 3- Symmetric key encryption requires “ out of band “ secure exchange of keys , because , both the communicating parties needs to know about the keys before proceeding into the communication . 4- Asymmetric key encryption systems are incredibly complex , and that complexity will surely impact the performance . Asymmetric key encryption is up to 1000 times slower than symmetric key encryption . . Now how can we deal with that problem ?!!! , Diffie and Hellman will answer this question for us .
Diffie-hellman • Diffie-Hellman algorithm will use public key encryption to only distribute symmetric keys for communicating parties , symmetric key encryption will be used to deal with clear data to create the cipher , so we will have no odds :: high performance using symmetric key encryption and simple key distribution process using Diffie-Hellman algorithm , as we will sure see here and the demos section .
Khaled will generate two (public and private ) keys using his own Diffie-Hellman algorithm , Ali will do the same thing ; both of them will exchange his own public key , khaled will have his own private key and Ali’s public key , he will use his Diffie-Hellman algorithm to generate a new private key ; Ali will have the same private key if he executed the same operation.
Hashing • Hashing is the second component of the cryptographic framework , its role is to ensure the integrity of a message . The most important aspect of integrity violation is that the target of the attack is not aware about the violation occurrence , simply , if he knew he will request for a retransmission . • The problem is that I am communicating with my co-workers basing on a false information . • Hashing is an irreversible process with no keys , the clear message is the only input for the hashing process .
The message will be delivered as an input to the hashing system , hashing system will create message digest (hash) from the clear message , it will then append the digest to the message and then send them over the media ; The recipient will have the message to create a new digest and then compare the two digests .
A simple newbie can execute an MITM attack , he will be able to receive the message with the digest from the sender so as to create a new fake message with a new generated hash from the fake message (using the same hashing algorithm) to be sent to the poor receiver . • HMAC , the solution for this problem .
MD5 and SHA are the most used hashing algorithms , SHA is more secure than MD5 .
Digital signature • This is our last step for completing the CIA triad , how can we ensure authenticity using cryptography !!! • Digital signature is a mechanism by which we can authenticate the message sender on a message basis , each message needs to be authenticated , this needs to be clarified , digital signature is not a connection based authentication mechanism like pap , chap , kerborse , TACACS ............... • Digital signature uses a combination of encryption and hashing .
The message will be hashed , the digest will be encrypted by the sender private key and then sent with message to the recipient . • We have a demo for Digital signature .
Authentication Protocols • As we are taking about connection based authentication mechanism , we will deal with protocols rather than algorithms . This is to briefly list famous authentication protocols : • 1- PAP • 2- CHAP • 3- MS-CHAP • 4- NTLM • 5- EAP • 6- PEAP • 7- Kerberos • 8- TACACS+ • 9- Radius • 10- Diameter
PKI • Public Key Infrastructure is a Trust Connectivity media , I need to trust the sender before beginning a new session with him , how can I know that this public key is the one owned by the real sender; I need someone between us , someone that I can trust and that can trust this remote sender . • How can I trust you? • Answer: The CA trusts me. • How can I know the CA trusts you? • Answer: You can see my certificate issued by the CA. • .So , PKI is not for authentication, but it can be considered as a pre-authentication phase . • .We will have a full PKI course .
Cryptosystems • Cryptosystem is an implemented form of the cryptographic framework , it consists of three components : • 1- algorithms : cryptographic engines for doing encryption and hashing . • 2- protocols : for establishing connections and negotiating parameters between the communicating parties . • 3- keys : for encryption algorithms . • IPSEC , SSL , SSH , PPTP , L2TP and WEP all of them are cryptosystems , some of them provide the full CIA tirade . The only factor that differentiate between these cryptosystems is the protocol used to establish the connection and negotiate the parameters .
Cryptanalysis • “ Breaking a cipher doesn't necessarily mean finding a practical way for an eavesdropper to recover the plaintext from just the ciphertext. In academic cryptography, the rules are relaxed considerably. Breaking a cipher simply means finding a weakness in the cipher that can be exploited with a complexity less than brute-force ” Bruce Schneier.