logging in or signing up ch12 Mikhail Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINTLite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 2731 Category: Entertainment License: All Rights Reserved Like it (1) Dislike it (0) Added: January 05, 2008 This Presentation is Public Favorites: 1 Presentation Description No description available. Comments Posting comment... By: 2143 (14 month(s) ago) plzzz........can u snd this ppt to adarsh21292@gmail.com Saving..... Post Reply Close Saving..... Edit Comment Close By: jmpk (19 month(s) ago) send all matrial regarding to ethical hacking to tis mail ... praveenkumar.jm@gmail.com Saving..... Post Reply Close Saving..... Edit Comment Close By: jmpk (19 month(s) ago) plz send tis to my mail.... praveenkumar.jm@gmail.com Saving..... Post Reply Close Saving..... Edit Comment Close By: dabudz (20 month(s) ago) I have view the presentation and i was moved , i would like to present this my students here at the school, the problem is that the net connection is not yet possible ... i would like to request permission to obtain a copy of this presentation to be used as a material here. thank you . my email is archangel_oliver@yahoo.com Saving..... Post Reply Close Saving..... Edit Comment Close By: neelkanth39 (27 month(s) ago) allow me to download Saving..... Post Reply Close Saving..... Edit Comment Close loading.... See all Premium member Presentation Transcript Hands-On Ethical Hacking and Network Defense: Hands-On Ethical Hacking and Network Defense Chapter 12 CryptographyObjectives: Objectives Describe the history of cryptography Describe symmetric and asymmetric cryptography algorithms Explain public key infrastructure (PKI) Describe possible attacks on cryptosystemsUnderstanding Cryptography Basics: Understanding Cryptography Basics Cryptography is the process of converting plaintext into ciphertext Plaintext: readable text (also called cleartext) Ciphertext: unreadable or encrypted text Cryptography is used to hide information from unauthorized users Decryption is the process of converting ciphertext back to plaintext History of Cryptography: History of Cryptography Cryptography has been around for thousands of years Some Egyptian hieroglyphics were encrypted The Book of Jeremiah was written using a substitution cipher Substitution cipher Replaces one letter with another letter based on a key Example: Julius Caesar’s Cipher Used a key value of 3 History of Cryptography (continued): History of Cryptography (continued) Cryptanalysis studies the process of breaking encryption algorithms When a new encryption algorithm is developed, cryptanalysts study it and try to break it Or prove that it is impractical to break it (taking much time and many resources) The War Machines: The War Machines Enigma Developed by Arthur Scherbius Used by the Germans during World War II Enigma substituted each letter typed by an operator Substitutions were computed using a key and a set of switches or rotors The code was broken first by a group of Polish cryptographers The machine for breaking the code was called the “Bombe”The War Machines (continued): The War Machines (continued) The Purple Machine Developed and used by the Japanese during World War II Employed techniques discovered by Herbert O. Yardley The code was broken by William Frederick Friedman Known as the “Father of U.S. Cryptanalysis” Steganography is the process of hiding data in plain view in pictures, graphics, or textUnderstanding Symmetric and Asymmetric Algorithms: Understanding Symmetric and Asymmetric Algorithms An algorithm is a mathematical function or program that works with a key The strength of the algorithm and the secrecy of the key determine how secure the encrypted data is A key is a sequence of random bits generated from a range of allowable values called a keyspace The larger the keyspace, the more random sequenced keys that can be created The more random keys that can be created, the more difficult it is for hackers to guess the keySymmetric Cryptography Algorithms: Symmetric Cryptography Algorithms Symmetric algorithms have one key that encrypts and decrypts data Disadvantages A symmetric cryptosystem needs n(n-1)/2 keys Where n is the number of users Symmetric keys must remain secret This creates a key distribution problem Symmetric algorithms don’t support authenticity and nonrepudiationSymmetric Cryptography Algorithms (continued): Symmetric Cryptography Algorithms (continued) Advantages Symmetric algorithms are fast They are perfect mechanisms for encrypting large blocks of data quickly They are difficult to break if a large key size is used Types of symmetric algorithms Stream ciphers Operate on plaintext one bit at