2. CISSP Test Objectives
● A CISSP candidate is expected to know:
– Public and private key algorithms in terms of their
applications and uses
– Algorithm construction
– Key distribution and management
– Methods of attack
– The applications, construction, and use of digital
signatures to provide authenticity of electronic transactions
– Non-repudiation of the parties involved
3. What is Cryptography?
● Cryptographic systems take a plaintext
message and through a series of transpositions
or substitutions convert it to ciphertext.
6. Spartan Scytale
● A leather belt was wrapped around a tapered
dowel. A scribe would write across the dowel
and then unwind the belt. Only a similar dowel
would allow decoding.
7. Caesar Cipher
● A simple substitution cipher that shifted the
alphabet 3 positions.
13. Mechanical Math
● A=0, B=1, C=3...Z=25
● Precursor to the One Time Pad
● Also now a childrens toy
14. Modern Cryptography
● Computers allow very complex calculations
● The majority of attacks against cryptosystems
are caused by poor implementations rather
than algorithm failures.
16. Quantum Cryptography
● Traditional Cryptography primarily uses difficult
mathematical techniques
● Quantum Cryptography uses physics to secure data.
● Quantum Crypto uses Quantum Key Distribution (QKD
● Example: The Werner Heisenberg uncertainty principle
claims that a person cannot know both a particle's
position and momentum with unlimited accuracy at the
same time.
17. Quantum Crypto 2
● Quantum Cryptography is a set of protocols,
systems, and procedures by which it is possible
to create and distribute secret keys. The keys
are then used with traditional crypto algorithms
and protocols.
● Quantum cryptography is not used to encrypt
data, transfer encrypted data, or store
encrypted data
19. Still Quantum
● Quantum Key Distribution is being designed to
solve a current cryptography problem, primarily
that a user needs a secure channel to setup a
secure channel.
● Quantum Key Distribution (QKD) allows for the
exchange of keys between two remote parties
with complete security, as dictated via the laws
of physics.
20. Quantum-fu
● Quantum Crypto has two unique channels
– The first is used for transmission of quantum key material via
single-photon light pulses
– The other is used to carry all message traffic
● Within the laws of quantum physics, once a photon has
been observed, its state is changed. This makes quantum
cryptography perfect for security since any time someone
tries to eavesdrop on a secure channel, the photons will
be disturbed and the disturbance can easily be identified.
21. On Quantum Cryptography:
Nobody's ever actually has a working system...
Nor is it likely in the near future. The latest news
this month is that they might have designed a
quantum network card. Even their card is
theoretical and hasn't been tested.
22. Crypto Core Principals
● Cryptography attempts to provide integrity, confidentiality, and
authenticity. Cryptography does not completely support availability
● Availability – Cryptography specifically limits availability to only
authorized parties
● Confidentiality – The message is altered or hidden so that it cannot be
understood by anyone but the intended recipient
● Integrity – Integrity checks allow a recipient to verify that a message
has not been altered.
– Important: Cryptographic tools cannot prevent a message from being altered,
but they can detect intentional or accidental modification of the message
23. Additional Features
● Non-repudiation: Origin can be identified by
which crytpo key was used.
● Authentication: Ability to determine if someone
or something is what it declares to be.
24. Data at Rest
●
Data stored on hard disks, backup tapes, offsite storage, password
files, etc must be protected. Cryptography can be used to provide
reasonable assurance that the data cannot be read by a 3rd
party
● Tim Note: Never use a stream cipher to encrypt hard disks, backup
tapes, etc. Stream ciphers have integrity issues that are mitigated
with transmission protocols. Used directly against a disk allows the
data to be manipulated. For more details see:
http://en.wikipedia.org/wiki/Disk_encryption_theory
25. Data in Transit
●
Data in transit could be intercepted by a 3rd
party
● Modern Cryptography provides secure and
confidential methods to transmit data and allow
the verification of the integrity of the message.
26. Link Encryption
● Data can be encrypted on a network using link
or end-to-end encryption.
● Routing data is encrypted and as such each
node must decrypt the data to continue routing.
● If an attacker compromises a node in the
network they may be able to see the message
in the clear before it is re-encrypted.
27. End-To-End Encryption
● End to End encryption is generally performed
by an end user.
● Data is encrypted at the start of the
communications channel and remains
encrypted until it is decrypted at the remote
end.
● Only the message is encrypted, the routing
information is visible.
28. Definition Broken
● A crytographic function or implementation is considered broken
when one of the following conditions is met:
– For a hashing function:
● Collisions or hashes can be reliably reproduced in an economically feasible fashion
without the original source
● When an implementation of a hash function allows a side channel attack
– For an encryption system:
● A cipher is decoded without access to the key in an economically feasible fashion.
