Basic Cryptography

1
Basic Cryptography
2
Topics

• Encryption
• Kerckhoffs principle
• Symmetric key
• Asymmetric key
• Authentication
• PKI
• Various types of attacks

3
Encryption

• Alice wants to communicate a message securely to
  Bob
• Eve has the ability to eavesdrop on the channel
  used by Alice and Bob
• Alice uses key Ke to encrypt the message
• Alice must communicate the key Ke to Bob through
  some other channel that Eve is not watching
• AlicetoBob encryption is symmetric

4
Encryption

• We use m to denote plain text (or message)
• C E(Ke, m) is the cipher text of m using key Ke
• When Alice sends C, Eve copies C before Bob
  gets it

5
Encryption

• Eve will not know what the message is, as she
  does not have the key Ke to decrypt
• Eve has the option of trying several possible
  keys to decrypt
• Bob must know the decryption algorithm as well as
  the key Ke to decrypt
• Kerckhoffs principle encryption must depend on
  the secrecy of the key and not the algorithm

6
Encryption

• Why should the algorithm be open?
• Algorithms are usually used in software or
  firmware
• Algorithms are used for a long period of time
• Crypto systems are built for use by large number
  of people who could use the same algorithm but
  with different keys
• Open algorithms build confidence in users

7
Authentication

• Bob may expect a message from Alice
• Eve could intercept the message and change it
  before forwarding it to Bob
• In order for Bob to be sure that the message came
  from Alice, Bob needs some form of authentication
• Authentication is similar to encryption, in that
  it uses a different key to produce a special
  value called Message Authentication Code (MAC)
• MAC is obtained using a hash function
• Alice and Bob agree on a hash function when they
  agree on the key Ke

8
Authentication

• Assume that the authentication key is Ka
• Alice sends both the cipher text C and the MAC
  value a
• Bob calculates the plain text m first using Ke.
  Bob calculates a using the agreed upon hash
  function. If calculated MAC matches the received
  MAC, Bob assumes that Alice sent the message
• a h(Ka, m), MAC value

9
Authentication

• If Eve changes the message m to m, then Bobs
  calculated MAC will not match the received MAC
• Bob will discard the message m
• Assume Eve intercepts message from Alice to Bob
• Bob does not know a message was sent
• Eve works on the message to decrypt
• Eve plays back the old message to Bob
• With some minor success, Eve might try to get a
  reply from Bob to validate her guess for the key

10
Authentication

• In the above scenario, Bob must recognize that
  the message has come out of sequence
• Using message numbers Bob will know that the
  message is out of sequence and discard message
• For secure communication, Alice and Bob need a
  key, a hash function, and message numbering

11
Authentication

• Common mistake Encryption ensures secure
  communication

12
Public key encryption

• Why we need public key encryption?
• Alice may want to communicate with Bob and 10
  other people
• Alice shares her secret key with all 11 people
• If any one of the 11 persons is untrustworthy,
  then the key is compromised
• It is not practical for Alice to have 11 separate
  secret keys
• If every pair of persons in the above scenario
  uses a separate key, how many keys will be needed?

13
Public key encryption

• Alice and Bob register with a trusted third party
  (TTP)
• TTP provides a public, private key pair for each
  individual
• Any message m encrypted with the public key Kp
  can be decrypted using only the corresponding
  private key Ks
• C E(Kp, m) and m D(Ks, C)
• Public key can be used with any number of users

14
Public key encryption

• Is public key then the preferred solution?
• Answer is No in general because public key is
• Complex
• Slow
• Expensive
• Preferred solution is the best of both methods
  scenario
• Use a symmetric key but communicate the symmetric
  key using the public key encryption
• Untrustworthy partners could still compromise the
  key but in such cases the symmetric key could be
  changed quickly

15
Digital Signatures

• Digital signatures are the public key equivalent
  of MAC
• Alice uses her secret key Ks to sign the message,
  creating the value s (similar to the MAC). The
  algorithm to create s is made public by the TTP.
• Bob or any one else can use Alices public key Kp
  with the verification algorithm provided by TTP
  to find s, thus authenticating the message

16
Digital Signatures

• Digital signature works in theory to authenticate
  a user
• Digital signature is a legal entity in U.S. and
  many other countries
• Usually digital signatures are computed by
  complex algorithms by the senders computer
• This opens up the potential excuse that some one
  hacked the system to generate the digital
  signature without the knowledge of the secret key
  owner

17
PKI

• Public Key Infrastructure (PKI) is a government
  initiative to protect computer systems
• Developed in the 1970s but has not been widely
  accepted. However, parts of the system are in
  extensive use today. These are Digital
  Certificates and Digital Signatures.
• Digital Certificates are given by trusted third
  parties, known as Certificate Authorities (CAs).
  Verisign (an offshoot of RSA) is a CA. Any
  organization can be a CA as long as there are
  people willing to believe their assessment of
  authenticity.