a time Block ciphers Operate on blocks of plaintextData Encryption Standard (DES): Data Encryption Standard (DES) National Institute of Standards and Technology (NIST) Wanted a means of protecting sensitive but unclassified data Invited vendors in early 1970 to submit data encryption algorithms IBM proposed Lucifer A 128-bit encryption algorithm The National Security Agency (NSA) reduced the key size from 128 bits to 64 bits and created DESData Encryption Standard (DES) (continued): Data Encryption Standard (DES) (continued) In 1988, NSA thought the standard was at risk to be broken In 1998, a computer system was designed to break the encryption key in only three daysTriple DES (3DES): Triple DES (3DES) Triple Data Encryption System (3DES) 3DES served as a quick fix to the vulnerabilities of DES 3DES performed a complex computation on the data that made it 256 times stronger than DES This improvement did have a price on performance Advanced Encryption Standard (AES): Advanced Encryption Standard (AES) In 1997, NIST again put out a request to the public for a new encryption standard The request required all submittals for a symmetric block cipher be capable of supporting 128-, 192-, and 256-bit keys There were five finalists Rijndael (winner) MARS RC6 Serpent TwofishInternational Data Encryption Algorithm (IDEA): International Data Encryption Algorithm (IDEA) Block cipher that operates on 64-bit blocks of plaintext It uses a 128-bit key Developed by Xuejia Lai and James Massey Designed to work more efficiently in computers used at home and in businesses IDEA is free for noncommercial use It is included in PGP encryption software Blowfish: Blowfish Block cipher that operates on 64-bit blocks of plaintext The key length can be as large as 448 bits Developed by Bruce Schneier RC5: RC5 Block cipher that can operate on different block sizes: 32, 64, and 128 The key size can reach 2048 bits The 32-bit key size is used only for experimentation and evaluation purposes Created by Ronald L. Rivest in 1994 for RSA Data Security Asymmetric Cryptography Algorithms: Asymmetric Cryptography Algorithms Use two keys that are mathematically related Data encrypted with one key can be decrypted only with the other key Another name for asymmetric key cryptography is public key cryptography Public key: key that can be known by the public Private key: secret key known only by the owner Provide message authenticity and nonrepudiation Authenticity validates the sender of a message Nonrepudiation means a user cannot deny sending a messageAsymmetric Cryptography Algorithms (continued): Asymmetric Cryptography Algorithms (continued) How it works User A encrypts a message with her private key and sends the message to User B User B decrypts the message with User A’s public key If confidentiality is major concern for User A User A encrypts a message with User B’s public key and sends the message to User B User B decrypts the message with his private key Asymmetric algorithms are more scalable but slower than symmetric algorithmsRSA: RSA Developed in 1977 by Ronald L. Rivest, Adi Shamir, and Leonard M. Adleman The algorithm is based on the difficulty of factoring large numbers RSA uses a one-way function to generate a key A mathematical formula that is easy to compute in one direction Many browsers that use the Secure Socket Layer (SSL) protocol use the RSA algorithmDiffie-Hellman: Diffie-Hellman Developed by Whitfield Diffie and Martin Hellman Diffie-Hellman does not provide encryption but is used for key exchange If a key is transmitted and intercepted, the network is vulnerable to attack Elliptic Curve Cryptosystems (ECC): Elliptic Curve Cryptosystems (ECC) It is an efficient algorithm requiring few resources Memory Disk space Bandwidth ECC is used for encryption as well as digital signatures and key distributionElgamal: Elgamal Public key algorithm used to Encrypt data Create digital signature Exchange secret keys Written by Taher Elgamal in 1985 The algorithm uses discrete logarithm problems Solving a discrete logarithm problem can take many years and require CPU-intensive operations Digital Signatures: Digital Signatures How it works User A encrypts a message with her private key and sends the message to User B User B decrypts the message with User A’s public key Require the use of hash values Provide message integrity, authenticity and nonrepudiationDigital Signature Standard (DSS): Digital Signature Standard (DSS) Established by the NIST in 1991 Ensures that digital signatures rather than written signatures can be verified Federal government requirements RSA and Digital Signature Algorithm (DSA) must be used for all digital signatures Hashing algorithm