cryptography & security presented april 16, 2010 by dave stycos, zocalo data systems
TRANSCRIPT
Cryptography & SecurityPresented April 16, 2010
By Dave Stycos, Zocalo Data Systems
Classes of Encryption
• Symmetric Encryption
• Hashing
• Random Number Generation
• Asymmetric Encryption (Public Key)
Symmetric Algorithms• Use a secret key to both encrypt and decrypt
• Are fast
• Operate on fixed-size blocks (8 or 16 bytes)
• DES, Triple-DES, AES, RC4, Blowfish
Symmetric Modes
• Electronic Code Book (ECB)
• Cipher Block Chaining (CBC)
• Output Feedback (OFB)
• Cipher Feedback (CFB)
• Counter (CTR)
• More …
Electronic Code Book (ECB)
Encrypted Using ECB Mode
Cipher Block Chaining (CBC)
Encrypted Using CBC Mode
Initialization Vector
• Not secret
• Must be unique for each stream or file.
• Reused IVs reveal patterns in the first blocks of ciphertext.
Common File Headers
• PDFs %PDF-1.3
• JPEG JFIF
• EXE MZ
Therefore, IVs must be unique for each key!
CBC Weaknesses
• One bad block corrupts the chain
• Only sequential access
• Unsuitable for stream ciphers
Block vs. Stream Ciphers
• Block Ciphers
– Operate on data of known, finite size
– Files, hard drives
• Stream Ciphers
– Operate on data of unknown, indefinite size
– Network flow, media
Cipher Feedback (CFB)
• Symmetric cipher is a pseudo-random number generator.
• Plaintext XOR’ed with PRN, not encrypted by cipher.
Counter (CTR)
Common Weaknesses
• Key Secrecy
• Key Quality
What Is Key Quality?
• Computational infeasibility of brute-force attack
What Is Key Quality?
• Computational infeasibility of brute-force attack
• DES Key: 56-bits = 72,057,594,037,927,936 keys
Security of 56 Bit DES?
• 29 PCBs of 64 ASICs = 1856 ASICs!
• Checked +90b keys/s 9 days
• Built by EFF in 1998 for $250,000
Advanced Encryption Standard (AES)
• AES Key: 128-bits = 3.402 e+38 = 340,282,366,920,938,463,463,374,607,431,770,000,000
Advanced Encryption Standard (AES)
• AES Key: 128-bits = 3.402 e+38 = 340,282,366,920,938,463,463,374,607,431,770,000,000
• AES Key: 192-bits = 6.277 e+57 = 6,277,101,735,386,680,763,835,789,423,207,700,000,000,000,000,000,000,000,000
Advanced Encryption Standard (AES)
• AES Key: 128-bits = 3.402 e+38 = 340,282,366,920,938,463,463,374,607,431,770,000,000
• AES Key: 192-bits = 6.277 e+57 = 6,277,101,735,386,680,763,835,789,423,207,700,000,000,000,000,000,000,000,000
• AES Key: 256-bits = 1.157 e+77 = 115,792,089,237,316,195,423,570,985,008,690,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000
Measuring Key Quality
EntropyThe likelihood of selecting any single
key out of all possible keys.
How to Measure Entropy?
0x50615373576F5264
How to Measure Entropy?
0x50 61 53 73 57 6F 52 64 P a S s W o R d
How to Measure Entropy?
0x50 61 53 73 57 6F 52 64 P a S s W o R d
• Many keys are derived from passwords.
• Memorizable pwds = negative effect on entropy.
Entropy of Passwords
• 64-bits = 1.8 E+19 = 18,446,744,073,709,551,616 keys
Entropy of Passwords
• 64-bits = 1.8 E+19 = 18,446,744,073,709,551,616 keys
• 8 chars of lower, upper, numeric = 62^8 = 218,340,105,584,896
Entropy of Passwords
• 64-bits = 1.8 E+19 = 18,446,744,073,709,551,616 keys
• 8 chars of lower, upper, numeric = 62^8 = 218,340,105,584,896 ~ 47 bits
Entropy of Passwords
• 64-bits = 1.8 E+19 = 18,446,744,073,709,551,616 keys
• 8 chars of lower, upper, numeric = 62^8 = 218,340,105,584,896 ~ 47 bits
– Deep Crack Brute Force in 40 minutes!
Entropy of Passwords
• 64-bits = 1.8 E+19 = 18,446,744,073,709,551,616 keys
• 8 chars of lower, upper, numeric = 62^8 = 218,340,105,584,896 ~ 47 bits
– Deep Crack Brute Force in 40 minutes!
• 8 chars of alpha-only = 52^8 = 53,459,728,531,456 ~ 45 bits
Entropy of Passwords
• 64-bits = 1.8 E+19 = 18,446,744,073,709,551,616 keys
• 8 chars of lower, upper, numeric = 62^8 = 218,340,105,584,896 ~ 47 bits
– Deep Crack Brute Force in 40 minutes!
