Security fundamentals Topic 4 Encryption

Agenda Using encryption Cryptography Symmetric encryption Hash functions Public key encryption Applying cryptography

Cryptography Means ‘secret writing’ – Taking plaintext and encrypting it into ciphertext – Ensure confidentiality and integrity – Store confidential data – Authenticate users – Protect passwords – Ensure identity

Uses of cryptography Confidentiality – Only authorised people can access data Data Integrity – Unauthorised modifications to the data are detected (protection from man-in-middle attacks) Authentication – Data originates from the legitimate source/destination Non-repudiation – Ensures a user cannot deny performing a task or sending data (cannot refute signing a contract) Anti-replay protection – Prevents a message being intercepted and replayed (re-sent) at a later time

Algorithms and keys A mathematical formula that is applied to data to convert plaintext to ciphertext or ciphertext to plaintext. C = f(M) Weakness: If the algorithm is not secret it can be used to decrypt any message Key: A key varies the function of the algorithm The strength of the encryption is in the key not the algorithm If the key is discovered, only the messages encrypted with that key are compromised

Strength of cryptographic methods How difficult it is for unauthorised people to reconstruct the plaintext from ciphertext? The strongest algorithms are those that have been made publicly available for cryptographers to try to break Good cryptography creates ciphertext that appears to be entirely random It can only be broken by discovery of the key (theft or social engineering) or by brute force: Trying every possible combination Increase the strength of encryption by increasing the key length, complexity and/or changing the key frequently 64 bit key length = years to brute force Encryption is strong enough when it becomes impractical for an attacker to carry out a brute force attack

Making encryption secure Increase the key length Keys should be chosen at random and not be predictable Change keys where appropriate Some governments (USA) restrict the use and import/export of encryption technologies

Symmetric encryption Uses the same key for encrypting and decrypting data Uses a shared secret

Uses of symmetric encryption Primary use is to provide confidentiality (not data integrity, authentication, non-repudiation or anti- replay protection) Anyone who possesses the key can decrypt the message Symmetric encryption works well to provide confidentiality and the key can easily be kept secret – does not work well where the key has to be distributed to many others. Number of keys required n(n-1)/2 (10 people will require 45 keys) If many people share a single key there is greater probability that the key will be not be kept secret

Advantages of symmetric encryption Easy to use Encryption/decryption is fast Used when the confidentiality of the key can be easily managed and large amounts of data need to be encrypted

Symmetric encryption algorithms DES: Data Encryption Standard – 56 bit key, relatively slow – Used in EFS for Windows DES: Triple DES – 3 encryption passes on the data using 56 bit keys – More secure and widely used AES Advanced Encryption Standard, Rijndael – Key lengths of 128, 192, 256 bits – Current standard used by NIST National Institute for Standards US

Symmetric encryption algorithms IDEA: International Data Encryption Algorithm – 128 bit keys – Patented and requires licensing for commercial use Blowfish: – Extremely fast, variant is Twofish, free for use of any kind – Variable length keys from 32 bits to 448 bits RC4: – Stream cipher, use in WEP for wireless, modifies the key as successive portions of text are encrypted – Uses variable key lengths

Hash functions Is a type of encryption that takes data of any length and encrypts it to a fixed length string called a hash (or a digest) Hash functions are one way functions, the original data cannot be reconstructed from the hash A hash is used to prove data integrity and not used for confidentiality. Hashes are generated at different times and compared, if the hashes are identical then the message has not been changed A good hash results in a large unpredictable change in hash, even when there is just a very small change in the original data Hashes are a fixed length so that an attacker cannot deduce the original length of data A good hash ensures that it is unlikely that another message will produce the same hash

Hash uses To guarantee data integrity To store passwords (Windows NT Challenger/Response NTLM) Digital signing

Hash algorithms SHA1: Secure Hash Algorithm: – 160 bits long slower – use in govt agencies MD5/MD4 Message Digest: – 128 bits long – used in applications that don’t have to comply with US government requirements

Public key encryption Public key available to anyone, private key must be kept secret Person who uses private key, generates key pair- the public key stored in a certificate (send the private key to a CA to create the certificate) A brute force attack can derive a private key from the public key – increase the key length to make that infeasible Anyone can encrypt data using your pubic key: only you can decrypt using the private key You can encrypt using private key and anyone can decrypt using the public key In a key pair the public key is based on the product of two large prime numbers: the private key is based on the numbers itself Based on the idea that there is no known way to discover two large prime numbers from just their product

Digital signing Authenticate an , file or program Encrypt the item with the private key, recipient decrypts with the public key Encrypt a hash of the message (saves time) Create a hash of message, sign the hash by encrypting with private key Recipient decrypts the hash by using your public key to verify that you sent the message Recipient performs the same hashing function to compare the hash sent with message, if both match then integrity is verified Because only the public key can be used to decrypt a message signed with the private key, signing proves non-repudiation

Public key encryption uses Confidentiality: – encrypt with your public key – only your private key can decrypt Data Integrity: – digital signing ensures that a message is not changed Authentication: – ensures a specific private key was used to sign the message Non-Repudiation: – recipient can be sure that only the owner signed the message (if key not compromised)

Algorithms Public key encryption is slow, inefficient for large amounts of data RSA: Ron Rivest, Adi Shamir, Leonard Adleman – Now free and de facto standard Diffie-Hellman: Whitfield Diffie and Martin Hellman – Enables two people to exchange a secret key over an insecure medium without first agreeing on a shared secret – used to establish a VPN tunnel Elliptic Curve cryptography: – Uses secure shorter keys for small storage spaces- smart cards and handhelds

Combining symmetric and asymmetric encryption The EFS process: – OS creates a random File Encryption Key – Symmetric algorithm (3DES, DES) used to encrypt the file using the FEK as the key – OS retrieves the users public key from users profile – OS uses RSA to encrypt the FEK with the users public key and stores in DDF field of header – OS retrieves the public key for each EFS recovery agent – OS uses RSA to encrypt the FEK of each recovery agent with their public key and stores in DRF field of file header To open file: – OS retrieves users private key – stored on users computer – OS uses RSA with users private key to decrypt DDF and retrieve FEK – OS uses FEK to decrypt the file

Summary Why we use encryption What the term cryptography means and why we use it in computer security How symmetric encryption, hash functions and public key or asymmetric encryption work Applying cryptography and uses of cryptographic functions