**Definitions**

Algorithm: The set of mathematical rules used in encryption and decryption.

Cryptography: Science of secret writing that enables you to store and transmit data in a form that is available only to the intended individuals.

Cryptosystem: Hardware or software implementation of cryptography that transforms a message to cipher text and back to plain-text.

Cryptanalysis: Practice of obtaining plain-text from cipher-text without a key or breaking the encryption.

Cryptology: The study of both cryptography and cryptanalysis.

Cipher-text: Data in encrypted or unreadable format.

Encipher: Act of transforming data into an unreadable format.

Decipher: Act of transforming data into a readable format.

Key: Secret sequence of bits and instructions that governs the act of encryption and decryption.

Key clustering: Instance when two different keys generate the same cipher-text from the same plain-text.

Key-space: Possible values used to construct keys.

Plain-text: Data in readable format, also referred to as clear-text.

Work factor: Estimated time, effort, and resources necessary to break a cryptosystem.

**Types of ciphers**

Substitution cipher: Replaces bits, characters, or blocks of characters with different bits, characters or blocks.

Transposition cipher: Permutation is used, meaning that letters are scrambled. The key determines the positions that the characters are moved to.

Frequency analysis: Analysis of the frequent patterns of letters used in messages and conversation.

Running key cipher: Uses steps in the physical world around us, like books (page, line number and word count). Each word is described by a sequence of numbers.

Concealment cipher: Every X number of words within a text, is a part of the real message.

Steganography: Hiding data in another message so that the very existence of the data is concealed. A message can by hidden in a wave file, in a graphic or in unused spaces on a hard drive or sectors that are marked as unusable.

Clipper chip: A NSA designed tamper-proof chip for encrypting data. Uses the SkipJack algorithm. Each Clipper Chip has a unique serial number and a copy of the unit key is stored in the database under this serial number. The sending Clipper Chip generates and sends a Law Enforcement Access Field (LEAF) value included in the transmitted message. Based on a 80-bit key and a 16-bit check-sum.

Key Escrow: The unit keys are split into two sections and are given to two different escrow agencies to maintain.

Fair cryptosystems: Separate the necessary key required for decryption, but this method takes place in software encryption processes using public key cryptography, whereas key escrow is mainly used when hardware encryption chips are used.

**Methods of Encryption**

Symmetric Cryptography: Both parties will be using the same key for encryption and decryption. Can only provide confidentiality. They are fast and can be hard to break.

Strength – Much faster than asymmetric systems / Hard to break if using a large key size

Weaknesses – Key distribution (requires a secure mechanism to deliver key properly) / scalability (each pair of users needs a unique pair of keys) / Limited security (can only provide confidentiality)

Out-of-band method: The key is transmitted through another channel than the message.

Asymmetric Algorithms: Two different asymmetric keys are mathematically related, public and private key.

Strengths – Better key distribution than symmetric systems / better scalability than symmetric systems / can encrypt confidentiality, authentication and non repudiation

Secure message format – Encrypted by the receiver’s public key

Open message format – Encrypted by the sender’s private key

Secure and signed format – Encrypted by the senders private key and then encrypted with the receivers public key

*Two types of symmetric algorithms*

Stream ciphers: Treats the message as a stream of bits or bytes and performs mathematical functions on them individually. The key is a random value input into the stream cipher, which it uses to ensure the randomness of the keystream data. Are more suitable for hardware implementations, because they encrypt and decrypt one bit at a time. Are intensive because each bit must be manipulated, which works better at the silicon level.

Characteristics of a strong and effective cipher algorithm – Long periods of no repeating patterns within keystream values / statistically un predictable / the keystream is not linearly related to the key / statistically unbiased keystream (as many 0’s as 1’s) Key stream generator – Produces a stream of bits that is XORed with the plaintext bits to produce cipertext.

Block ciphers: The message is divided into blocks of bits. Uses diffusion and confusion in their methods. Uses Substitution boxes (S-boxes) In each step. It is the key that determines what functions are applied to the plaintext and in what order. Are more suitable for software implementations, because they work with blocks of data which is usually the width of a data bus (64 bits). Block ciphers sometimes work in a mode that emulates a stream cipher.

Confusion – Different unknown key values are used.

Diffusion – Putting the bits within the plaintext through many different functions so that they are dispersed throughout the algorithm.