must be used to ensure the integrity of the message NIST required that the Secure Hash Algorithm (SHA) be usedPretty Good Privacy (PGP): Pretty Good Privacy (PGP) Developed by Phil Zimmerman as a free e-mail encryption program Zimmerman was almost arrested for his innovation Back in the mid-1990s, any kind of “unbreakable” encryption was seen as a weapon and compared to selling arms to the enemy PGP is a free public key encryption program It uses certificates similar to those in public key infrastructure (PKI) PGP does not use a centralized CA Verification of a CA is not as efficient as PKIPretty Good Privacy (PGP) (continued): Pretty Good Privacy (PGP) (continued) Algorithms supported by PGP IDEA RSA DSA Message Digest 5 (MD5) SHA-1Secure Multipurpose Internet Mail Extension (S/MIME): Secure Multipurpose Internet Mail Extension (S/MIME) Is another public key encryption standard used to encrypt and digitally sign e-mail Can encrypt e-mail messages containing attachments Can use PKI certificates for authentication S/MIME version 2 defined in RFC 2311 S/MIME version 3 defined in RFC 2633 Privacy-Enhanced Mail (PEM): Privacy-Enhanced Mail (PEM) Internet standard that is compatible with both symmetric and asymmetric methods of encryption Can use the X.509 certificate standards and encrypt messages with DES Not used as much today MIME Object Security Services (MOSS) is a newer implementation of PEMHashing Algorithms: Hashing Algorithms Take a variable-length message and produce a fixed-length value called a message digest A hash value is equivalent to a fingerprint of the message If the message is changed later, the hash value changes If two different messages produce the same hash value, it results in a collision A good hashing algorithm is one that is collision freeHashing Algorithms (continued): Hashing Algorithms (continued) SHA-1 is one of the most popular hashing algorithms SHA-1 has been broken As of March 15, 2005, the NIST recommends not using SHA applications Understanding Public Key Infrastructure (PKI): Understanding Public Key Infrastructure (PKI) PKI is a structure that consists of programs, protocols, and security protocols Uses public key cryptography PKI components Certificate: a digital document that verifies the identities of two communicating entities Contains a unique serial number and must follow the X.509 standard Public keys are issued by a certification authority (CA) A certificate that the CA issues to a company binds a public key to the recipient’s private keyExpiration, Revocation, and Suspension of Certificates: Expiration, Revocation, and Suspension of Certificates A period of validity is assigned to each certificate After that date, the certificate expires A certificate can be renewed with a new expiration date assigned If the keys are still valid and remain uncompromised Reasons to suspend or revoke a certificate A user leaves the company A hardware crash causes a key to be lost A private key is compromisedExpiration, Revocation, and Suspension of Certificates (continued): Expiration, Revocation, and Suspension of Certificates (continued) Certificate Revocation List (CRL) Contains all revoked and suspended certificates Issued by CAs Suspension of a certificate might be done when one or more parties fail to honor agreements Suspension makes it easier to restore if the parties come to an agreement at a later date Backing Up Keys: Backing Up Keys Backing up keys is critical If keys are destroyed and not backed up properly, encrypted business-critical information might be irretrievable The CA is usually responsible for backing up keys A key recovery policy is also part of the CA’s responsibility Microsoft Root CA: Microsoft Root CA Available in Windows Server 2003 and Windows 2000 Server Steps for setting up a Microsoft Root CA Install the Certificate Services Note that after installing this service the name of the domain or computer cannot change Configuring a Windows server as a CA (four options) Enterprise root CA Enterprise subordinate CA Stand-alone root CA Stand-alone subordinate CAMicrosoft Root CA (continued): Microsoft Root CA (continued) Steps for setting up a Microsoft Root CA (continued) Specify options to generate certificates, including Cryptographic Service Provider Hash algorithm Key lengthUnderstanding Cryptographic Attacks: Understanding Cryptographic Attacks Attacks studied so far are passive attacks Active attacks attempt to determine the secret key being used to encrypt plaintext Cryptographic algorithms are usually public Follows the open-source cultureBirthday Attack: Birthday Attack Old adage If 23 people are in a room, two will share the same birthday Birthday attacks are used to find