© institut international des télécommunications., 2005 ip security – session 2 – cryptography...

Post on 19-Dec-2015

215 Views

Category:

Documents

1 Downloads

Preview:

Click to see full reader

TRANSCRIPT

© Institut international des télécommunications., 2005

IP Security – Session 2 – Cryptography and PKI

www.iitelecom.com

burt.crepeault@iitelecom.com

© IITelecom, 2005

2

Cryptography, the key to security

Learning objectives:

Participants will be able to: Explain the purpose of encryption Briefly describe the different types of encryption and illustrate these by

means of examples Explain the problems relating to key management Identify the elements comprising a PKI infrastructure

© IITelecom, 2005

3

Cryptography, the key to security

Topics covered: Symmetrical/asymmetrical encryption Encryption algorithms Encryption modes Hashing functions Digital signatures Key management Diffie-Hellman algorithm Digital certificates Certification authorities PKI infrastructure

© IITelecom, 2005

4

Cryptography

Why?

The word cryptography comes from the Greek: – Kruptos which means hidden – Graphien which means to write

Cryptography is the art of encoding data by means of the encryption process.

To satisfy the following needs:– Authentication– Confidentiality– Integrity– Non-repudiation

© IITelecom, 2005

5

Cryptography

A few definitions!

Plaintext:– The original text (message) before being encrypted

Ciphertext:– The text (message) after the encryption process

Encryption:– Process by means of which plaintext is converted into ciphertext

Decryption:– Process by means of which ciphertext is converted into plaintext

© IITelecom, 2005

6

Cryptography

A few definitions (cont’d)!

Encryption Algorithm:– A series of operations used to encrypt and decrypt data

Encryption Key:– A sequence of symbols used by the encryption algorithm when data

encryption and decryption takes place. Without it, it is impossible to return to plaintext.

Cryptology:– Cryptology is a mathematical science comprising two streams: cryptography

and cryptanalysis. Cryptanalysis:

– The opposite of cryptography, cryptanalysis seeks weaknesses in order to decrypt ciphertext.

© IITelecom, 2005

7

Cryptography

Regular text <=> algorithm <=> crypto-text– Algorithm only

Secret and vulnerable algorithm

– Algorithm + key = lock Public algorithm remains secure. The key is the key to the secret.

Plaintext

Algorithm Ciphertext

Encryption key

© IITelecom, 2005

8

Cryptography

There are two types of encryption:

Symmetrical (or secret key):– The same key and the same encryption algorithm are used to encrypt and

decrypt the information.

Encryption Decryption

This is an example of secret key encryption.

This is an example of secret key encryption.

© IITelecom, 2005

9

Cryptography

There are two types of encryption (cont’d):

Asymmetrical (or public key):– The same key is not used to encrypt and decrypt the information. Each user

has two keys; one is private and the other public.

encryption decryptionB B

This is an example of public key encryption.

This is an example of public key encryption.

© IITelecom, 2005

10

Cryptography

1- Symmetrical encryption

(secret key)

animation1.swf

© IITelecom, 2005

11

Cryptography

2- Asymmetrical encryption

(public key)

animation2.swf

© IITelecom, 2005

12

Cryptography

Cryptography applications

Public key network (PEM, PGP)

Public key certification (X.509)

Digital signature (DSA)

Content cryptography (PEM, PGP)

© IITelecom, 2005

13

Cryptography

Limitations of the public key

Keys that are shorter than 512 bits (154 digits) are not secure

1,024 is ideal (308 digits)

Keys can be distributed or reset on a public key server

Key authentication is necessary

© IITelecom, 2005

14

Cryptography

Authentication

Ensures the identities of the sender and the receiver as well as the source of the message.

XMy name is A!

© IITelecom, 2005

15

Cryptography

Examples of encryption algorithms…

Asymmetrical :(or public key)

– RSA– ElGamal– DSA

Symmetrical:(or secret key)

– DES and triple DES (3DES)– IDEA– RC-4, RC-5, RC-6 – AES

© IITelecom, 2005

16

Cryptography

Encryption methods

Stream Cipher– One byte at a time is encrypted using the key

Block Cipher– A block of bytes are taken together before being encrypted– Block size depends on the algorithm

© IITelecom, 2005

17

Cryptography

Block encryption modes

There are four block encryption modes: ECB (Electronic Code Book) CBC (Cipher-Block Chaining) CFB (Cipher Feedback) OFB (Output Feedback)

More details at

http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation

© IITelecom, 2005

18

Cryptography

Encryption modes

Data to be encrypted Using ECB mode Using Chaining or Feedback mode

* Images from wikipedia.org

© IITelecom, 2005

19

Cryptography

DES: Data Encryption Standard

Early 70 IBM Block cipher 56-bit key (short) 8-byte block size, repetitive up to 16 times CBC and CFB are more secure Used in many applications Considered insecure