S-box – Contains a lookup table that instructs how the bits should be permuted or moved around. The key that is used in the decryption process dictates what S-boxes are used and in what order.

*Types of symmetric systems*

Data Encryption Standard (DES): Certified by NIST, based on IBM’s 128 bit algorithm Lucifer. Is a block encryption algorithm. 64 bit in -> 64 bit out. 56 bits make up the true key and 8 bits are used for parity. A block of 64 bits is divided in half and each character is encrypted one at a time. The characters are put through 16 rounds of transposition and substitution functions.

Have four distinct modes of operation:

ECB mode / Electronic Code Book – Native encryption mode. Provides the recipe of substitutions and permutations that will be performed on the block of plaintext. Data within a file does not have to be encrypted in a certain order. Used for small amounts of data, like challenge-response, key management tasks. Also used to encrypt PINs in ATM machines.

CBC mode / Cipher Block Chaining – Each block of text, the key, and the value based on the pervious block is processed in the algorithm and applied to the next block of text.

CFB Mode / Cipher Feedback Mode – The previously generated ciphertext from the last encrypted block of data is inputted into the algorithm to generate random values. These random values are processed with the current block of plaintext to create ciphertext. This mode is used when encrypting individual characters is required.

OFB Mode / Output Feedback – Functioning like a stream cipher by generating a stream of random binary bits to be combined with the plaintext to create ciphertext. The ciphertext is fed back to the algorithm to form a portion of the next input to encrypt the next stream of bits.

DEA – Data Encryption Algorithm

FIPS – Federal Information Processing Standard

Triple-DES (3DES): Uses 48 rounds in its computation. Heavy performance hit and it can take up to three times longer than DES to perform encryption and decryption.

Advanced Encryption Standard (AES): NIST replacement standard for DES. The winner was Rijndael, which is a block cipher with a variable block length and key length. Employs a round transformation that is comprised of three layers of distinct and invertible transformations: The non-linear layer / the linear mixing layer / the key addition layer. Is suited for high speed chips with no area restrictions / a compact co-processor on a smart card.

International Data Encryption Algoritm (IDEA): Block cipher that operates on 64 bit blocks of data. The key is 128 bits long. The 64-bite data block is divided into 16 smaller blocks and each has eight rounds of mathematical functions performed on it. Is used in the PGP encryption software.

Blowfish: A block cipher that works on 64-bit blocks of data. The key length can be up to 448 bits and the data blocks go through 16 rounds of cryptographic functions.

RC5: A block cipher that has a variety of parameters it can use for block size, key size and the number of rounds used. Block sizes: 32/64/128 and key size up to 2048 bits.

*Types of asymmetric systems*

RSA: Provides authentication (digital signature) and encryption. The security comes from the difficulty of factoring large numbers, where the keys are functions of a pair of large prime numbers. Is used in many web browsers with SSL, in PGP and government system that use public key cryptosystems.

El Gamal: Used for digital signatures and key exchange. Based on calculating discrete logarithms in a finite field.

Elliptic Curve Cryptosystem (ECC): Provides digital signatures, secure key distribution and encryption. Requires smaller percentage of the resources than other systems. Based on the properties of elliptic curves in their public key system.

*Hybrid Encryption Methods*

Public Key Cryptography: Uses two keys generated by an asymmetric algorithm for protecting encryption keys and key distribution and a secret key is generated by a symmetric algorithm and used for bulk encryption.

– Asymmetric algorithm performs encryption and decryption by using public and private keys.

– Symmetric algorithm performs encryption and decryption by using a secret key.

– A secret key is used to encrypt the actual message.

– A secret key is synonymous to a symmetric key.

– An asymmetric key refers to a public or private key.

Diffie-Hellman Key Exchange: Were the first to introduce the notion of public key cryptography. Is used for key distribution and it cannot be used to encrypt and decrypt messages.

Session keys: Is a secret key that is used to encrypt messages between two users. Is only valid for one session.

Symmetric versus Asymmetric Systems

Attributes Symmetric Asymetric

Keys One key is shared between One entity has a public key

_ two or more entities. and the other entity has a

_ private key.

Key exchange Out-of-band. Symmetric key is encrypted

_ and sent with message; thus,

_ the key is distributed by inbound means.

Speed Algorithm is less complex Algorithm is more complex and slower

_ and faster.

Key length Fixed-key length Variable-key length

Use Bulk encryption, which means Key encryption and

_ encrypting files and distributing keys

_ communication paths.

