C839-ECES--Cipher block-HASH-Cryptanalysis
EC Formula
(y2 = x3 + Ax + B) - Developed by Victor Miller and Neil Koblitz in 1985
CHAP
Challenge Handshake Authentication Protocol - Calculates a hash, shares the hash with the client system, the hash is periodically validated to ensure nothing has changed.
Asynchronous
Encryption or decryption requests are processed in queues - typically used with block ciphers.
Euler's totient
Function can be computed as: ϕ(n) = (p − 1)(q − 1) Key part of RSA Algorithm - uses property xt+1 = x (mod n) Looking about the numbers that are relatively prime to the number or co-prime to the number associated with that number. Example, the totatives of n = 9 are the six numbers 1, 2, 4, 5, 7 and 8. They are all relatively prime to 9, but the other three numbers in this range, 3, 6, and 9 are not.
LSB - Least Significant Bit
In Steganography, often chosen to hide data as they are typically padding or other parts that do not affect what the data is hidden in.
Digital Signature Algorithm - DSA
Standard for Digital Signatures • Described in U.S. patent 5,231,668 filed 1991 and attributed to David Kravitz • Adopted by the U.S. Government in 1993 with FIPS 186 • Variant of ElGamal signature scheme
Symmetric Encryption
AKA- Secret-key encryption - A single key is used to encrypt and decrypt. • Examples: DES, 3DES, DESX, AES, Blowfish, Serpent, Twofish, Skipjack, IDEA • Weakness - Key Exchange - There's only one key, and it's difficult to only have both parties who need the key to have it. It typically needs to be sent via another medium than the message or else it could be compromised by the attacker.
AES-256
Approved by NSA for Top Secret information.
Elliptic Curve Cryptography (EC or ECC)
Asymmetric Key Algorithm, provides encryption, digital signatures, key exchange, based on the idea of using points on a curve to define the public/private key, used in wireless devices and smart cards. The security is based on the fact that finding the discrete logarithm of a random elliptic curve element with respect to a publicly known base point is difficult to the point of being impractical to do so. (y2 = x3 + Ax + B) - Developed by Victor Miller and Neil Koblitz in 1985 • Elliptic Curve Diffie-Helmann (used for key exchange) • Elliptic Curve Digital Signature Algorithm (ECDSA) • Elliptic Curve MQV key agreement protocol
RC4
Asymmetric Stream Cipher - Stream generated by 2 parts; Permutation of all 256 possible bits and two 8 bit index-pointers. Variable Key length between 1 bit and 2048 bits. Data stream is XORed with the Key. Developed by Ron Rivest in 1987.
ElGamal
Based on Diffie-Helmann and was invented in 1984 by Taher Elgamal. It is used in PGP implementations and GNU Privacy Guard software. The algorithm is comprised of 3 parts: the key generator, the encryption algorithm, and the decryption algorithm. This was made publicly available.
PIKE
Based on FISH but faster and stronger. - Developed by Ross Anderson.
Linear Attack
Based on finding affine or related approximations to the action of the cipher. Commonly used on block ciphers. Uses linear approximation to describe the behavior of the block cipher. Developed by Mitsarue Matsui.
Symmetric Algorithms
Best for large amounts of data. 2 types: Stream and Block. • Block cipher divides the data into blocks and encrypts the data one block at time • Stream ciphers encrypt the data as a stream of bits, one bit at a time • Examples: DES, 3DES, DESX, AES, Blowfish, Serpent, Twofish, Skipjack, IDEA
GOST
Block cipher - (Magma) - defined in the standard GOST 28147-89 (RFC 5830), is a Soviet and Russian government standard symmetric key block cipher with a block size of 64 bit and key length of 256 bits
CAST-256
Designed by Carlisle Adams, Stafford Tavares, Howard Heys, and Michael Wiener. Operates on 128 bit blocks and has a key size of 128, 160, 192, 224 or 256 bits. Encryption has 48 rounds.
GMAC
Designed for 128-bit block ciphers - takes three values as input—the key, the message to authenticate, and a nonce
RIPEMD-160
Hash-Created by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 160 bit output size, 512 bit block size, 32 bit word size, 80 rounds.