• 8 chars of alpha-only = 52^8 = 53,459,728,531,456 ~ 45 bits
• 8 chars, lower-only = 26^8 = 208,827,064,576 ~ 37 bits
Measuring Key Entropy
Dictionary Attacks
• Reduce entropy by leveraging language patterns
Dictionary Attacks
• Reduce entropy by leveraging language patterns
• Merriam-Webster: 250,000 words 250,000 special/scientific 250,000 proper nouns (?) - 1,000 words that are <5 characters= 740,000 ~ 19 bits
Dictionary Attacks
• Reduce entropy by leveraging language patterns
• Merriam-Webster: 250,000 words 250,000 special/scientific 250,000 proper nouns (?) - 1,000 words that are <5 characters= 740,000 ~ 19 bits
• Random use of upper and lower case – Add one bit per char length (max)
• Random use of upper, lower and numbers – Add ~1.5 bits per char length (max)
Cryptographic Hashing
• Works like a CRC or checksum
• Impossible to reverse
• 128, 160 and 256 bits long
• Small changes in the plaintext create vast changes in the hash
• MD5, SHA-1, SHA-256
Hashing Applications
• Validating data– Verifying download packages (md5sum)
• Increasing key entropy– 2n hash operations adds n bits of entropy
• Obscuring passwords
Sending Passwords in the Clear
Obscuring Passwords
“hello”
hash
3401 a6f3 9ee0 82c4 c62b8827 bd6e 9916 0ac3 4a3d
3401 a6f3 9ee0 82c4 c62b8827 bd6e 9916 0ac3 4a3d
Replay Attack
“hello”
hash
3401 a6f3 9ee0 82c4 c62b8827 bd6e 9916 0ac3 4a3d
3401 a6f3 9ee0 82c4 c62b8827 bd6e 9916 0ac3 4a3d
3401 a6f3 9ee0 82c4 c62b8827 bd6e 9916 0ac3 4a3d
Challenge-Response Protocol
3401 a6f3 9ee0 82c4 c62b8827 bd6e 9916 0ac3 4a3d
2151 B9B9 0BD3 FEFA A626 9451 5A44 54F5 9950 ADC6
Challenge
User’s Workstation
2151 B9B9 0BD3 FEFA A626 9451 5A44 54F5 9950 ADC6
Server
Challenge-Response Protocol
3401 a6f3 9ee0 82c4 c62b8827 bd6e 9916 0ac3 4a3d
Response User’s Workstation
2151 B9B9 0BD3 FEFA A626 9451 5A44 54F5 9950 ADC6
Server
“hello”
hash
3401 a6f3 9ee0 82c4 c62b8827 bd6e 9916 0ac3 4a3d
hash
AD58 A056 57C6 C6C5 EFBC 1029 34DB 7F59 7180 8AD4
AD58 A056 57C6 C6C5 EFBC 1029 34DB 7F59 7180 8AD4
2151 B9B9 0BD3 FEFA A626 9451 5A44 54F5 9950 ADC6 hash
Challenge-Response Protocol
3401 a6f3 9ee0 82c4 c62b8827 bd6e 9916 0ac3 4a3d
Response User’s Workstation
2151 B9B9 0BD3 FEFA A626 9451 5A44 54F5 9950 ADC6
Server
“hello”
hash
3401 a6f3 9ee0 82c4 c62b8827 bd6e 9916 0ac3 4a3d
hash
AD58 A056 57C6 C6C5 EFBC 1029 34DB 7F59 7180 8AD4
AD58 A056 57C6 C6C5 EFBC 1029 34DB 7F59 7180 8AD4
2151 B9B9 0BD3 FEFA A626 9451 5A44 54F5 9950 ADC6 hash
NTLM Authentication
“hello”
LM Hash
3401 a6f3 9ee0 82c4 bd6e 9916 0ac3 4a3d
3401 a6f3 9ee0 82 c4 bd6e 9916 0ac3 4a3d
7 bytes 7 bytes 2 bytes
16 bytes
DES
2151 B9B9 0BD3 FEFA
Server Challenge (8 bytes)
DES DES
AD58 A056 57C6 C6C5
Client Response #1 (24 bytes)
8827 bd6e 9916 0ac3 3401 a6f3 9ee0 82c4
“hello”
LM Hash
3401 a6f3 9ee0 82c4 bd6e 9916 0ac3 4a3d
3401 a6f3 9ee0 82 c4 bd6e 9916 0ac3 4a3d
7 bytes 7 bytes 2 bytes
16 bytes
DES
2151 B9B9 0BD3 FEFA
Server Challenge (8 bytes)
DES DES
AD58 A056 57C6 C6C5
Client Response #1 (24 bytes)
8827 bd6e 9916 0ac3 3401 a6f3 9ee0 82c4
!
NTLM Authentication
0000 0000 00
Recommended Reading
• “Applied Cryptography” By Bruce Schneier
• “Practical Cryptography” By Bruce Schneier
• “Secrets and Lies” By Bruce Schneier
• “Cryptographic Security Architecture” By Peter Gutmann
• “Parallelizable Enciphering Mode” By Phillip Rogaway
Organizations• Commercial
– Schneier.com• CryptoGram & blog
– RSA, Inc. (rsa.com)• PKCS
– Internet Engineering Taskforce (ietf.org)• RFCs
– ANSI, ISO, IEEE, W3C
• Government– Natl. Inst. of Standards & Tech.
(nist.gov)• FIPS & SP-800 documents
– Natl. Security Agency (NSA)
Happy Crypting!
Presentation Created By Dave StycosApril, 2010
© 2010, Zocalo Data Systems, Ltd.