Beruflich Dokumente
Kultur Dokumente
3-1 1 Ltd.
© 2015 Pearson Education
3-2 2 Ltd.
© 2015 Pearson Education
Chapter 1 introduced the threat environment
Chapter 2 introduced the plan-protect-
respond cycle and covered the planning
phase
Chapters 3 through 9 will cover the
protection phase
Chapter 3 introduces cryptography, which is
important and is used in many other
protections
3-3 3 Ltd.
© 2015 Pearson Education
3.1 What is Cryptography
3.2 Symmetric Key Encryption Ciphers
3.3 Cryptographic System Standards
3.4 The Negotiation Stage
3.5 Initial Authentication Stage
3.6 The Keying Stage
3.7 Message-by-Message Authentication
3.8 Quantum Security
3.9 Cryptographic Systems
3.10 SSL/TLS and IPsec
3-4 4 Ltd.
© 2015 Pearson Education
Cryptography is the use of mathematical
operations to protect messages traveling
between parties or stored on a computer
???
3-5 5 Ltd.
© 2015 Pearson Education
Confidentiality is only one cryptographic
protection
Authentication means proving one’s identity
to another so they can trust you more
Integrity means that the message cannot be
changed or, if it is change, that this change
will be detected
Known as the CIA of cryptography
◦ No, not that CIA
3-6 6 Ltd.
© 2015 Pearson Education
Encryption for confidentiality needs a cipher
(mathematical method) to encrypt and
decrypt
◦ The cipher cannot be kept secret
3-7 7 Ltd.
© 2015 Pearson Education
3-8 8 Ltd.
© 2015 Pearson Education
Plaintext Key Ciphertext
n 4 r
o 8 w
w 15 l
i 16 …
s 23 …
+4 t 16 …
h 3 …
n o p q r e 9 …
t 12 …
This is a very weak cipher.
Real ciphers use complex i 20 …
math. m 6 …
e 25 …
3-9 9 Ltd.
© 2015 Pearson Education
Substitution Ciphers
◦ Substitute one letter (or bit) for another in each
place
◦ The cipher we saw in Figure 3-2 is a substitution
cipher
Transposition Ciphers
◦ Transposition ciphers do not change individual
letters or bits, but they change their order
Key (Part 2) 1 3 2
2 n o w
3 i s t
1 h e t
Key = 132 231
3-11 11 Ltd.
© 2015 Pearson Education
Ciphers can encrypt any message expressed
in binary (1s and 0s)
◦ This flexibility and the speed of computing makes
ciphers dominant for encryption today
3-14 14 Ltd.
© 2015 Pearson Education
◦ Public key/private key pairs (discussed later in the
chapter) must be much longer than symmetric keys
to be considered to be strong because of the
disastrous consequences that could occur if a
private key is cracked and because private keys
cannot be changed frequently.
3-15 15 Ltd.
© 2015 Pearson Education
3.1 What is Cryptography
3.2 Symmetric Key Encryption Ciphers
3.3 Cryptographic System Standards
3.4 The Negotiation Stage
3.5 Initial Authentication Stage
3.6 The Keying Stage
3.7 Message-by-Message Authentication
3.8 Quantum Security
3.9 Cryptographic Systems
3.10 SSL/TLS and IPsec
3-16 16 Ltd.
© 2015 Pearson Education
RC4 DES 3DES AES
Key Length 40 bits or 56 112 or 168 128, 192, or
(bits) more 256
Key Strength Very weak Weak Strong Strong
at 40 bits
Processing Low Moderate High Low
Requirements
RAM Low Moderate Moderate Low
Requirements
Remarks Can use Created in Applies Today’s
keys of the 1970s DES three gold
variable times with standard for
length two or symmetric
three key
different encryption
DES keys
3-17 17 Ltd.
© 2015 Pearson Education
The DES cipher
encrypts messages
64 bits at a time.
The DES cipher (in
codebook mode)
needs two inputs.
3-18 18 Ltd.
© 2015 Pearson Education
3.1 What is Cryptography
3.2 Symmetric Key Encryption Ciphers
3.3 Cryptographic System Standards
3.4 The Negotiation Stage
3.5 Initial Authentication Stage
3.6 The Keying Stage
3.7 Message-by-Message Authentication
3.8 Quantum Security
3.9 Cryptographic Systems
3.10 SSL/TLS and IPsec
3-19 19 Ltd.
