ccna security 012- cryptographic systems
DESCRIPTION
CCNA Security 640-554 By Eng-Ahmed SultanTRANSCRIPT
1© 2009 Cisco Learning Institute.
11- Cryptographic Systems
Ahmed Sultan CCNA | CCNA Security | CCNP Security | JNCIA-Junos | CEH
222© 2009 Cisco Learning Institute.
Secure Communications
• Traffic between sites must be secure
• Measures must be taken to ensure it cannot be altered, forged, or deciphered if intercepted
MARS
Remote BranchVPN
VPN
Iron Port
Firewall
IPS
CSA
Web Server
Email Server DNS
CSACSA CSA
CSA
CSA
CSA
CSA
333© 2009 Cisco Learning Institute.
Authentication
• An ATM Personal Information Number (PIN) is required for authentication.
• The PIN is a shared secret between a bank account holder and the financial institution.
444© 2009 Cisco Learning Institute.
Integrity
• An unbroken wax seal on an envelop ensures integrity.
• The unique unbroken seal ensures no one has read the contents.
555© 2009 Cisco Learning Institute.
Confidentiality
• Julius Caesar would send encrypted messages to his generals in the battlefield.
• Even if intercepted, his enemies usually could not read, let alone decipher, the messages.
I O D Q N H D V W
D W W D F N D W G D Z Q
666© 2009 Cisco Learning Institute.
Transposition Ciphers
F...K...T...T...A...W..L.N.E.S.A.T.A.K.T.A.N..A...A...T...C...D...
Ciphered Text
3FKTTAW
LNESATAKTANAATCD
The clear text message would be encoded using a key of 3.
1FLANK EAST
ATTACK AT DAWN
Use a rail fence cipher and a key of 3.
2
The clear text message would appear as follows.
Clear Text
777© 2009 Cisco Learning Institute.
Substitution CiphersCaesar Cipher
Cipherered text
3IODQN HDVW
DWWDFN DW GDZQ
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
The clear text message would be encoded using a key of 3.
1FLANK EAST
ATTACK AT DAWN
Shift the top scroll over by three characters (key of 3), an A becomes D, B becomes E, and so on.
2
The clear text message would be encrypted as follows using a key of 3.
Clear text
888© 2009 Cisco Learning Institute.
Cipher Wheel
Cipherered text
3IODQN HDVW
DWWDFN DW GDZQ
The clear text message would be encoded using a key of 3.
1FLANK EAST
ATTACK AT DAWN
Shifting the inner wheel by 3, then the A becomes D, B becomes E, and so on.
2
The clear text message would appear as follows using a key of 3.
Clear text
999© 2009 Cisco Learning Institute.
Cryptanalysis Methods
Known Ciphertext
Brute Force Attack
With a Brute Force attack, the attacker has some portion of ciphertext. The attacker attempts to unencrypt the ciphertext with all possible keys.
Successfully Unencrypted
Key found
101010© 2009 Cisco Learning Institute.
Mat-in-the-Middle Attack
With a Man-in-the-Middle attack, the attacker has some portion of text in both plaintext and ciphertext. The attacker attempts to unencrypt the ciphertext with all possible keys while at the same time encrypt the plaintext with another set of possible keys until one match is found.
Known Ciphertext Known PlaintextUse every possible decryption key until a result is found matching the corresponding plaintext.
Use every possible encryption key until a result is found matching the corresponding ciphertext.
MATCH of Ciphertext!
Key found
111111© 2009 Cisco Learning Institute.
Defining Cryptology
Cryptography
Cryptology
+
Cryptanalysis
121212© 2009 Cisco Learning Institute.
Cryptanalysis
131313© 2009 Cisco Learning Institute.
Cryptographic Hashes, Protocols,and Algorithm Examples
IntegrityIntegrity AuthenticationAuthentication ConfidentialityConfidentiality
MD5SHA
HMAC-MD5HMAC-SHA-1RSA and DSA
DES3DESAESSEAL
RC (RC2, RC4, RC5, and RC6)
HASH HASH w/Key
Encryption
141414© 2009 Cisco Learning Institute.
Hashing Basics
• Hashes are used for integrity assurance.
• Hashes are based on one-way functions.
• The hash function hashes arbitrary data into a fixed-length digest known as the hash value, message digest, digest, or fingerprint.
Data of ArbitraryLength
Fixed-LengthHash Value e883aa0b24c09f
151515© 2009 Cisco Learning Institute.
Hashing Properties
XWhy is x not inParens?
h e883aa0b24c09f
H
(H)Why is H inParens?