the same hash value for two different inputs A birthday attack is used to reveal any mathematical weaknesses in hashing algorithms SHA-1 uses a 160-bit key Theoretically, it would require 280 computations to break SHA-1 has already been brokenMathematical Attacks: Mathematical Attacks Properties of the algorithm are attacked by using mathematical computations Categories Ciphertext-only attack The attacker has the ciphertext of several messages but not the plaintext Attacker tries to find out the key used to encrypt the messages Attacker can capture ciphertext using a sniffer program such as Ethereal or Tcpdump Mathematical Attacks (continued): Mathematical Attacks (continued) Categories (continued) Known plaintext attack The attacker has messages in both encrypted form and decrypted forms This attack is easier to perform than the ciphertext-only attack Looks for patterns in both plaintext and ciphertext Chosen-plaintext attack The attacker has access to plaintext and ciphertext Attacker has the ability to choose which message to encryptMathematical Attacks (continued): Mathematical Attacks (continued) Categories (continued) Chosen-ciphertext attack The attacker has access to the ciphertext to be decrypted and to the resulting plaintext Attacker needs access to the cryptosystem to perform this type of attackBrute Force Attack: Brute Force Attack An attacker tries to guess passwords by attempting every possible combination of letters Requires lots of time and patience Password-cracking program John the RipperMan-in-the-Middle Attack: Man-in-the-Middle Attack Attackers place themselves between the victim computer and another host computer They then intercept messages sent from the victim to the host and pretend to be the host computer This type of attack follows this process Gloria sends her public key to Bruce, and you, the attacker, intercept the key and send Bruce your public key Bruce sends Gloria his public key. You intercept this key and send your public key to Gloria Man-in-the-Middle Attack (continued): Man-in-the-Middle Attack (continued) This type of attack follows this process (continued) Gloria sends an encrypted message to Bruce but uses your key You can decrypt the message with your private key You reencrypt the message using Bruce’s public key and send it to Bruce Bruce answers Gloria with another encrypted message with your public key You can decrypt the message with your private key You reencrypt the message using Gloria’s public key and send it to GloriaDictionary Attack: Dictionary Attack Attacker uses a dictionary of known words to try to guess passwords There are programs that can help attackers run a dictionary attackReplay Attack: Replay Attack The attacker captures data and attempts to resubmit the captured data The device thinks a legitimate connection is in effect If the captured data was logon information, the attacker could gain access to a system and be authenticated Understanding Password Cracking: Understanding Password Cracking Password cracking is illegal in the United States It is legal to crack your own password if you forgot it You must first obtain the password file from the system that stores user names and passwords File is stored in the /Etc/Passwd or /Etc/Shadow directory for *NIX systems A dictionary attack can be performed on the file by using automated programs Understanding Password Cracking (continued): Understanding Password Cracking (continued) Password cracking programs John the Ripper Hydra (THC) EXPECT L0phtcrack Pwdump3v2 Steps for cracking passwords Run the Pwdump2 program to get hash values of user accounts Perform a brute force attack using John the RipperSummary: Summary Cryptography has been in existence since the dawn of civilization Ciphertext: data that has been encrypted Cleartext or plaintext: data than can be intercepted and read by anyone Symmetric cryptography: uses one key to encrypt and decrypt data Examples: DES, DEA, 3DES, and AES Asymmetric cryptography: uses two keys, one key to encrypt and another to decrypt data Examples: RSA, Elgamal, Diffie-HellmanSummary (continued): Summary (continued) Digital Signature Standard (DSS): ensures that digital signatures can be verified PGP: free public key encryption program to encrypt e-mail messages Hashing algorithms are used to verify data integrity Public key infrastructure (PKI): structure made up of many different components used to encrypt data Digital certificate: binds a public key to information about its owner Issued by a Certificate Authority (CA)Summary (continued): Summary (continued) Active attacks Birthday attacks Brute force attacks Man-in-the-middle attacks Replay attacks Dictionary attacks You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