© IITelecom, 2005

20

Cryptography

3DES: Triple Data Encryption Standard

1999 IBM Block cipher 168-bit key 8-byte (64-bit) block size, repetitive up to 16 times Used in many applications Considered insecure

© IITelecom, 2005

21

Cryptography

IDEA: International Data Encryption Algorithm

1991 by James Massey and Xuejia Lai Block Cipher 128-bit key 8-byte cryptography repetitive up to 8 times Used in Pretty Good Privacy (PGP) for e-mail encryption Considered secure

© IITelecom, 2005

22

Cryptography

IDEA(in detail)

A1 A2

X

* separation into 16-bit blocks DATA (64 bits)

K1

A3 A4

+K2 + K3 XK4

#

#

+

XK5

+

X K6

##

# #

X K7 +K8 + K9 XK10

#

#

+

XK11

+

X K12

##

# #

X K49 +K50 + K51 XK52

E1 E2 E3 E4

C1 C2 C3 C4

© IITelecom, 2005

23

Cryptography

RSA

1997 by Ronald L. Rivest, Adi Shamir, Leonard M. Adleman Block Cipher Based on factoring of prime numbers containing 300 or more digits 1,500 times slower than DES Variable block and key sizes Used in many applications Considered insecure

– Liable to a factoring attack

© IITelecom, 2005

24

Cryptography

RC-4

Rivest Cipher 4 Stream cipher: one byte at a time Simple, reversible operation: Binary XOR Used by SSL and Wi-Fi WEP and TKIP Considered secure in many cases but subject to “weak keys”

© IITelecom, 2005

25

Cryptography

Rijndael

1998 by Joan Daemen and Vincent Rijmen Block Cipher Key sizes: 128, 192 or 256 bits Block size: 16 bytes (128 bits) Used by 802.11i RSN (Wireless LAN) Considered secure

© IITelecom, 2005

26

Cryptography

Hashing functions

Goal: to ensure that the data have not been altered (integrity)

Characteristics: coherence, uniqueness and non-reversibility

The message (plaintext) is hashed to produce a checksum (condensed).

Used only for comparison; recalculating the checksum allows us to ensure that no changes have been made to the message.

It is a unilateral process. Hashing + public key encryption = digital signatures

Checksum

Plaintext

© IITelecom, 2005

27

CryptographyExample of the hashing function - Animation

3- Hashing functions

animation3.swf

© IITelecom, 2005

28

Cryptography

Hashing functions

MD5

• Produces a 128-bit checksum

• Processes incoming data in blocks of 512 bits (16 32-bit blocks)

• 4 repetitions of 16 operations

• The result is 4 32-bit blocks

SHA

• Produces a 160-bit checksum

• Processes incoming data in blocks of 512 bits (16 32-bit blocks–> 80 32-bit blocks)

• 4 repetitions of 20 operations

• The result is 5 32-bit blocks

© IITelecom, 2005

29

Cryptography

Digital signatures

Objective: to ensure the integrity of the data and the authentication of the message

Characteristics: authentic, unalterable, cannot be re-used or copied

The signature is a cryptography.

The signature is different every time.

Operates in the same manner as encrypted public keys

© IITelecom, 2005

30

CryptographyExample of symmetrical encryption - Animation

4- Digital signature

animation4.swf

© IITelecom, 2005

31

Cryptography

Examples of commercial applications

RSA is used for the signature by PGP and PEM

DSS is the U.S. standard for digital signatures

© IITelecom, 2005

32

Cryptography

Key management

… involves five major steps:

Generates keys that are difficult to crack

Distributes them in a secure manner

Certifies that they are usable

Protects them at the time of their use

Revokes them when they are compromised

© IITelecom, 2005

33

Cryptography

Key management

Generates keys that are difficult to crack

= 000000000000000000000...

© IITelecom, 2005

34

Cryptography

Key management

Distributes them in a secure manner

© IITelecom, 2005

35

Cryptography

Key management

Certifies that they are usable

Protects them at the time of their use

Revokes them when they are compromised

© IITelecom, 2005

36

CryptographySecret key

management

KDC

computer pirate

shared key

sharedkey

shared key

sharedkey

sharedkey

© IITelecom, 2005

37

Cryptography

Diffie-Hellman

session key

clé desession

encryption decryption

sessionkey

BB

© IITelecom, 2005

38

Cryptography

Diffie-Hellman

x, y2.

I = x i mod y J = x j mod y3,4.

I, J5.

K = J i mod y K' = I j mod yK = K'

6,7.

