© institut international des télécommunications., 2005 ip security – session 2 – cryptography...
Post on 19-Dec-2015
215 Views
Preview:
TRANSCRIPT
© Institut international des télécommunications., 2005
IP Security – Session 2 – Cryptography and PKI
www.iitelecom.com
burt.crepeault@iitelecom.com
© IITelecom, 2005
2
Cryptography, the key to security
Learning objectives:
Participants will be able to: Explain the purpose of encryption Briefly describe the different types of encryption and illustrate these by
means of examples Explain the problems relating to key management Identify the elements comprising a PKI infrastructure
© IITelecom, 2005
3
Cryptography, the key to security
Topics covered: Symmetrical/asymmetrical encryption Encryption algorithms Encryption modes Hashing functions Digital signatures Key management Diffie-Hellman algorithm Digital certificates Certification authorities PKI infrastructure
© IITelecom, 2005
4
Cryptography
Why?
The word cryptography comes from the Greek: – Kruptos which means hidden – Graphien which means to write
Cryptography is the art of encoding data by means of the encryption process.
To satisfy the following needs:– Authentication– Confidentiality– Integrity– Non-repudiation
© IITelecom, 2005
5
Cryptography
A few definitions!
Plaintext:– The original text (message) before being encrypted
Ciphertext:– The text (message) after the encryption process
Encryption:– Process by means of which plaintext is converted into ciphertext
Decryption:– Process by means of which ciphertext is converted into plaintext
© IITelecom, 2005
6
Cryptography
A few definitions (cont’d)!
Encryption Algorithm:– A series of operations used to encrypt and decrypt data
Encryption Key:– A sequence of symbols used by the encryption algorithm when data
encryption and decryption takes place. Without it, it is impossible to return to plaintext.
Cryptology:– Cryptology is a mathematical science comprising two streams: cryptography
and cryptanalysis. Cryptanalysis:
– The opposite of cryptography, cryptanalysis seeks weaknesses in order to decrypt ciphertext.
© IITelecom, 2005
7
Cryptography
Regular text <=> algorithm <=> crypto-text– Algorithm only
Secret and vulnerable algorithm
– Algorithm + key = lock Public algorithm remains secure. The key is the key to the secret.
Plaintext
Algorithm Ciphertext
Encryption key
© IITelecom, 2005
8
Cryptography
There are two types of encryption:
Symmetrical (or secret key):– The same key and the same encryption algorithm are used to encrypt and
decrypt the information.
Encryption Decryption
This is an example of secret key encryption.
This is an example of secret key encryption.
© IITelecom, 2005
9
Cryptography
There are two types of encryption (cont’d):
Asymmetrical (or public key):– The same key is not used to encrypt and decrypt the information. Each user
has two keys; one is private and the other public.
encryption decryptionB B
This is an example of public key encryption.
This is an example of public key encryption.
© IITelecom, 2005
10
Cryptography
1- Symmetrical encryption
(secret key)
animation1.swf
© IITelecom, 2005
11
Cryptography
2- Asymmetrical encryption
(public key)
animation2.swf
© IITelecom, 2005
12
Cryptography
Cryptography applications
Public key network (PEM, PGP)
Public key certification (X.509)
Digital signature (DSA)
Content cryptography (PEM, PGP)
© IITelecom, 2005
13
Cryptography
Limitations of the public key
Keys that are shorter than 512 bits (154 digits) are not secure
1,024 is ideal (308 digits)
Keys can be distributed or reset on a public key server
Key authentication is necessary
© IITelecom, 2005
14
Cryptography
Authentication
Ensures the identities of the sender and the receiver as well as the source of the message.
XMy name is A!
