Introduction to Cryptography

Objectives A conceptual understanding of secret-key, public-key, and hashing cryptographic algorithms and how they fit into the notion of certificates and how these certificates form the basis of Public Key Infrastructure (PKI).

Why Cryptography Scramble data to keep it private Detect whether data has been changed Provide proof of origin, receipt, transaction.. Provide digital identities

Cryptographic Functions Three types - each with strengths and weaknesses depending upon their intended use. Secret-Key (Symmetric) Cryptography - Same shared key Public-Key (Asymmetric) Cryptography - Different but related keys Hash Function

Secret-Key Cryptography Characteristics Relatively fast Poses key delivery challenges when faced with large numbers of senders/receivers Popular Implementations Data Encryption Standard (DES) 56 bit key (plus 8 parity bits) Triple DES RSA’s RC2, RC4, RC5

Secret-Key Cryptography Examples of usage Encryption of bulk data and protection of ATM PINs

Public-Key Cryptography Characteristics Slower than secret-key cryptography Designed to accommodate key delivery and scalability Key Strengths 512 to 2048 bits Popular Implementations RSA - encryption and digital signature El Gamal and DSS - digital signatures Diffie-Hellman -secret-key establishment

Public-Key Cryptography Examples of Usage Authentication - encrypting challenge Key Distribution - encrypting session key

Hash Algorithms Characteristics Message of length n - Hash Function ------> h (Fixed length, short number Characteristics Easy to compute There is no way to get from the hash to the original message, that is any simpler than going though all possible values of the original message and computing the hash for each one It should be computationally infeasible to find two messages that hash to the same thing. Popular implementations - SHA-1, MD2, MD4, MD5

Hash Algorithms Examples of Usage System can store hashes of passwords instead of the password itself Message integrity - send messages and the hash of (message/secret-password) Digital signature

Digital Signatures Alice Signs with her Private Key - emails / file transfer/ floppy ----> Recipient Verifies with Alice’s Public Key Definition/Characteristics A digital signature is a number associated with a message, generated using the private key of the sender Anyone with Alice’s public key can verify that it is Alice’s signature Proves the message has not been altered in any way since the signature was applied Provides non-reputable source of origin

Digital Signatures Popular implementations - RSA+MD5, RSA+SHA-1, DSS+SHA-1 Examples of Usage Signed mail Signed code (Java applets, Active X controls)

Hashes and Digital Signatures SHA-1 Signed Alice’s Plain text h Alice signs the hash (encrypts the hash with her private key) Signed Bob decrypts the signed hash with Alice’s Public key h Bob If hashed match Only Alice could have signed Plain text did not change h Bob hashes the plain text to derive the hash

Certificates (x.509 V3) Question - Can I trust the Public Key? Answer - Yes, if it backed up by some trustworthy authority. User Certificates Trusted Method to Store Public Key Binds Public Key to User CA Certificates Well Known Public Key for Signature Verification Delivered with Browser, Server, Mutually installed on Browser / Server

Encryption Can be employed at Different Levels Field Level - Client Browser ---> s-HTTP Web Server Status- not supported - being dropped from products Message Level - Mail Sender ---> S-MIME /Open PGP - Mail Server - Advantage - Mail is often intended to be kept secret as an entire unit Transport Level - Client Browser ---> SSL/TLS - Web Server - Advantage - Useful when a session’s interactions needs to be kept secret Datagram Level - Firewall ---> IPSec Firewall - Advantage Encrypted pipe enables multiple sessions to be encrypted with only single IPSec setup overhead

Public-Key Infrastructure (PKI)

PKI - Continued

PKI - Continued

PKI Aspects - Establishing Trust Need to establish trust with other CA’s divisions of a corporation trading partners suppliers competitors Trust Models Flat certificate model Hierarchical certificate model Cross-certification - allows one CA to recognize the authority of another - CAs certify each other Link X.500 directories

PKI Aspects - CAs & RAs Certificate Authority Registration Authority Policy Profile CA key management Handle exceptions Support users Registration Authority Authenticate applicants Select attributer Approve and forward Request revocation Help manage policy

Network Security -SSL Secure Sockets Layer (SSL) Cryptographic protocol for protecting digital communication between client & server Can also be used server to server Standard, efficient and widely deployed (Web Servers - Apache, Netscape, Microsoft -IIS …etc)

SSL- How it works Negotiate Options Authenticate Distribute Keys One or Two way Authentication Which Crypto Suite Authenticate Exchange Certificate(s) Validate Certificate(s) Random Number Challenge(s) Distribute Keys Generate Secret Keys Exchange Secret Keys Flow Secure Data Encryption Modification Detection Compression

SSL- How it works Client Server (Alice) (Bob) <--------------------------------> Negotiate Options Authenticate Distribute Keys Flow Secure Data <---------------------------------->

History of SSL/TLS SSL Version 1 - was quickly replaced by SSL version 2 . Not in use today SSL Version 2 - some security problems; 1-way (server) authentication Private Communication Technology (PCT) - Microsoft’s response to SSL 2.0. Fixes some problems, but supplanted by SSL V3. SSL version 3 - Complete redesign of SSL. Fixed the problems in previous versions and added many features Transport Layer Security (TLS) - IETF standard, based on SSL V3, under development

IPSec Overview A framework that provides network layer security via protection for IP datagram transit Origin authentication, integrity, confidentiality, and key management Basis for virtual private networks (VPNs) IPSec support in TCP/IP Firewall - All connections among IP-Addressable entities Involves 3 protocols: Authentication Header (AH) protocol Encapsulating security payload (ESP) ISAKMP/Oakley

IPSec Enables Virtual Private Networks Via the internet, the corporate network can be securely extended to include remote nodes/networks IPSec enables a secure pipe or tunnel to be established

ISAKMP/Oakley Internet Security Association and Key Management Protocol IETF Standardized Framework Negotiate security associations Crypto key generation/refresh Oakley is the mandatory key management protocol within ISAKMP Essential for success/growth of VPNs Secure key exchange is most important element Automated key distribution, without manual intervention facilitates scalability

IPSec Modes - Tunnel and Transport IPSec tunnel and transport work together to allow tailoring of protection: end-to-end and tunnel specific Transport modes: end-to-end original IP datagram header is used for routing intranet addresses typical example - exchanges between a server in one intranet and client in another Tunnel modes: tunnel-specific protection outer IP header created and used for routing internet addresses typical example - firewall to firewall VPN

IP Authentication Header (AH) Two Modes: Transport and Tunnel Datagram content is clear text AH provides data integrity and data origin authentication Protection for entire datagram Data integrity is assured by the checksum generated by a message authentication code (MD5)

Encapsulating Security Payload (ESP) Two Modes: Transport and Tunnel IP datagram can be encrypted entirely (Tunnel Mode), or payload only (transport mode) Also provides data integrity and origin authentication ESP’s encryption uses a symmetric shared key