ch12 Mikhail Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINTLite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 2731 Category: Entertainment License: All Rights Reserved Like it (1) Dislike it (0) Added: January 05, 2008 This Presentation is Public Favorites: 1 Presentation Description No description available. Comments Posting comment... By: 2143 (14 month(s) ago) plzzz........can u snd this ppt to adarsh21292@gmail.com Saving..... Post Reply Close Saving..... Edit Comment Close By: jmpk (19 month(s) ago) send all matrial regarding to ethical hacking to tis mail ... praveenkumar.jm@gmail.com Saving..... Post Reply Close Saving..... Edit Comment Close By: jmpk (19 month(s) ago) plz send tis to my mail.... praveenkumar.jm@gmail.com Saving..... Post Reply Close Saving..... Edit Comment Close By: dabudz (20 month(s) ago) I have view the presentation and i was moved , i would like to present this my students here at the school, the problem is that the net connection is not yet possible ... i would like to request permission to obtain a copy of this presentation to be used as a material here. thank you . my email is archangel_oliver@yahoo.com Saving..... Post Reply Close Saving..... Edit Comment Close By: neelkanth39 (27 month(s) ago) allow me to download Saving..... Post Reply Close Saving..... Edit Comment Close loading.... See all Premium member Presentation Transcript Hands-On Ethical Hacking and Network Defense: Hands-On Ethical Hacking and Network Defense Chapter 12 CryptographyObjectives: Objectives Describe the history of cryptography Describe symmetric and asymmetric cryptography algorithms Explain public key infrastructure (PKI) Describe possible attacks on cryptosystemsUnderstanding Cryptography Basics: Understanding Cryptography Basics Cryptography is the process of converting plaintext into ciphertext Plaintext: readable text (also called cleartext) Ciphertext: unreadable or encrypted text Cryptography is used to hide information from unauthorized users Decryption is the process of converting ciphertext back to plaintext History of Cryptography: History of Cryptography Cryptography has been around for thousands of years Some Egyptian hieroglyphics were encrypted The Book of Jeremiah was written using a substitution cipher Substitution cipher Replaces one letter with another letter based on a key Example: Julius Caesar’s Cipher Used a key value of 3 History of Cryptography (continued): History of Cryptography (continued) Cryptanalysis studies the process of breaking encryption algorithms When a new encryption algorithm is developed, cryptanalysts study it and try to break it Or prove that it is impractical to break it (taking much time and many resources) The War Machines: The War Machines Enigma Developed by Arthur Scherbius Used by the Germans during World War II Enigma substituted each letter typed by an operator Substitutions were computed using a key and a set of switches or rotors The code was broken first by a group of Polish cryptographers The machine for breaking the code was called the “Bombe”The War Machines (continued): The War Machines (continued) The Purple Machine Developed and used by the Japanese during World War II Employed techniques discovered by Herbert O. Yardley The code was broken by William Frederick Friedman Known as the “Father of U.S. Cryptanalysis” Steganography is the process of hiding data in plain view in pictures, graphics, or textUnderstanding Symmetric and Asymmetric Algorithms: Understanding Symmetric and Asymmetric Algorithms An algorithm is a mathematical function or program that works with a key The strength of the algorithm and the secrecy of the key determine how secure the encrypted data is A key is a sequence of random bits generated from a range of allowable values called a keyspace The larger the keyspace, the more random sequenced keys that can be created The more random keys that can be created, the more difficult it is for hackers to guess the keySymmetric Cryptography Algorithms: Symmetric Cryptography Algorithms Symmetric algorithms have one key that encrypts and decrypts data Disadvantages A symmetric cryptosystem needs n(n-1)/2 keys Where n is the number of users Symmetric keys must remain secret This creates a key distribution problem Symmetric algorithms don’t support authenticity and nonrepudiationSymmetric Cryptography Algorithms (continued): Symmetric Cryptography Algorithms (continued) Advantages Symmetric algorithms are fast They are perfect mechanisms for encrypting large blocks of data quickly They are difficult to break if a large key size is used Types of symmetric algorithms Stream ciphers Operate on