ADFGVX Cipher
Invented by Colonel Fritz Nebel in 1918. It is a 6x6 grid with ___ at the top of each column and beginning of each row. The 26 letters and numbers 0-10 are placed randomly on the table. You then replace each character of your message with two characters which are represented by the column followed by the row each character is present in.
Atbash Cipher
Invented by the ancient Hebrew - Single substitution monoalphabetic cipher that substitutes each letter with its reverse (a and z, b and y, etc).
Discrete Cosine Transform
Method used to hide information in a video file. Alters values of certain parts of the images , it usually round them up.
Caesar Cipher
Monoalphabetic cipher where letters are shifted one or more letters in either direction.
Asymmetric Algorithms Examples
PGP, RSA, SSL, TLS
SHA-1
Secure Hashing Algorithm - based on MD4 - Designed by NSA • 160 bit output size • 512 bit block size • 40 bit word size • 80 rounds • Weakness - Collisions
AES
Symmetric algorithm - FIPS 197 - Replaced DES in 2001. Key size: 128, 192 and 256 bits. 10 rounds for 128 bits, 12 for 192 bits, 14 for 256 bit keys. Block size is 128 bit for each key size. Uses a substitution/permutation matrix instead of a Feistel cipher. Rijndael Algorithm 1. SubBytes - non-linear substitution - uses Rijndael S-box 2. Shiftrows - transposition 3. MixColumns - mixing 4. AddRoundKey
Global Deduction
The attacker discovers an equivalent algorithm for encryption and decryption, but we don't get the key. Basically, we would figure out the encryption type but not get the key.
Fibonacci sequence
The next number is derived from adding together the prior two numbers (1, 1, 2, 3, 5, 8, 13, 21, 34, 55, 89).
One Time Pad - OTP
Unbreakable Encryption. Separate substitution for each character - key is as long as the text. Cumbersome and often impractical
Mersenne Prime Formula
Used for finding a prime number. Defined as a prime number that is one less than a power of two: (Mn = 2ⁿ -1). Fails on 11 and many other values. (Note: Mn - the n should be subscript)
Fermat Prime Formula
Used for finding a prime number: (Fn = 2²ⁿ + 1) (Note: Fn - the n should be subscript). The only known Fermat primes are the first five Fermat numbers: F0=3, F1=5, F2=17, F3=257, and F4=65537.
SSL
Used for secure transactions on the World Wide Web/Internet, created by Netscape in the mid-1990s. Asymmetric. Four step process: 1) Web browser asks the server for validation. 2) The website responds with its SSL certificate. 3) The web browser checks the certificate against a CA to see if it is trustworthy/legitimate. 4) The server sends back a digitally signed acknowledgement and a session is started.
Differential Cryptanalysis
Used in symmetric cryptography only. It is a specific targeted approach to try to break symmetric key cryptography. Examines the differences in input and how it affects the output. Essentially you are reviewing the avalanche effect and trying to reverse engineer it.
PAP - Password Authentication Protocol
Used to authenticate users, but is no longer used because the information was sent in cleartext.
Multi-Alphabet Substitution Cipher
Uses at least two different shifts, changing the shift with different letters in the plain text. Doing something like +1, -2, +3 and shifting each character a different amount to the left or right. For example, doing +1, -2, +3 with dog would results in emj.
Propagating Cipher Block Chaining (PCBC)
Variation of CBC with the prior cipher text included as well. You take the previous plaintext and ciphertext, XOR them, and then XOR them with the next block's plaintext. Designed to cause small changes in ciphertext to propagate indefinitely when encrypting and decrypting. Also called Plaintext Cipher-Clock Chaining.
Output Feedback (OFB)
Very similar to CFB, the only difference is that the output after the encryption is used as the IV for the next round prior to XORing it with plaintext, while CFB does the XOR prior to becoming the IV for the next round. It acts like a stream cipher since each bit is encrypted with the key individually and is then sent to act as the IV, one bit at a time for the next round.
3 Cryptanalysis Resources
• Time (amount of time needed to perform the number of calculations to crack encryption) • Memory (the amount of storage required to perform the attack) • Data (the amount of plaintext/ciphertext required for the attack)
AES Phases
1. SubBytes - non-linear substitution - uses Rijndael S-box 2. Shiftrows - transposition 3. MixColumns - mixing 4. AddRoundKey
FORK256
512 block size - Each block is hashed into a 256-bit block through four branches that divides each 512 block into sixteen 32-bit words that are further encrypted and rearranged
EAP
A framework that allows for creation of different ways to provide authentication, such as smart cards.