● When an implementation of an encryption system allows for the unauthorized
disclosure of information in an economically feasible fashion.
29. Cryptography Grades
NIST 800-161A
● Acceptable: Algorithm and key length is safe to use. No
security risk is currently known
● Deprecated: Use of algorithm and key length is allowed,
but there is some risk
● Restricted: Use of the algorithm or key length is
deprecated and there are additional restrictions on use.
● Legacy: Algorithm or key length may only be used to
process already protected information but there may be
risk in doing so.
30. Policies/procedures needed for
cryptography transition
● Approved cryptographic algorithms and key sizes
● Transition plans for weakened or compromised
algorithms and keys
● Procedures for the use of cryptographic systems
● Data classification – what information requires what
grade of encryption
● Key generation, storage, and destruction
● Incident reporting surrounding the loss of keys or
system compromise
31. International Export Controls
●
Most countries have some regulations regarding the use or distribution of
cryptographic systems. Mostly this is so law enforcement can do their jobs and
to keep criminals from using strong encryption.
●
Cryptography is considered to be a weapon of war and is managed through
laws used to control the distribution of military equipment.
●
In the US regulation is provided by the NSA, US Dept of State, and US Dept of
Commerce
● Most companies market two versions of their products: One with strong
encryption and one with weaker encryption which is meant for overseas
distribution.
● http://msdn.microsoft.com/en-us/library/windows/apps/hh694069.aspx
32. Law Enforcement
● Some countries do not allow the personal use
of encryption, require weak keys, or require that
an individual discloses their keys if law
enforcement requires it.
● Criminal methods are causing consumers to
use stronger encryption which is making it more
difficult for law enforcement to decrypt and
analyze encrypted messages.
33. Encryption Concepts
● Key Custering: When different encryption keys
generate the same ciphertext from the same
plaintext message.
● Synchronous: Each encryption or decryption
request is performed immediately
● Asynchronous: Encrypt/Decrypt requests are
processed in queues. Often used in hardware
devices and multiprocessor systems.
34. Encryption Concepts 2
● Hash: A one-way mathematical operation which
reduces a message into a smaller fixed length
output (hash value).
● Digital Signatures: A message is hashed and
the hash value is encrypted using the private
key of the sender. This allows integrity
verification (from the hash) and non-repudiation
since you can identify who's private key was
used to encrypt the hash.
35. Encryption Concepts 3
● Asymmetric: Two different but mathematically related keys
are used where one key is used to encrypt and another key
is used to decrypt. Commonly referred to as Public Key
Infrastructure (PKI)
– RSA, Diffie-Hellman(DH)
● Symmetric: A message is encrypted with a key and
decrypted with the same key. The key owner(s) must
securely transmit the key somehow.
– AES, 3DES
36. Encryption Concepts 4
● Digital certificate: Electronic Document containing: Name of organization or individual,
business address, digital signature of the certificate authority, certificate holder's public key,
a serial number, and the expiration date
● Certificate Authority: An entity trusted by one or more users as an authority in a network
that issues, revokes, and manages digital certificates
● Registration Authority: Performs certificate registration services on behalf of a CA. An RA is
responsible for the accuracy of the information contained in a certificate request. The RA is
also expected to perform user validation before issuing a certificate request.
37. Encryption Concepts 5
● Plaintext/Cleartext: The message in it's natural
format, readable by anyone.
● Ciphertext/Cryptogram: The altered form of a
plaintext message so it is unreadable for anyone
except the intended recipients.
● Cryptosystem: Represents the entire
cryptographic operation. This includes the
algorithm, the key, and the key management
functions.
38. Encryption Concepts 6
● Encryption: The process of converting the message
from its plaintext to ciphertext. Also known as
enciphering.
● Decryption: The reverse process of encryption. The
ciphertext is converted back to the same plaintext.
● Key/Cryptovariable: The input that controls the
operation of the cryptographic algorithm. The key
controls the reliability of the encryption and decryption
of a message.
39. Encryption Concepts 7
● Non-repudiation: Evidence is maintained so that
the sender and recipient of data cannot deny
having participated in the communication.
● Algorithm: Mathematical function that is used in
the encryption and decryption process.
● Cryptanalysis: The study of techniques for
attempting to defeat cryptographic techniques.
● Cryptology: The science that deals with hidden,
disguised, or encrypted communications.
40. Encryption Concepts 8
● Collision: Occurs when a hash function
generates the same output for different inputs.
● Key Space: The total number of possible keys
in a cryptographic algorithm or password.
Example: a 20-bit key would have a keyspace
of 1,048,567
● Word Factor: Represents the time and effort
required to break a protective measure.
41. Encryption Concepts 9
● Initialization Vector (IV): A nonsecret binary vector used at
initialization to add additional cryptographic variance and to
synchronize equipment.