Security service Confidentiality and integrity Confidentiality, integrity,

_ authentication and non-repudiation

**Public Key Infrastructure (PKI)**

Digital certificate – A credential that contains the public key of that individual along with other identifying information.

Certificate authority (CA) – An organization that maintains and issues public key certificates.

Certificate revocation list (CRL) – A list of every certificate that has been revoked for one reason or another. This list is maintained periodically.

Certificate – Is the mechanism used to associate a public key with a collection of components sufficient to uniquely authenticate the claimed owner.

Registration authority (RA) – Performs the certification registration duties.

PKI entities and function – CA / RA / certificate repository / certificate revocation system / key backup and recovery system / automatic key update / management of key histories / cross-certification with other CAs / timestamping / client-side software

PKI supplies – Confidentiality / Access control / Integrity / Authentication

One-way function: Is a mathematical function that is easier to compute in one direction than in the opposite

direction.

Trapdoor one-way function – The basis for public key cryptography. A public key encrypts and a private key (trapdoor) decrypts

*Message integrity*

One-way hash: Is a function that takes a variable-length string a message, and compresses and transforms it into a fixed length value referred to as a hash value.

Message digest – The hash value of a one-way hash.

One-way function used in public key cryptography

Function – It never performed in reverse / It provides integrity of a message, not confidentiality or authentication. / The result of a one-way hash is a hashing value / It is used in hashing to create a fingerprint for a message.

Digital signatures: Is an encrypted hash value of a message

Digital signature standard (DSS): A standard for digital signatures and its functions and acceptable use. Require Digital Signature Algorithm (DSA) and the Secure Hash Algorithm (SHA).

*Different Hash algorithm*

MD4 – Produces 128-bit hash values. Used for high-speed computation in software implementation and is optimized for microprocessors.

MD5 – Produces 128-bit hash values. More complex than MD4. Processes text in 512-bit blocks.

MD2 – Produces 128-bit hash values. Slower than MD4 and MD5

SHA – Produces 160-bit hash values. This is then inputted into the DSA, which computes the signature for a message. The message digest is signed instead of the whole message.

SHA1—Updated version of SHA.

HAVAL – Is a variable length one-way hash function and is the modification of MD5. Processes text in 1024-bit blocks.

Attacks against one-way hash functions

Collision – If the algorithm does produce the same value for two distinctly different messages.

Birthday attack – Is an attack on hashing functions through brute force. The attacker tries to find two messages with the same hashing value

One-time pad: Is unbreakable and each pad is used exactly once. Uses a truly nonrepeating set of random bits that are combined bit-wise XOR with the message to produce ciphertext. The random key is the same size as the message and is only used once. Difficult to distribute the pads of random numbers to all the necessary parties.

**Key Management**

Kerberos – A key distribution center (KDC) is used to store, distribute and maintain cryptographic session keys.

Diffie-Hellman – Uses a key exchange algorithm (KEA)

Key Management principles: Should not be in cleartext outside the cryptographic device. Backup copies should be available and easily accessible when required. A company can choose to have multiparty control for emergency key recovery. This means that if a key needs to be recovered, more than one person is required to be involved with this process.

Rules for key and key management: – The key length should be long enough to provide the necessary level of protection.

– Keys should be stored and transmitted by secure means.

– Keys should be extremely random and use the full spectrum of the keyspace.

– The key’s lifetime should correspond with the sensitivity of the data it is protecting.

– The more the key is used, the shorter its lifetime should be.

– Keys should be backed up or escrowed in case of emergencies.

– Keys should be properly destroyed when their lifetime comes to an end.

*Link versus end-to-end encryption*

Link encryption: Encrypts all the data along a specific communication path like a satellite link, T3 line or telephone circuit. User information, header, trailers, addresses and routing data that are part of the packets are encrypted. Provides protection against packet sniffers and eavesdroppers. Packets have to be decrypted at each hop and encrypted again. Is at the physical level.

End-to-end encryption: Only information is encrypted. Is usually initiated at the application layer of the originating computer. Stays encrypted from one end of its journey to the other. Higher granularity of encryption is available because each application or user can use a different key.

*E-mail standards*

Privacy-enhanced mail (PEM): Provide authentication, message integrity, encryption and key management. Specific components that can be used:

– Messages encrypted with DES in CBC mode

– Authentication provided by MD2 or MD5

– Public key management provided by RSA

– X.509 standard used for certification structure and format

Message Security Protocol (MSP): Can sign and encrypt messages and perform hashing functions.