Linear Cryptanalysis
A known plaintext attack (an attack that has access to the plaintext). Uses a linear approximation (similar to Minesweeper). You are learning where things are and how slight changes lead to deciphering the encryption. You are essentially changing one bit of the known plaintext and comparing the result against the known plaintext to be able to analyze the differences between the two ciphertexts. This will allow you to potentially recover the key, one bit at a time.
Initialization Vector (IV)
A non-secret binary vector used as the initializing input algorithm for encryption of a plaintext block sequence to increase security by introducing additional cryptographic variance. Fixed size input to a cryptographic primitive that is random or pseudo-random
Hash
A one-way mathematical operation that reduces a message or data file into a smaller fixed length output, or hash value. • Takes variable-size input and returns a fixed size string. • Iterative • Typical length of 512 bits • Examples: Gost, MD5, SHA, RIPEMD, FORK, TIGER • Non-Reversible
Menezes-Qu-Vanstone (MQV)
A protocol used for key agreement that is based on Diffie-Helmann. It is incorporated in the public key standard IEEE P1363.
Kasiski Method
A type of frequency analysis used to attack polyalphabetic substitution ciphers. It's used to try to discover patterns and use that information to decrypt the cipher.
Pseudo Random Number Generators (PRNG)
Algorithms that can create long runs of numbers with good random properties, but eventually the sequence will repeat.
Non-Reversible Encryption types
All Hashes are non-reversible - Examples: Gost, MD5, SHA, RIPEMD, FORK, TIGER
Chosen Plaintext Attack
Allows manipulation of a cryptosystem by choosing a block of plaintext, and getting the ciphertext as output to see how things are enciphered.
Elliptical Curve Diffie-Hellman Ephemeral (ECDHE)
Changes session key every time, key exchanged over insecure network, mutual authentication, improvement over DHE, supports Perfect Forward Secrecy.
Cipher Block Chaining (CBC)
Ci = E(K,Pi ⊕ C i-1) - Each block of plaintext is XORed with the previous ciphertext block before being encrypted. The initial plaintext block has an IV added prior to encryption to produce a unique ciphertext value. Most commonly used Symmetric Algorithm Method
CBC-MAC
Classic method of turning a block cipher into a MAC
PGP - (Pretty Good Privacy)
Created by Philip Zimmermann in the 1990s. Sold to Symantec. PGP is a piece of software to allow the average person to encrypt and decrypt easily. It uses certificates. Often an add-on to encrypt e-mail.
Claude Shannon
Created the theory of the avalanche effect. Considered the founder of information theory with his paper published in 1948, A Mathematical Theory of Communication. He also wrote Communication Theory of Secrecy systems in 1949 which was on the mathematical theory of cryptography.
Diffusion
Each binary digit (bit) of the ciphertext should depend on several parts of the key, obscuring the connections between the two. Changes to one letter in plaintext changes multiple characters of the ciphertext.
IPSec
Encrypts not only the packet, but the header information as well. It also has protection against unauthorized re-transmission of packets. Uses IKE for Key exchange.
Counter Mode (CTR)
Essentially this is ECB, but instead of plaintext encrypted with the key a nonce (a random challenge) and an incrementing counter is used. This is then XORed with the plaintext to get the cipher text. Nothing is carried over to the next round like some of the prior methods. This is a stream cipher as well.
Integral Attack
Extension of differential attack. Looks at pairs of inputs that differ in only one bit position, with all others being identical. Particularly useful against block ciphers based on substitution-permutation.
Fish
FIbonacci SHrinking - published by Siemens in 1993 - Software based stream cipher using lagged Fibonacci generator along with concept borrowed from the shrinking generator ciphers. Weakness: Plaintext attacks
Blowfish
Fastest Symmetric algorithm. Designed in 1993 by Bruce Schneier. • Feistel cipher • 16 rounds • 64 bit blocks. • Key size ranges from 32 to 448 bits. • Designed as a replacement for DES.