© IITelecom, 2005
15
Cryptography
Examples of encryption algorithms…
Asymmetrical :(or public key)
– RSA– ElGamal– DSA
Symmetrical:(or secret key)
– DES and triple DES (3DES)– IDEA– RC-4, RC-5, RC-6 – AES
© IITelecom, 2005
16
Cryptography
Encryption methods
Stream Cipher– One byte at a time is encrypted using the key
Block Cipher– A block of bytes are taken together before being encrypted– Block size depends on the algorithm
© IITelecom, 2005
17
Cryptography
Block encryption modes
There are four block encryption modes: ECB (Electronic Code Book) CBC (Cipher-Block Chaining) CFB (Cipher Feedback) OFB (Output Feedback)
More details at
http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation
© IITelecom, 2005
18
Cryptography
Encryption modes
Data to be encrypted Using ECB mode Using Chaining or Feedback mode
* Images from wikipedia.org
© IITelecom, 2005
19
Cryptography
DES: Data Encryption Standard
Early 70 IBM Block cipher 56-bit key (short) 8-byte block size, repetitive up to 16 times CBC and CFB are more secure Used in many applications Considered insecure
© IITelecom, 2005
20
Cryptography
3DES: Triple Data Encryption Standard
1999 IBM Block cipher 168-bit key 8-byte (64-bit) block size, repetitive up to 16 times Used in many applications Considered insecure
© IITelecom, 2005
21
Cryptography
IDEA: International Data Encryption Algorithm
1991 by James Massey and Xuejia Lai Block Cipher 128-bit key 8-byte cryptography repetitive up to 8 times Used in Pretty Good Privacy (PGP) for e-mail encryption Considered secure
© IITelecom, 2005
22
Cryptography
IDEA(in detail)
A1 A2
X
* separation into 16-bit blocks DATA (64 bits)
K1
A3 A4
+K2 + K3 XK4
#
#
+
XK5
+
X K6
##
# #
X K7 +K8 + K9 XK10
#
#
+
XK11
+
X K12
##
# #
X K49 +K50 + K51 XK52
E1 E2 E3 E4
C1 C2 C3 C4
© IITelecom, 2005
23
Cryptography
RSA
1997 by Ronald L. Rivest, Adi Shamir, Leonard M. Adleman Block Cipher Based on factoring of prime numbers containing 300 or more digits 1,500 times slower than DES Variable block and key sizes Used in many applications Considered insecure
– Liable to a factoring attack
© IITelecom, 2005
24
Cryptography
RC-4
Rivest Cipher 4 Stream cipher: one byte at a time Simple, reversible operation: Binary XOR Used by SSL and Wi-Fi WEP and TKIP Considered secure in many cases but subject to “weak keys”
© IITelecom, 2005
25
Cryptography
Rijndael
1998 by Joan Daemen and Vincent Rijmen Block Cipher Key sizes: 128, 192 or 256 bits Block size: 16 bytes (128 bits) Used by 802.11i RSN (Wireless LAN) Considered secure
© IITelecom, 2005
26
Cryptography
Hashing functions
Goal: to ensure that the data have not been altered (integrity)
Characteristics: coherence, uniqueness and non-reversibility
The message (plaintext) is hashed to produce a checksum (condensed).
Used only for comparison; recalculating the checksum allows us to ensure that no changes have been made to the message.
It is a unilateral process. Hashing + public key encryption = digital signatures
Checksum
Plaintext
© IITelecom, 2005
27
CryptographyExample of the hashing function - Animation
3- Hashing functions
animation3.swf
© IITelecom, 2005
28
Cryptography
Hashing functions
MD5
• Produces a 128-bit checksum
• Processes incoming data in blocks of 512 bits (16 32-bit blocks)
• 4 repetitions of 16 operations
• The result is 4 32-bit blocks
SHA
• Produces a 160-bit checksum
• Processes incoming data in blocks of 512 bits (16 32-bit blocks–> 80 32-bit blocks)
• 4 repetitions of 20 operations
• The result is 5 32-bit blocks
© IITelecom, 2005
29
Cryptography
Digital signatures
Objective: to ensure the integrity of the data and the authentication of the message
Characteristics: authentic, unalterable, cannot be re-used or copied
The signature is a cryptography.
The signature is different every time.
Operates in the same manner as encrypted public keys
© IITelecom, 2005
30
CryptographyExample of symmetrical encryption - Animation
4- Digital signature
animation4.swf
© IITelecom, 2005
31
Cryptography
Examples of commercial applications
RSA is used for the signature by PGP and PEM
DSS is the U.S. standard for digital signatures
© IITelecom, 2005
32
Cryptography
Key management
… involves five major steps:
Generates keys that are difficult to crack
Distributes them in a secure manner
Certifies that they are usable
Protects them at the time of their use
Revokes them when they are compromised
© IITelecom, 2005
33
Cryptography
Key management
Generates keys that are difficult to crack
= 000000000000000000000...
© IITelecom, 2005
34
Cryptography
Key management
Distributes them in a secure manner
© IITelecom, 2005
35
Cryptography
Key management
Certifies that they are usable
Protects them at the time of their use
Revokes them when they are compromised
© IITelecom, 2005
36
CryptographySecret key
management
KDC
computer pirate
shared key
sharedkey
shared key
sharedkey
sharedkey
© IITelecom, 2005
37
Cryptography
Diffie-Hellman
session key
clé desession
encryption decryption
sessionkey
BB
© IITelecom, 2005
38
Cryptography
Diffie-Hellman
x, y2.
I = x i mod y J = x j mod y3,4.
I, J5.
K = J i mod y K' = I j mod yK = K'
6,7.