Pretty Good Privacy (PGP): First widespread public key encryption program Uses RSA public key encryption for key management and IDEA symmetric cipher for bulk encryption of data. PGP uses passphrases, that is used to encrypt the user’s private key that is stored on her hard drive. Relies on a ”web of trust” in its key management approach. Key ring – Each user keeps a collection of signed public keys he has received from other users.

**Internet Security**

HTTP: Sits on the top of TCP/IP. Is a stateless protocol, client and web server make and break a connection for each operation.

S-HTTP – Secure Hypertext Transport Protocol: Developed to provide secure communication. Encrypts messages with session keys that are calculated. Provides integrity and sender authentication capabilities. Is not a stateless protocol. Can support multiple encryption modes and types. Can use public key technology and symmetric encryption. Used when an individual message needs to be encrypted.

HTTPS: Protects the communication channel between two computers. Uses SSL and HTTP to provide a protected circuit between a client and server. Used when all information that passes between two computers needs to be encrypted.

SSL – Secure Sockets Layer: Protects a communication channel. Uses public key encryption. Provides data encryption, server authentication, message integrity and optional client authentication. Keeps the communication path open until one of the parties requests to end the session. Lies beneath the application layer and above the transport layer.

MIME – Multipurpose Internet Mail Extension: Indication how multimedia data and e-mail attachments are to be transferred.

S/MIME – Secure MIME: Standard for encrypting and digitally signing electronic mail that contains attachments and providing secure data transmissions. Provides confidentiality through the user’s encryption algorithm, integrity through the user’s hashing algorithm, authentication through the use of X.509 public key certificates and non-repudiation through cryptographically signed messages.

SET – Secure Electronic Transaction: Developed to send encrypted credit card numbers Comprised of three main parts: the electronic wallet, the software running on the merchant’s server at its web site and the payment server that is located at the merchant’s bank.

Cookies: Text files that a browser maintains on a user’s hard drive. Are used for demographic and advertising information. Are used as timestamps to ensure that a session between a user and a server is restricted to a specific length of time. Cookies that contain sensitive information should be encrypted by the server on the site that distributed them.

SSH – Secure Shell: Functions as a type o tunnelling mechanism that provides terminal like access to remote computers. Should be used instead of telnet, ftp, rlogin, rexec or rsh. Two computers goes through a handshake and a secure channel is established.

IPSec – Internet Protocol Security: A method of setting up a secure channel for protected data exchange between two devices. Widely accepted standard for secure network layer transport. Have strong encryption and authentication methods that employ public key cryptography. Is usually used to establish VPN. It is an open, modular framework that provides a lot of flexibility.

Have two basic security protocols:

– AH – Authentication Header: Is the authenticating protocol.

– ESP – Encapsulating Security Payload: Is an authenticating and encrypting protocol that uses cryptographic mechanism to provide source authentication, confidentiality and message integrity.

Can work in two modes:

– Transport mode: The payload of the message is encrypted

– Tunnel mode: The payload, the routing and header information of the message is encrypted

SA – Security association – Can contain the authentication and encryption keys, the agreed upon algorithms, key lifetime and the source IP address. One SA for each connection.

SPI – Security parameter index – And index that keeps track of the different SAs and tells the divide which one is appropriate to invoke.

ISAKMP – Internet Security Association and Key Management Protocol – An authentication

and key exchange architecture that is independent of the type of keying mechanisms used.

**Attacks**

Ciphertext-only attack: The attacker has the ciphertext of several messages. Each of the messages has been encrypted using the same encryption algorithm.

Known-plaintext only: The attacker has the plaintext and ciphertext of one or more messages.

Chosen-plaintext attack: The attacker has the plaintext and ciphertext and can choose the plaintext that gets encrypted.

Chosen-ciphertext attack: The attacker can choose the ciphertext to be decrypted and has access to the resulting decrypted plaintext.

Man-in-the-middle attack: Eavesdropping on different conversations. Using digital signatures during the session-key exchange can circumvent the attack.

Dictionary attacks: Takes a password file with on-way function values and then takes the most commonly used passwords and run them through the same one-way function. These files are then compared.

Replay attack: An attacker copies a ticket and breaks the encryption and then tries to impersonate the client and resubmit the ticket at a later time to gain unauthorized access to a resource.