© 2015 Pearson Education
Cryptographic Systems
◦ Encryption for confidentiality is only one
cryptographic protection
◦ Individual users and corporations cannot be
expected to master these many aspects of
cryptography
◦ Consequently, crypto protections are organized into
complete cryptographic systems that provide a
broad set of cryptographic protection
3-20 20 Ltd.
© 2015 Pearson Education
Cryptographic Systems
1. Two parties first agree upon a particular
cryptographic system to use
2. Each cryptographic system dialogue begins with
three brief handshaking stages
3. The two parties then engage in cryptographically
protected communication
This ongoing communication stage usually constitutes
nearly all of the dialogue
3-21 21 Ltd.
© 2015 Pearson Education
3-22 22 Ltd.
© 2015 Pearson Education
3.1 What is Cryptography
3.2 Symmetric Key Encryption Ciphers
3.3 Cryptographic System Standards
3.4 The Negotiation Stage
3.5 Initial Authentication Stage
3.6 The Keying Stage
3.7 Message-by-Message Authentication
3.8 Quantum Security
3.9 Cryptographic Systems
3.10 SSL/TLS and IPsec
3-23 23 Ltd.
© 2015 Pearson Education
Selecting methods and
parameters
Authentication
Keying (the secure exchange
of secrets)
Ongoing communication
3-24 24 Ltd.
© 2015 Pearson Education
Cipher Suite Key Digital Symmetric Hashing Strength
Negotiation Signature Key Method
Method Encryption for
Method HMAC
NULL_WITH_NULL_NULL None None None None None
RSA_EXPORT_WITH_ RSA RSA RC4 (40-bit MD5 Weak
RC4_40_MD5 export export key)
strength (40 strength
bits) (40 bits)
RSA_WITH_DES_CBC_ RSA RSA DES_CBC SHA-1 Stronger
SHA but not
very
strong
DH_DSS_WITH_3DES_ Diffie- Digital 3DES_ SHA-1 Strong
EDE_CBC_SHA Hellman Signature EDE_CBC
Standard
RSA_WITH_AES_256_CB RSA RSA AES SHA-256 Very
C_SHA256 256 bits strong
3-25 25 Ltd.
© 2015 Pearson Education
3.1 What is Cryptography
3.2 Symmetric Key Encryption Ciphers
3.3 Cryptographic System Standards
3.4 The Negotiation Stage
3.5 Initial Authentication Stage
3.6 The Keying Stage
3.7 Message-by-Message Authentication
3.8 Quantum Security
3.9 Cryptographic Systems
3.10 SSL/TLS and IPsec
3-26 26 Ltd.
© 2015 Pearson Education
Selecting methods and
parameters
Authentication
Keying (the secure exchange
of secrets)
Ongoing communication
3-27 27 Ltd.
© 2015 Pearson Education
3-28 28 Ltd.
© 2015 Pearson Education
Hashing
◦ A hashing algorithm is applied to a bit string of any
length
◦ The result of the calculation is called the hash
◦ For a given hashing algorithm, all hashes are the
same short length
3-29 29 Ltd.
© 2015 Pearson Education
Hashing versus Encryption
3-30 30 Ltd.
© 2015 Pearson Education
Hashing Algorithms
◦ MD5 (128-bit hashes)
◦ SHA-1 (160-bit hashes)
◦ SHA-224, SHA-256, SHA-384, and SHA-512 (name
gives hash length in bits)
◦ Note: MD5 and SHA-1 should not be used because
they have been shown to be unsecure
3-31 31 Ltd.
© 2015 Pearson Education
3-32 32 Ltd.
© 2015 Pearson Education
3-33 33 Ltd.
© 2015 Pearson Education
3-34 34 Ltd.
© 2015 Pearson Education
3.1 What is Cryptography
3.2 Symmetric Key Encryption Ciphers
3.3 Cryptographic System Standards
3.4 The Negotiation Stage
3.5 Initial Authentication Stage
3.6 The Keying Stage
3.7 Message-by-Message Authentication
3.8 Quantum Security
3.9 Cryptographic Systems
3.10 SSL/TLS and IPsec
3-35 35 Ltd.
© 2015 Pearson Education
Selecting methods and
parameters
Authentication
Keying (the secure exchange
of secrets)
Ongoing communication
3-36 36 Ltd.
© 2015 Pearson Education
There are two types of ciphers used for
confidentiality
◦ In symmetric key encryption for confidentiality, the
two sides use the same key
For each dialogue (session), a new symmetric
key is generated: the symmetric session key
◦ In public key encryption, each party has a public
key and a private key that are never changed
A person’s public key is available to anyone
A person keeps his or her private key secret
3-37 37 Ltd.