8.

session key

© IITelecom, 2005

39

Cryptography

Diffie-Hellman

x, y

I = xi mod y J = x j mod y

I, J

K = J i mod y K' = I j mod y

K = K' K = K'

session key

© IITelecom, 2005

40

Cryptography

Public key management

Certification authority I want to receive A’s public key!

I want to receive B’s public key!

© IITelecom, 2005

41

Cryptography

Digital certificates Digital certificates are electronic folders containing the public key and

information on the user as well as the CA’s signature. The following information is found on a X.509 certificate:

– The certificate’s version number – The certificate’s serial number – The algorithm used to sign the certificate – The certificate’s issuer – The certificate’s retention period – The public key issuer – Information on the public key – Extensions introduced by versions 2 and 3 – The issuer’s digital signature

© IITelecom, 2005

42

Cryptography

Certification authority

This is a trusted third party entrusted with issuing digital certificates and managing them throughout their retention periods.

© IITelecom, 2005

43

Cryptography

Acquisition of a digital certificate

CA

11

A

encryption

22

A

33

44

CA certificate

Form

Form

Completed

A’scertificate

Form

Completed

Form

decryption

CA

CA

CA

A

© IITelecom, 2005

44

Cryptography

Obtained from a public key through a CA

CA

22

33

44

11

55

B’s certificate

B’s certificate

B’s certificate

A’scertificateCA’s signature

CA

A

CA

B

© IITelecom, 2005

45

Cryptography

Public key certification

Ensures that the public key is definitely that of the correspondent X.509 standard Distribution of public keys by means of certificates Hierarchical certification structure

– Internet certification authority (ICA)– Policy certification authorities (PCA)– The members are X.509

Names and directories according to X.500

© IITelecom, 2005

46

Cryptography

Visa / Mastercard (SET) example

RootAC

MasterCard

ACAC

V. Europe V. U.S.

AC AC

Client Merchant

AC

CA: certification authorityCA: certification authority

AC

Visa

© IITelecom, 2005

47

Cryptography

Public key certification (cont’d)

Public key sent to everyone by the CA – Full user identification – User’s public key – Certificate retention dates – Certificate’s digital signature by the CA by means of its private key – Encrypted with RSA and MD2 or MD5

Verification by a user – Acquires or receives the signed certificate – Decrypts with the CA’s public key – Verifies the signature of the new public key – Keeps and uses this new public key

© IITelecom, 2005

48

CryptographyHierarchical certification model

A’s certificate

B’s certificate

CA (1)’s certificate

CA (3)’s certificate

CA (1)’s certificate

CA (2)’s certificate

CA (3)’s certificate

CA (4)’s certificate CA (3)’s

certificate

CA (4)’s certificate

C’s certificate

CA (2)’s certificate

CA (3)’s certificate

A’s certificate

CA (1)’s certificate

B’s certificate

CA (1)’s certificate

C’s certificate

CA (2)’s certificate

CA(3)

CA(4)

CA(2)

CA(1)

© IITelecom, 2005

49

Cryptography

Web certification model

Digitally signed by

C

Digitally signed byB

Digitallysigned by A

Digitally signed byC

Digitallysigned byC

Digitally signed by A/B

Digitally signed by C

A’s certificate

B’s certificate

C’s certificate

C’s certificate

A’s certificate

C’s certificate

B’s certificate

© IITelecom, 2005

50

Cryptography

Characteristics of an internal CA

The CA’s public key must be long enough.

The CA’s public key should ideally be signed by a higher level CA.

The CA’s public key must be protected.

There are clear procedures and rules.

The CA must be valid at all times.

© IITelecom, 2005

51

Cryptography

LDAP (Lightweight Directory Access Protocol)

RFC 1777 for LDAP v.2 standard RFC 2251 for LDAP v.3 standard

LDAP provides the user with methods for: Connecting Disconnecting Researching information Comparing information Inserting entries Editing entries Deleting entries

© IITelecom, 2005

52

Cryptography

Public key infrastructure (PKI)

Series of solutions based on public key cryptography and digital

signatures

A public key infrastructure offers the necessary assurance for the secure

transmission of information over a non-secure network like the Internet.

A public key infrastructure is an essential component for e-commerce.

© IITelecom, 2005

53

Cryptography

The role of the PKI is: To register applications To generate pairs of keys (private key/public key) To guarantee the confidentiality of the private key To certify public keys To co-certify public keys To update keys To revoke keys

© IITelecom, 2005

54

Conclusion

Cryptography is a key element to any security solution

It provides mechanisms that ensure: Privacy (encryption) Authentication (digital signature) Integrity (hashing) Non-repudiation (digital signature)

Many cryptographic algorithms exist and therefore many commercially available systems

Cryptography is supported by surrounding technology Key exchange Key management Certification

top related