18
PKI

• PKI creates a TTP called the Certificate
  Authority (CA)
• Without CA, any one can generate public key and
  pretend that to be that of another person
• CAs generate certificates that help verify the
  public key
• Verisign is a CA
• In reality, any organization could be a CA as
  long as there are people who will trust its
  certificate

19
PKI

• Secure Socket Layer (SSL) uses PKI
• Verisign provides most of the certificates
• Verisign backs its certificates only up to a 100
  liability

20
Digital Certificates

• Issued by trusted third parties known as
  Certificate Authorities (CAs)
• Verisign is a trusted third party (TTP)
• Used to authenticate an individual or an
  organization
• Digital Certificates are usually given for a
  period of one year
• They can be revoked
• It is given at various security levels. Higher
  the security level, the CA verifies the
  authenticity of the certificate seeker more.

21
Digital Certificates

• Digital Certificates can be issued by any one as
  long as there are people willing to believe them
• Major CAs are
• Verisign
• GeoTrust
• BeTrusted
• Thawte

22
Digital Certificates

• Digital Certificates are part of the
  authentication mechanism. The other part is
  Digital Signature.
• When a user uses the digital signature, the user
  starts with their private key and encrypts the
  message and sends it. The receiver uses the
  senders public key and decrypts the message
• In traditional encryption, the sender uses the
  public key of the receiver and encrypts the
  message and sends it and the receiver decrypts
  the message with their private key

23
Digital Certificates

• Additional authentication means used by CAs are
• Security token
• Passive token
• Active token
• One time password

24
Digital Certificates

• Security token is usually a hardware device such
  as a Smart Card
• If the security token is a software token, it is
  usually associated with a particular workstation
• Security tokens use two-factor authentication
  using a password and a device (or an appropriate
  hardware identifier)

25
Digital Certificates

• Passive token is a storage device that holds
  multiple keys. Appropriate key is transmitted
  using the transmission device used.
• Inexpensive to manufacture
• Sometimes an extra PIN is required to use the
  passive token
• Examples
• Garage door opener
• ATM card

26
Digital Certificates

• An Active token does not transmit any data,
  unlike a passive token
• Active tokens create another form of the base key
  (such as one-time password) or an encrypted form
  of the base key
• Smart cards are commonly used for active tokens

27
Digital Certificates

• A One-time password has a limited duration
  validity on a single use
• Generated using a counter-based token or a
  clock-based token
• Counter-based token is an active token that
  generates a one-time password based on a counter
  in the server and the secret key of the user
• Clock-based token is an active token that
  generates one-time passwords based on the server
  clock

28
Attacks

• Attacks on information systems can be protected
  using cryptography
• Ciphertext-only attack attacker discovers the
  encryption key using means such as cryptanalysis
• Known plaintext attack attacker knows both the
  plaintext and the associated encrypted text but
  not the encryption key
• E.g., in wireless networks the access point gives
  these types of information

29
Attacks

• Chosen plaintext attack attacker chooses the
  plaintext and is able to get the corresponding
  ciphertext
• E.g., in businesses information obtained from a
  vendor is passed onto a partner. Vendor
  information gets encrypted and passed onto
  partner. Attacker could emulate the vendor and
  choose the plaintext and see how it gets
  encrypted.

30
Attacks

• Chosen ciphertext attack attacker chooses both
  the plaintext and the ciphertext. Basically, the
  attacker can choose an encryption method for
  getting the ciphertext but does not have access
  to the key
• In this method, the attacker can choose a
  ciphertext and get its corresponding plaintext as
  well

31
Attacks

• Birthday attack it means that in a room with 23
  or more people there is a 50 probability that
  two people will have the exact birth date. For
  our purposes, this means that data collisions
  come faster than expected
• E.g., in a 64-bit authentication key system there
  are 264 ? 18 billion possible keys. But
  collisions occur after 232 ? 4 billion
  transactions.

32
Attacks

• Hacker watches the initial transactions which is
  usually Are you ready to receive?
• Authentication keys may be different for each
  transaction but they happen to repeat after a
  while
• Two transactions with the same authentication key
  use the same MAC value
• Once an authentication key is known the hacker
  can insert any message with the authentication
  key and hope to get it accepted

33
Attacks

• Meet-in-the-middle attack variation of birthday
  attack
• Attacker pre-calculates 232 random 64-bit keys
  and determines their MAC value for the message
  Are you ready to receive?. The results are
  stored in a table.
• Attacker keeps listening to traffic and compares
  the MAC value in the table with the MAC value in
  the transaction for the first message. Using the
  collision principle described above, one MAC
  value has to repeat and the hacker picks up the
  key based on that single repeat value.

34
Performance

• Security is not cheap
• Cryptographic methods consume resources
• Business practices demand speed
• Security demands validation
• There are many insecure but fast systems
• Half measures in security cost nearly as much as
  full measures

35
Complexity

• Development environment today follows the
  test-and-fix model
• Systems get complex
• Complexity is the worst enemy of security
• Correctness of a process must be local
• Do not expect systems to cross check and provide
  security