© 2015 Pearson Education
3-38 38 Ltd.
© 2015 Pearson Education
3-39 39 Ltd.
© 2015 Pearson Education
The two parties exchange parameters p and g
Each uses a number that is never shared
explicitly to compute a second number
◦ Each sends the other their second number
3-41 41 Ltd.
© 2015 Pearson Education
3.1 What is Cryptography
3.2 Symmetric Key Encryption Ciphers
3.3 Cryptographic System Standards
3.4 The Negotiation Stage
3.5 Initial Authentication Stage
3.6 The Keying Stage
3.7 Message-by-Message Authentication
3.8 Quantum Security
3.9 Cryptographic Systems
3.10 SSL/TLS and IPsec
3-42 42 Ltd.
© 2015 Pearson Education
Selecting methods and
parameters
Authentication
Keying (the secure exchange of
secrets)
Ongoing communication
3-43 43 Ltd.
© 2015 Pearson Education
Consumes nearly all of the dialogues
Message-by-Message Encryption
◦ Nearly always uses symmetric key encryption
◦ Already covered
◦ Public key encryption is too inefficient
Message-by-Message Authentication
◦ Digital signatures
◦ Message authentication codes (MACs)
◦ Also provide message-by-message integrity
3-44 44 Ltd.
© 2015 Pearson Education
3-45 45 Ltd.
© 2015 Pearson Education
Encryption is done to protect the plaintext.
It is not needed for message-by-message
authentication.
3-46 46 Ltd.
© 2015 Pearson Education
3-47 47 Ltd.
© 2015 Pearson Education
Encryption Goal Sender Encrypts Receiver
with Decrypts with
Public Key The receiver’s The receiver’s
Encryption for public key private key
Confidentiality
Public Key The sender’s The True Party’s
Encryption for private key public key
Authentication (not the sender’s
public key)
Point of frequent
confusion
3-48 48 Ltd.
© 2015 Pearson Education
Cannot use the sender’s public key
◦ It would always “validate” the sender’s digital
signature
3-49 49 Ltd.
© 2015 Pearson Education
Field Description
Version Version number ofSerial number
the X.509 allows the
standard. Mostreceiver to
certificates
Number check ifversions
follow Version 3. Different the digital certificate
have differenthas
fields.
been revoked by the CA.
This figure reflects the Version 3 standard.
3-51 51 Ltd.
© 2015 Pearson Education
3-52 52 Ltd.
© 2015 Pearson Education
Testing the Digital Signature
◦ The digital certificate has a digital signature of its
own
◦ Signed with the Certificate Authority’s (CA’s) private
key
◦ Must be tested with the CA’s well-known public key
◦ If the test works, the certificate is authentic and
unmodified
3-53 53 Ltd.
© 2015 Pearson Education
Checking the Valid Period
◦ Certificate is valid only during the valid period in
the digital certificate (not shown in the figure)
◦ If the current time is not within the valid period,
reject the digital certificate
3-54 54 Ltd.
© 2015 Pearson Education
Checking for Revocation
◦ Certificates may be revoked for improper behavior
or other reasons
◦ Revocation must be tested
◦ Cannot be done by looking at fields within the
certificate
◦ Receiver must check with the CA
3-55 55 Ltd.
© 2015 Pearson Education
Checking for Revocation
◦ Verifier may download the entire certificate
revocation list from the CA
See if the serial number is on the certificate
revocation list
If so, do not accept the certificate
◦ Or the verifier may send a query to the CA
Requires the CA to support the Online
Certificate Status Protocol
3-56 56 Ltd.
© 2015 Pearson Education
3-57 57 Ltd.
© 2015 Pearson Education
Also Brings Message Integrity
◦ If the message has been altered, the authentication
method will fail automatically
3-60 60 Ltd.
© 2015 Pearson Education
3-61 61 Ltd.
© 2015 Pearson Education
Nonrepudiation means that the sender cannot
deny that he or she sent a message
With digital signatures, the sender must use
his or her private key
◦ It is difficult to repudiate that you sent something if
you use your private key
3-64 64 Ltd.
© 2015 Pearson Education
Thwarting Replay Attacks
◦ Time stamps to ensure freshness of each message
◦ Sequence numbers so that repeated messages can
be detected
◦ Nonces
Unique randomly generated number placed in
each request message
Reflected in the response message
If a request arrives with a previously used
nonce, it is rejected
3-65 65 Ltd.