plaintext one bit at a time Block ciphers Operate on blocks of plaintextData Encryption Standard (DES): Data Encryption Standard (DES) National Institute of Standards and Technology (NIST) Wanted a means of protecting sensitive but unclassified data Invited vendors in early 1970 to submit data encryption algorithms IBM proposed Lucifer A 128-bit encryption algorithm The National Security Agency (NSA) reduced the key size from 128 bits to 64 bits and created DESData Encryption Standard (DES) (continued): Data Encryption Standard (DES) (continued) In 1988, NSA thought the standard was at risk to be broken In 1998, a computer system was designed to break the encryption key in only three daysTriple DES (3DES): Triple DES (3DES) Triple Data Encryption System (3DES) 3DES served as a quick fix to the vulnerabilities of DES 3DES performed a complex computation on the data that made it 256 times stronger than DES This improvement did have a price on performance Advanced Encryption Standard (AES): Advanced Encryption Standard (AES) In 1997, NIST again put out a request to the public for a new encryption standard The request required all submittals for a symmetric block cipher be capable of supporting 128-, 192-, and 256-bit keys There were five finalists Rijndael (winner) MARS RC6 Serpent TwofishInternational Data Encryption Algorithm (IDEA): International Data Encryption Algorithm (IDEA) Block cipher that operates on 64-bit blocks of plaintext It uses a 128-bit key Developed by Xuejia Lai and James Massey Designed to work more efficiently in computers used at home and in businesses IDEA is free for noncommercial use It is included in PGP encryption software Blowfish: Blowfish Block cipher that operates on 64-bit blocks of plaintext The key length can be as large as 448 bits Developed by Bruce Schneier RC5: RC5 Block cipher that can operate on different block sizes: 32, 64, and 128 The key size can reach 2048 bits The 32-bit key size is used only for experimentation and evaluation purposes Created by Ronald L. Rivest in 1994 for RSA Data Security Asymmetric Cryptography Algorithms: Asymmetric Cryptography Algorithms Use two keys that are mathematically related Data encrypted with one key can be decrypted only with the other key Another name for asymmetric key cryptography is public key cryptography Public key: key that can be known by the public Private key: secret key known only by the owner Provide message authenticity and nonrepudiation Authenticity validates the sender of a message Nonrepudiation means a user cannot deny sending a messageAsymmetric Cryptography Algorithms (continued): Asymmetric Cryptography Algorithms (continued) How it works User A encrypts a message with her private key and sends the message to User B User B decrypts the message with User A’s public key If confidentiality is major concern for User A User A encrypts a message with User B’s public key and sends the message to User B User B decrypts the message with his private key Asymmetric algorithms are more scalable but slower than symmetric algorithmsRSA: RSA Developed in 1977 by Ronald L. Rivest, Adi Shamir, and Leonard M. Adleman The algorithm is based on the difficulty of factoring large numbers RSA uses a one-way function to generate a key A mathematical formula that is easy to compute in one direction Many browsers that use the Secure Socket Layer (SSL) protocol use the RSA algorithmDiffie-Hellman: Diffie-Hellman Developed by Whitfield Diffie and Martin Hellman Diffie-Hellman does not provide encryption but is used for key exchange If a key is transmitted and intercepted, the network is vulnerable to attack Elliptic Curve Cryptosystems (ECC): Elliptic Curve Cryptosystems (ECC) It is an efficient algorithm requiring few resources Memory Disk space Bandwidth ECC is used for encryption as well as digital signatures and key distributionElgamal: Elgamal Public key algorithm used to Encrypt data Create digital signature Exchange secret keys Written by Taher Elgamal in 1985 The algorithm uses discrete logarithm problems Solving a discrete logarithm problem can take many years and require CPU-intensive operations Digital Signatures: Digital Signatures How it works User A encrypts a message with her private key and sends the message to User B User B decrypts the message with User A’s public key Require the use of hash values Provide message integrity, authenticity and nonrepudiationDigital Signature Standard (DSS): Digital Signature Standard (DSS) Established by the NIST in 1991 Ensures that digital signatures rather than written signatures can be verified Federal government requirements RSA and Digital Signature Algorithm (DSA) must be used for all digital signatures