Information Deduction
Gaining information or an understanding about plaintext or ciphertext that was not previously known. Similar to Local Deduction but you have not uncovered additional plaintext or ciphertext, just information regarding them.
RIPEMD
Hash - Created by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 128 bit output size, 512 bit block size, 32 bit word size, 48 rounds. In 2004, a collision was discovered.
MD6
Hash - Created by Ronald Rivest - Uses Merkle tree-like structure to allow for immense parallel computation of hashes for very long inputs.
MD4
Hash - Created by Ronald Rivest. 128 bit output size, 512 bit block size, 32 bit word size, 3 rounds. Considered very insecure - Not Reversible
MD5
Hash - Created by Ronald Rivest. Replaced MD4. 128 bit output size, 512 bit block size, 32 bit word size, 64 rounds. Infamously compromised by Flame malware in 2012. Not collision resistant - Not Reversible - RFC 1321
RIPEMD-128/256
Hash -Created by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 128/256 bit output size, 512 bit block size, 32 bit word size, 64 rounds.
Enigma Machine
Invented between World Wars, used by Germans and Japanese. Data could be transmitted both via radio or printed on paper. Designed so that when a key was pressed, the cipher text for that plain text was different each time. Was a multi-alphabet cipher with 26 possible alphabets.
Playfair Cipher
Invented by Charles Wheatstone in mid 1800s. Lord Playfair pushed use of it. Uses a 5x5 table and a key word. Rest of the alphabet is placed on table in alphabetic order, skipping letters used in the keyword. You break up the message into two character chunks and return a single character value. If the letters appear on the same row of your table, replace them with the letters to the right. If it is on the same column, replace them with the letters below.
Confusion
Making the relationship between a key and the ciphertext as complex as possible.
MAC
Message Authentication Code is a construction that detects tampering with messages. Formula = MAC(K, m)
Electronic Code Book (ECB)
Most basic mode - Ci = E(K,Pi) - Each block is encrypted independently, identical plaintext blocks are encrypted into identical ciphertext blocks. Only one round of encryption is done. Cannot diffuse/confuse or inject an initialization vector (IV) with this. Weakness: same plain text always produces the same cipher text.
Feistel Function
Named after German born physicist. • Basis for most block ciphers. • Split plaintext into 2 blocks, usually equal sizes. • Each round consists of XORing L with F(Ki, R) • As long as these are even, it is considered a traditional/normal Feistel Cipher. An unbalanced Feistel Cipher is when the basket does not split evenly.
PKI - Public key infrastructure
Network of trusted certificate authority servers. Use asymmetric key pairs and combines software, encryption and services to provide a means of protecting security of business communication and transactions.
Collision
Occurs when a hash function generates the same output for different inputs.
PPTP
Oldest VPN protocol. Works at layer 2 (data link) layer of OSI model. Provides both authentication and encryption. EAP or CHAP is used to provide the authentication for PPTP. MPPE (Microsoft Point to Point Encryption) is used to encrypt the traffic. MPPE - a specific Microsoft implementation of DES. Can only use over a traditional Ethernet network.
Ciphertext Only Attack
Only the ciphertext is analyzed to try to detect patterns that can be used to break the encryption. Much more difficult than chosen plaintext attacks.
Mersenne Twister Pseudo-Random Number Generator
Original not suitable for cryptographic purposes. Larger number space than many other pseudo-random number generators. Developed by Makoto Matsumoto and Takuji Nishimura.
L2TP
PPTP combined with L2F (Layer 2 Forwarding) (Cisco proprietary protocol) - Uses EAP, CHAP, MS-CHAP, PAP, or S-PAP for authentication. IPSec is used to provide encryption.
Rainbow Tables
Pre-calculated hashes of all available passwords within a certain character space. Typically used to crack hashes. Compares the hash of a file to the rainbow table and if there's a match, you will then have the original text.
Digital Signature
Provide authentication of a sender and integrity of a sender's message. A message is input into a hash function. Then that hash value is encrypted using the private key of the sender. The result of these two steps yields a digital signature. Created by signing with the sender's private key. Typically used in e-mail. RSA and DSA can be used to produce and verify digital signatures.