= (x)h
Hash Value
Hash Function
Arbitrary length text
161616© 2009 Cisco Learning Institute.
Hashing in Action
• Vulnerable to man-in-the-middle attacks- Hashing does not provide security to transmission.
• Well-known hash functions- MD5 with 128-bit hashes- SHA-1 with 160-bit hashes
Pay to Terry Smith $100.00
One Hundred and xx/100 Dollars
Pay to Alex Jones $1000.00
One Thousand and xx/100 Dollars
4ehIDx67NMop9 12ehqPx67NMoX
Match = No changesNo match = Alterations
Internet
I would like to cash this check.
171717© 2009 Cisco Learning Institute.
MD5
• MD5 is a ubiquitous hashing algorithm
• Hashing properties
- One-way function—easy to compute hash and infeasible to compute data given a hash
- Complex sequence of simple binary operations (XORs, rotations, etc.) which finally produces a 128-bit hash.
MD5
181818© 2009 Cisco Learning Institute.
SHA
• SHA is similar in design to the MD4 and MD5 family of hash functions
- Takes an input message of no more than 264 bits
- Produces a 160-bit message digest
• The algorithm is slightly slower than MD5.
• SHA-1 is a revision that corrected an unpublished flaw in the original SHA.
• SHA-224, SHA-256, SHA-384, and SHA-512 are newer and more secure versions of SHA and are collectively known as SHA-2.
SHA
191919© 2009 Cisco Learning Institute.
Hashing Example
In this example the clear text entered is displaying hashed results using MD5, SHA-1, and SHA256. Notice the difference in key lengths between the various algorithm. The longer the key, the more secure the hash function.
202020© 2009 Cisco Learning Institute.
Features of HMAC
• Uses an additional secret key as input to the hash function
• The secret key is known to the sender and receiver
- Adds authentication to integrity assurance
- Defeats man-in-the-middle attacks
• Based on existing hash functions, such as MD5 and SHA-1.
The same procedure is used for generation and verification of secure fingerprints
Fixed Length Authenticated Hash Value
+ Secret Key
Data of ArbitraryLength
e883aa0b24c09f
212121© 2009 Cisco Learning Institute.
HMAC Example
Data
HMAC(Authenticated
Fingerprint)
SecretKey
Pay to Terry Smith $100.00
One Hundred and xx/100 Dollars
4ehIDx67NMop9
Pay to Terry Smith $100.00
One Hundred and xx/100 Dollars
4ehIDx67NMop9
Received Data
HMAC(Authenticated
Fingerprint)
Secret Key
4ehIDx67NMop9
Pay to Terry Smith $100.00
One Hundred and xx/100 Dollars
If the generated HMAC matches the sent HMAC, then integrity and authenticity have been verified.
If they don’t match, discard the message.
222222© 2009 Cisco Learning Institute.
Using Hashing
• Routers use hashing with secret keys
• IPSec gateways and clients use hashing algorithms
• Software images downloaded from the website have checksums
• Sessions can be encrypted
Fixed-Length Hash Value
e883aa0b24c09f
Data Integrity
Entity Authentication
Data Authenticity
232323© 2009 Cisco Learning Institute.
Keyspace
DES Key Keyspace # of Possible Keys
56-bit256
11111111 11111111 11111111
11111111 11111111 11111111 11111111
72,000,000,000,000,000
57-bit
257
11111111 11111111 11111111
11111111 11111111 11111111 11111111 1
144,000,000,000,000,000
58-bit258
11111111 11111111 11111111
11111111 11111111 11111111 11111111 11
288,000,000,000,000,000
59-bit
259
11111111 11111111 11111111
11111111 11111111 11111111 11111111 111
576,000,000,000,000,000
60-bit260
11111111 11111111 11111111
11111111 11111111 11111111 11111111 1111
1,152,000,000,000,000,000For each bit added to the DES key, the attacker would require twice the amount of time to search the keyspace.
Longer keys are more secure but are also more resource intensive and can affect throughput.
With 60-bit DES an attacker would
require sixteen more time than
56-bit DES
Twice asmuch time
Four time asmuch time
242424© 2009 Cisco Learning Institute.
Types of Keys
2242242432112Protection up to 20 years
192192177696Protection up to 10 years
160160124880Protection up to 3 years
HashDigital Signature
Asymmetric Key
Symmetric Key
2562563248128Protection up to 30 years
51251215424256Protection against quantum computers
Calculations are based on the fact that computing power will continue to grow at its present rate and the ability to perform brute-force attacks will grow at the same rate.