Hashing algorithm must be used to ensure the integrity of the message NIST required that the Secure Hash Algorithm (SHA) be usedPretty Good Privacy (PGP): Pretty Good Privacy (PGP) Developed by Phil Zimmerman as a free e-mail encryption program Zimmerman was almost arrested for his innovation Back in the mid-1990s, any kind of “unbreakable” encryption was seen as a weapon and compared to selling arms to the enemy PGP is a free public key encryption program It uses certificates similar to those in public key infrastructure (PKI) PGP does not use a centralized CA Verification of a CA is not as efficient as PKIPretty Good Privacy (PGP) (continued): Pretty Good Privacy (PGP) (continued) Algorithms supported by PGP IDEA RSA DSA Message Digest 5 (MD5) SHA-1Secure Multipurpose Internet Mail Extension (S/MIME): Secure Multipurpose Internet Mail Extension (S/MIME) Is another public key encryption standard used to encrypt and digitally sign e-mail Can encrypt e-mail messages containing attachments Can use PKI certificates for authentication S/MIME version 2 defined in RFC 2311 S/MIME version 3 defined in RFC 2633 Privacy-Enhanced Mail (PEM): Privacy-Enhanced Mail (PEM) Internet standard that is compatible with both symmetric and asymmetric methods of encryption Can use the X.509 certificate standards and encrypt messages with DES Not used as much today MIME Object Security Services (MOSS) is a newer implementation of PEMHashing Algorithms: Hashing Algorithms Take a variable-length message and produce a fixed-length value called a message digest A hash value is equivalent to a fingerprint of the message If the message is changed later, the hash value changes If two different messages produce the same hash value, it results in a collision A good hashing algorithm is one that is collision freeHashing Algorithms (continued): Hashing Algorithms (continued) SHA-1 is one of the most popular hashing algorithms SHA-1 has been broken As of March 15, 2005, the NIST recommends not using SHA applications Understanding Public Key Infrastructure (PKI): Understanding Public Key Infrastructure (PKI) PKI is a structure that consists of programs, protocols, and security protocols Uses public key cryptography PKI components Certificate: a digital document that verifies the identities of two communicating entities Contains a unique serial number and must follow the X.509 standard Public keys are issued by a certification authority (CA) A certificate that the CA issues to a company binds a public key to the recipient’s private keyExpiration, Revocation, and Suspension of Certificates: Expiration, Revocation, and Suspension of Certificates A period of validity is assigned to each certificate After that date, the certificate expires A certificate can be renewed with a new expiration date assigned If the keys are still valid and remain uncompromised Reasons to suspend or revoke a certificate A user leaves the company A hardware crash causes a key to be lost A private key is compromisedExpiration, Revocation, and Suspension of Certificates (continued): Expiration, Revocation, and Suspension of Certificates (continued) Certificate Revocation List (CRL) Contains all revoked and suspended certificates Issued by CAs Suspension of a certificate might be done when one or more parties fail to honor agreements Suspension makes it easier to restore if the parties come to an agreement at a later date Backing Up Keys: Backing Up Keys Backing up keys is critical If keys are destroyed and not backed up properly, encrypted business-critical information might be irretrievable The CA is usually responsible for backing up keys A key recovery policy is also part of the CA’s responsibility Microsoft Root CA: Microsoft Root CA Available in Windows Server 2003 and Windows 2000 Server Steps for setting up a Microsoft Root CA Install the Certificate Services Note that after installing this service the name of the domain or computer cannot change Configuring a Windows server as a CA (four options) Enterprise root CA Enterprise subordinate CA Stand-alone root CA Stand-alone subordinate CAMicrosoft Root CA (continued): Microsoft Root CA (continued) Steps for setting up a Microsoft Root CA (continued) Specify options to generate certificates, including Cryptographic Service Provider Hash algorithm Key lengthUnderstanding Cryptographic Attacks: Understanding Cryptographic Attacks Attacks studied so far are passive attacks Active attacks attempt to determine the secret key being used to encrypt plaintext Cryptographic algorithms are usually public Follows the open-source cultureBirthday Attack: Birthday Attack Old adage If 23 people are in a room, two will share the same birthday Birthday attacks