© 2015 Pearson Education
Confidentiality Authentication
Symmetric Key Applicable. Sender Not applicable.
Encryption encrypts with key
shared with the
receiver.
Public Key Applicable. Sender Applicable. Sender (supplicant)
Encryption encrypts with encrypts with own private key.
receiver’s public Receiver (verifier) decrypts with
key. Receiver the public key of the true party,
decrypts with the usually obtained from the true
receiver’s own party’s digital certificate.
private key.
3-66 66 Ltd.
© 2015 Pearson Education
3.1 What is Cryptography
3.2 Symmetric Key Encryption Ciphers
3.3 Cryptographic System Standards
3.4 The Negotiation Stage
3.5 Initial Authentication Stage
3.6 The Keying Stage
3.7 Message-by-Message Authentication
3.8 Quantum Security
3.9 Cryptographic Systems
3.10 SSL/TLS and IPsec
3-67 67 Ltd.
© 2015 Pearson Education
Quantum Mechanics
◦ Describes the behavior of fundamental particles
◦ Complex and even weird results
3-68 68 Ltd.
© 2015 Pearson Education
Quantum Key Distribution
◦ Transmits a very long key—as long as the message
◦ This is a one-time key that will not be used again
◦ A one-time key as long as a message cannot be
cracked by cryptanalysis
◦ If an interceptor reads part of the key in transit,
this will be immediately apparent to the sender and
receiver
3-69 69 Ltd.
© 2015 Pearson Education
Quantum Key Cracking
◦ Tests many keys simultaneously
◦ If quantum key cracking becomes capable of
working on long keys, today’s strong key lengths
will offer no protection
3-70 70 Ltd.
© 2015 Pearson Education
3.1 What is Cryptography
3.2 Symmetric Key Encryption Ciphers
3.3 Cryptographic System Standards
3.4 The Negotiation Stage
3.5 Initial Authentication Stage
3.6 The Keying Stage
3.7 Message-by-Message Authentication
3.8 Quantum Security
3.9 Cryptographic Systems
3.10 SSL/TLS and IPsec
3-71 71 Ltd.
© 2015 Pearson Education
3-72 72 Ltd.
© 2015 Pearson Education
3-73 73 Ltd.
© 2015 Pearson Education
3.1 What is Cryptography
3.2 Symmetric Key Encryption Ciphers
3.3 Cryptographic System Standards
3.4 The Negotiation Stage
3.5 Initial Authentication Stage
3.6 The Keying Stage
3.7 Message-by-Message Authentication
3.8 Quantum Security
3.9 Cryptographic Systems
3.10 SSL/TLS and IPsec
3-74 74 Ltd.
© 2015 Pearson Education
3-75 75 Ltd.
© 2015 Pearson Education
3-76 76 Ltd.
© 2015 Pearson Education
SSL/TLS IPsec
Cryptographic security standard Yes Yes
Cryptographic security protections Good Gold
Standard
3-77 77 Ltd.
© 2015 Pearson Education
1.
End-to-End
Security
(Good)
2. 3.
Security in Setup Cost
Site Network On Each Host
(Good) (Costly)
3-78 78 Ltd.
© 2015 Pearson Education
2. 3.
No Security in No Setup Cost
Site Network On Each Host
(Bad) (Good)
3-79 79 Ltd.
© 2015 Pearson Education
Characteristic Transport Mode Tunnel Mode
Uses an IPsec VPN No Yes
Gateway?
Cryptographic All the way from the Only over the Internet
Protection source host to the between the IPsec
destination host, gateways. Not within
including the Internet the two site networks.
and the two site
networks.
Setup Costs High. Setup requires Low. Only the IPsec
the creation of a digital gateways must
certificate for each implement IPsec, so
client and significant only they need digital
configuration work. certificates and need to
be configured.
3-80 80 Ltd.
© 2015 Pearson Education
Characteristic Transport Mode Tunnel Mode
Firewall Friendliness Bad. A firewall at the Good. Each packet is
border to a site cannot decrypted by the IPsec
filter packets because gateway. A border
the content is firewall after the IPsec
encrypted. gateway can filter the
decrypted packet.
3-81 81 Ltd.
© 2015 Pearson Education
3-82 82 Ltd.
© 2015 Pearson Education
All rights reserved. No part of this publication may be reproduced, stored in a
retrieval system, or transmitted in any form or by any means, electronic,
mechanical, photocopying, recording or otherwise without the prior written
permission of the publisher.