Note the comparatively short symmetric key lengths illustrating that symmetric algorithms are the strongest type of algorithm.
252525© 2009 Cisco Learning Institute.
Shorter keys = faster processing, but less secure
Longer keys = slower processing, but more secure
Key Properties
262626© 2009 Cisco Learning Institute.
Symmetric Encryption
• Best known as shared-secret key algorithms
• The usual key length is 80 - 256 bits
• A sender and receiver must share a secret key
• Faster processing because they use simple mathematical operations.
• Examples include DES, 3DES, AES, IDEA, RC2/4/5/6, and Blowfish.
Key Key
Encrypt Decrypt$1000 $1000$!@#IQ
Pre-shared key
272727© 2009 Cisco Learning Institute.
Symmetric Algorithms
Symmetric Encryption Algorithm
Key length(in bits)
Description
DES 56
Designed at IBM during the 1970s and was the NIST standard until 1997.Although considered outdated, DES remains widely in use. Designed to be implemented only in hardware, and is therefore extremely slow in software.
3DES 112 and 168
Based on using DES three times which means that the input data is encrypted three times and therefore considered much stronger than DES.However, it is rather slow compared to some new block ciphers such as AES.
AES 128, 192, and 256Fast in both software and hardware, is relatively easy to implement, and requires little memory. As a new encryption standard, it is currently being deployed on a large scale.
Software Encryption
Algorithm (SEAL)160
SEAL is an alternative algorithm to DES, 3DES, and AES. It uses a 160-bit encryption key and has a lower impact to the CPU when compared to other software-based algorithms.
The RC series
RC2 (40 and 64)RC4 (1 to 256)
RC5 (0 to 2040)RC6 (128, 192,
and 256)
A set of symmetric-key encryption algorithms invented by Ron Rivest. RC1 was never published and RC3 was broken before ever being used. RC4 is the world's most widely used stream cipher. RC6, a 128-bit block cipher based heavily on RC5, was an AES finalist
developed in 1997.
282828© 2009 Cisco Learning Institute.
Asymmetric Encryption
• Also known as public key algorithms
• The usual key length is 512–4096 bits
• A sender and receiver do not share a secret key
• Relatively slow because they are based on difficult computational algorithms
• Examples include RSA, ElGamal and DH.
Encryption Key Decryption Key
Encrypt Decrypt$1000 $1000%3f7&4
Two separate keys which are
not shared
292929© 2009 Cisco Learning Institute.
How Asymmetric Encryption works ?
Computer A
B Private Key
Can I get your Public Key please?
Here is my Public Key.
Computer B Public Key
Computer A Public Key
Computer B
Computer A acquires Computer B’s public key
Computer A uses Computer B’spublic key to encrypt a messageusing an agreed-upon algorithm
Computer A transmits The encrypted messageto Computer B
Computer B uses its private key todecrypt and reveal the message
A Private Key
303030© 2009 Cisco Learning Institute.
Asymmetric Key Algorithms
Key length
(in bits)Description
DH512, 1024,
2048
Invented in 1976 by Whitfield Diffie and Martin Hellman. Two parties to agree on a key that they can use to encrypt messages The assumption is that it is easy to raise a number to a certain power, but difficult to compute which power was used given the number and the outcome.
Digital Signature Standard (DSS) and
Digital Signature Algorithm (DSA)
512 - 1024Created by NIST and specifies DSA as the algorithm for digital signatures. A public key algorithm based on the ElGamal signature scheme.Signature creation speed is similar with RSA, but is slower for verification.
RSA encryption algorithms
512 to 2048
Developed by Ron Rivest, Adi Shamir, and Leonard Adleman at MIT in 1977Based on the current difficulty of factoring very large numbersSuitable for signing as well as encryption Widely used in electronic commerce protocols
EIGamal 512 - 1024
Based on the Diffie-Hellman key agreement. Described by Taher Elgamal in 1984and is used in GNU Privacy Guard software, PGP, and other cryptosystems. The encrypted message becomes about twice the size of the original message and for this reason it is only used for small messages such as secret keys
313131© 2009 Cisco Learning Institute.
Digital Signatures
• The signature is authentic and not forgeable: The signature is proof that the signer, and no one else, signed the document.
• The signature is not reusable: The signature is a part of the document and cannot be moved to a different document.
• The signature is unalterable: After a document is signed, it cannot be altered.
• The signature cannot be repudiated: For legal purposes, the signature and the document are considered to be physical things. The signer cannot claim later that they did not sign it.