● Encoding: Changing a message into another format through the use
of code. Example is taking a plaintext message and converting it into
a format which can be transmitted over radio. Used for integrity
instead of secrecy. Morse code is an example.
● Decoding: Reverse process from encoding – converting the encoded
message back to plaintext.
42. Encryption Concepts 10
● Transposition/Permutation: Process of
reordering the plaintext to hide the message
44. Encryption Concepts 12
● SP-network: Process described by Claude
Shannon1 and is used in most block ciphers. SP
stands for Substitution and permutation, and most
block ciphers do a series of repeated substitutions
and permutations to add confusion and diffusion
to the encryption process. An SP=network uses a
series of S-boxes to handle the substitutions.
Breaking a plaintext block into a subset of smaller
S-boxes makes it easier to handle the
computations
47. Encryption Concepts 13
● Confusion: Mixing the key values used during the repeated rounds of
encryption. When the key is modified for each round, it provides added
complexity that the attacker would encounter.
● Diffusion: Mixing up the location of the plaintext through the ciphertext.
Through transposition, the location of the first character of the plaintext
may change several times during the encryption process
● Avalanch Effect: Characteristic in cryptography where a minor change in
either the key or the plaintext will have a significant change to the resulting
ciphertext. It is also a feature of a strong hashing algorithm.
48. High Work Factor
● The average amount of effort work work required to
break an encryption system. This is measured in
hours of computing time on a specific computer
system (2,000 hours on a 486).
● If the work factor is economically infeasible, then the
encryption scheme is considered reliable.
● Obviously this number changes over time as
technology advances.
50. Stream Based Ciphers
● Encryption is performed bit by bit.
● Used in streaming applications such as voice and video.
● WEP used a stream cipher (RC4) but was implemented
incorrectly and is not considered secure since the encryption
key can be easily exposed to the attacker.
● The cryptographic operation for a stream cipher is to mix the
plaintext with a keystream that is generated by the
cryptosystem. This is generally done using an XOR.
52. Stream Based Ciphers 2
● A stream-based cipher relies primarily on
substitution. One character or bit is substituted
for another.
53. Stream Based Security Considerations
● The keystream should not be linearly related to the
cryptovariable IE: knowledge of the keystream output value
does not disclose the cryptovariable.
● Statistically unpredictable – given n successive bits from the
keystream it is not possible to predict the n + 1st
bit with a
probability different from ½
● Statistically unbiased – there should be as many 0's as 1's, as
many 00's as 01's, 10's, 11's, etc.
● Long periods without repetition.
● Functional complexity – each keystream bit should depend on
most or all of the cryptovariable bits.
54. Block Ciphers
● A block cipher operates on blocks or chunks of text. As
plaintext is fed into the cryptosystem, it is divided into blocks of
a preset value which is often multiples of ASCII character size
(64, 128, 192, etc). Most block ciphers use a combination of
substitution and transposition to perform their operations. This
makes a block cipher relatively stronger than a stream based
cipher but more computationally intensive.
● Block ciphers are generally implemented in software whereas
stream based can be implemented in hardware or software.
55. Initialization Vectors (IV)
● Messages may be of varying length
● Encrypting the same plaintext with the same
key always produces the same ciphertext.
● To provide confidentiality of arbitrary length
several modes of operation were created to
ensure that ciphertext will be different each time
even when using the same key. These are
Initialization Vectors
61. Key Length
● The security of an algorithm is usually equal to the
length of the key. If you increase the key length you
increase the security. This is not the case in
algorithms (3DES).
● Increasing the key length makes the encryption and
decryption process more computationally expensive
and must be kept in mind. If you have a web server
with a very large key, it won't be able to serve as
many users as a system with a smaller key.
62. Block Size
● Block size can also affect security. All blocks
must be of the same size, so if the block isn't
full then the algorithm pads the remainder.
● Exceptionally wrong blocksize choices are
computationally expensive and possibly reduce
the statistical randomness.
63. Null Ciphers
● Null ciphers are used when encryption isn't
necessary.
● Main uses are for testing/debugging, low security
(public, static websites), or with authentication
only communications.
● (They are on by default on may webservers.
Attackers can re-negotiate client sessions to
disable encryption. Null ciphers should be
disabled if not necessary)
64. Null Ciphers
● Null ciphers are used when encryption isn't
necessary.
● Main uses are for testing/debugging, low security
(public, static websites), or with authentication
only communications.
● (They are on by default on may webservers.
Attackers can re-negotiate client sessions to
disable encryption. Null ciphers should be
disabled if not necessary)
65. Substitution Ciphers
● Substitution ciphers substitute one letter for
another based upon a cryptovariable
● Caesar Cipher, ROT-13, Decoder Rings