8.
session key
© IITelecom, 2005
39
Cryptography
Diffie-Hellman
x, y
I = xi mod y J = x j mod y
I, J
K = J i mod y K' = I j mod y
K = K' K = K'
session key
© IITelecom, 2005
40
Cryptography
Public key management
Certification authority I want to receive A’s public key!
I want to receive B’s public key!
© IITelecom, 2005
41
Cryptography
Digital certificates Digital certificates are electronic folders containing the public key and
information on the user as well as the CA’s signature. The following information is found on a X.509 certificate:
– The certificate’s version number – The certificate’s serial number – The algorithm used to sign the certificate – The certificate’s issuer – The certificate’s retention period – The public key issuer – Information on the public key – Extensions introduced by versions 2 and 3 – The issuer’s digital signature
© IITelecom, 2005
42
Cryptography
Certification authority
This is a trusted third party entrusted with issuing digital certificates and managing them throughout their retention periods.
© IITelecom, 2005
43
Cryptography
Acquisition of a digital certificate
CA
11
A
encryption
22
A
33
44
CA certificate
Form
Form
Completed
A’scertificate
Form
Completed
Form
decryption
CA
CA
CA
A
© IITelecom, 2005
44
Cryptography
Obtained from a public key through a CA
CA
22
33
44
11
55
B’s certificate
B’s certificate
B’s certificate
A’scertificateCA’s signature
CA
A
CA
B
© IITelecom, 2005
45
Cryptography
Public key certification
Ensures that the public key is definitely that of the correspondent X.509 standard Distribution of public keys by means of certificates Hierarchical certification structure
– Internet certification authority (ICA)– Policy certification authorities (PCA)– The members are X.509
Names and directories according to X.500
© IITelecom, 2005
46
Cryptography
Visa / Mastercard (SET) example
RootAC
MasterCard
ACAC
V. Europe V. U.S.
AC AC
Client Merchant
AC
CA: certification authorityCA: certification authority
AC
Visa
© IITelecom, 2005
47
Cryptography
Public key certification (cont’d)
Public key sent to everyone by the CA – Full user identification – User’s public key – Certificate retention dates – Certificate’s digital signature by the CA by means of its private key – Encrypted with RSA and MD2 or MD5
Verification by a user – Acquires or receives the signed certificate – Decrypts with the CA’s public key – Verifies the signature of the new public key – Keeps and uses this new public key
© IITelecom, 2005
48
CryptographyHierarchical certification model
A’s certificate
B’s certificate
CA (1)’s certificate
CA (3)’s certificate
CA (1)’s certificate
CA (2)’s certificate
CA (3)’s certificate
CA (4)’s certificate CA (3)’s
certificate
CA (4)’s certificate
C’s certificate
CA (2)’s certificate
CA (3)’s certificate
A’s certificate
CA (1)’s certificate
B’s certificate
CA (1)’s certificate
C’s certificate
CA (2)’s certificate
CA(3)
CA(4)
CA(2)
CA(1)
© IITelecom, 2005
49
Cryptography
Web certification model
Digitally signed by
C
Digitally signed byB
Digitallysigned by A
Digitally signed byC
Digitallysigned byC
Digitally signed by A/B
Digitally signed by C
A’s certificate
B’s certificate
C’s certificate
C’s certificate
A’s certificate
C’s certificate
B’s certificate
© IITelecom, 2005
50
Cryptography
Characteristics of an internal CA
The CA’s public key must be long enough.
The CA’s public key should ideally be signed by a higher level CA.
The CA’s public key must be protected.
There are clear procedures and rules.
The CA must be valid at all times.
© IITelecom, 2005
51
Cryptography
LDAP (Lightweight Directory Access Protocol)
RFC 1777 for LDAP v.2 standard RFC 2251 for LDAP v.3 standard
LDAP provides the user with methods for: Connecting Disconnecting Researching information Comparing information Inserting entries Editing entries Deleting entries
© IITelecom, 2005
52
Cryptography
Public key infrastructure (PKI)
Series of solutions based on public key cryptography and digital
signatures
A public key infrastructure offers the necessary assurance for the secure
transmission of information over a non-secure network like the Internet.
A public key infrastructure is an essential component for e-commerce.
© IITelecom, 2005
53
Cryptography
The role of the PKI is: To register applications To generate pairs of keys (private key/public key) To guarantee the confidentiality of the private key To certify public keys To co-certify public keys To update keys To revoke keys
© IITelecom, 2005
54
Conclusion
Cryptography is a key element to any security solution
It provides mechanisms that ensure: Privacy (encryption) Authentication (digital signature) Integrity (hashing) Non-repudiation (digital signature)
Many cryptographic algorithms exist and therefore many commercially available systems
Cryptography is supported by surrounding technology Key exchange Key management Certification
top related