are used to find the same hash value for two different inputs A birthday attack is used to reveal any mathematical weaknesses in hashing algorithms SHA-1 uses a 160-bit key Theoretically, it would require 280 computations to break SHA-1 has already been brokenMathematical Attacks: Mathematical Attacks Properties of the algorithm are attacked by using mathematical computations Categories Ciphertext-only attack The attacker has the ciphertext of several messages but not the plaintext Attacker tries to find out the key used to encrypt the messages Attacker can capture ciphertext using a sniffer program such as Ethereal or Tcpdump Mathematical Attacks (continued): Mathematical Attacks (continued) Categories (continued) Known plaintext attack The attacker has messages in both encrypted form and decrypted forms This attack is easier to perform than the ciphertext-only attack Looks for patterns in both plaintext and ciphertext Chosen-plaintext attack The attacker has access to plaintext and ciphertext Attacker has the ability to choose which message to encryptMathematical Attacks (continued): Mathematical Attacks (continued) Categories (continued) Chosen-ciphertext attack The attacker has access to the ciphertext to be decrypted and to the resulting plaintext Attacker needs access to the cryptosystem to perform this type of attackBrute Force Attack: Brute Force Attack An attacker tries to guess passwords by attempting every possible combination of letters Requires lots of time and patience Password-cracking program John the RipperMan-in-the-Middle Attack: Man-in-the-Middle Attack Attackers place themselves between the victim computer and another host computer They then intercept messages sent from the victim to the host and pretend to be the host computer This type of attack follows this process Gloria sends her public key to Bruce, and you, the attacker, intercept the key and send Bruce your public key Bruce sends Gloria his public key. You intercept this key and send your public key to Gloria Man-in-the-Middle Attack (continued): Man-in-the-Middle Attack (continued) This type of attack follows this process (continued) Gloria sends an encrypted message to Bruce but uses your key You can decrypt the message with your private key You reencrypt the message using Bruce’s public key and send it to Bruce Bruce answers Gloria with another encrypted message with your public key You can decrypt the message with your private key You reencrypt the message using Gloria’s public key and send it to GloriaDictionary Attack: Dictionary Attack Attacker uses a dictionary of known words to try to guess passwords There are programs that can help attackers run a dictionary attackReplay Attack: Replay Attack The attacker captures data and attempts to resubmit the captured data The device thinks a legitimate connection is in effect If the captured data was logon information, the attacker could gain access to a system and be authenticated Understanding Password Cracking: Understanding Password Cracking Password cracking is illegal in the United States It is legal to crack your own password if you forgot it You must first obtain the password file from the system that stores user names and passwords File is stored in the /Etc/Passwd or /Etc/Shadow directory for *NIX systems A dictionary attack can be performed on the file by using automated programs Understanding Password Cracking (continued): Understanding Password Cracking (continued) Password cracking programs John the Ripper Hydra (THC) EXPECT L0phtcrack Pwdump3v2 Steps for cracking passwords Run the Pwdump2 program to get hash values of user accounts Perform a brute force attack using John the RipperSummary: Summary Cryptography has been in existence since the dawn of civilization Ciphertext: data that has been encrypted Cleartext or plaintext: data than can be intercepted and read by anyone Symmetric cryptography: uses one key to encrypt and decrypt data Examples: DES, DEA, 3DES, and AES Asymmetric cryptography: uses two keys, one key to encrypt and another to decrypt data Examples: RSA, Elgamal, Diffie-HellmanSummary (continued): Summary (continued) Digital Signature Standard (DSS): ensures that digital signatures can be verified PGP: free public key encryption program to encrypt e-mail messages Hashing algorithms are used to verify data integrity Public key infrastructure (PKI): structure made up of many different components used to encrypt data Digital certificate: binds a public key to information about its owner Issued by a Certificate Authority (CA)Summary (continued): Summary (continued) Active attacks Birthday attacks Brute force attacks Man-in-the-middle attacks Replay attacks Dictionary attacks