Asymmetric Encryption
Public key encryption - uses key pairs -Two different but mathematically related keys are used where one key is used to encrypt and another is used to decrypt. Has both a public key to be shared and a private key that is held onto by the owner that should remain private. If the public key encrypts, only the private key can decrypt and vice versa. Examples: PGP, RSA, SSL. TLS
SHA-3
Secure Hashing Algorithm. Designed by NSA. • 224/256/384/512 bit output size • Up to 1600 bit block size • 64 bit word size • 24 rounds.
SHA2
Secure Hashing Algorithm. Designed by NSA. • SHA-224/SHA-256 o 224/256 bit output size o 512 bit block size o 56 bit word size o 64 rounds. • SHA-384, SHA-512, SHA-512/224, SHA-512/256 o 384/512/224/256 bit output size o 1024 bit block size o 64 bit word size o 80 rounds.
Digital Certificate - DC
Standard template is x.509 V3. It's been around since 1988 and it's the most commonly used format today. Used to identify the certificate holder when conducting electronic transactions. When modified, they typically become invalidated. The can expire as well or be revoked for a number of reasons (private key compromised, etc). They are used for web servers, authentication of Cisco Secure phones, E-Commerce. This is one of the most common methods to distribute public keys. • Common Digital Certificate Fields - Certificate Information Statement, Issued to, Issued by, Valid from • Digital Certificate Details Fields - Version, Serial Number, Signature Algorithm, Hash Algorithm, Issuer, Valid From, Valid To, Subject, Public Key, Key Usage Statement, Friendly Name
Chi Square
Steganalysis Technique - Doing a calculation/comparison and looking at the number of overall bits and the info in those bits and then calculate the theoretical amount of information in the file and compare it to the actual information in the file The delta between the two is then used to compare the file bits to attempt to find the hidden information.
TLS
Successor to SSL - Asymmetric - Has the following process: 1) The client and server agree on parameters used to establish the connection's security. 2) Client connects to a TLS-enabled server requesting a secure connection and presents a list of encryption and hash functions it can support. 3) The server picks the strongest encryption and hash function from this list that it also supports and notifies the client of the chosen algorithms. 4) The server sends back its identification in the form of a standard X.509 digital certificate. 5) The clients may contact the CA that issued the certificate to confirm validity before proceeding. 6) From the random number, both parties generate key material for encryption/decryption. 7) In order to generate the session keys used for the secure connection, the client encrypts a random number with the server's public key and sends the result to the server. The server then decrypts the number with its private key.
DESX
Symmetric algorithm - 64 bit key is appended to data, XOR it, and then apply the DES algorithm.
DES
Symmetric algorithm - Block Cipher - Based on Lucifer Algorithm • One of the most widely deployed algorithms in the world, even though it is no longer recommended or considered secure. • Restricted key size of 56 bits and small block size of 64 bits (has a 64-bit plaintext, which is split into two 32-bit halves L and R). • Consists of 16 rounds numbered 1 through 16. Each round i uses a separate 48-bit round key Ki. Each round key is formed by selecting 48 bits from the 56-bit key, and this selection is different for each round key. • The algorithm that derives these round keys from the main block cipher key is called the key schedule.
3DES
Symmetric algorithm - Block Cipher - Does DES 3 times, doing one of the following: 1st key encrypts, 2nd key decrypts, 3rd key encrypts, or one key encrypts/decrypts/encrypts, or 1st key encrypts, 2nd key decrypts, and 1st key encrypts again.
IDEA
Symmetric algorithm - Designed by James Massey and Xuejia Lai. Operates on 64 bit blocks and has a 128 bit key. Consists of 8 identical transformations each round and an output transformation.
CAST-128
Symmetric algorithm. Created in 1996 by Carlisle Adams and Stafford Tavares. Operates on 64 bit blocks and has a key size of 40-128 bits. Typically used in GPG and PGP. Encryption is either 12 or 16 rounds.
Local (Instance) Deduction
The attacker discovers additional plaintext/ciphertext that were not previously known. This can be used to deduce some of the supporting elements outside of the actual key, but you do not get the actual key itself.
Differential Attack
The examination of differences in an input and how that affects the resultant difference in the output. Can work with known plaintext or ciphertext. Developed by Eli Biham and Adi Shamir.
Diffie-Helmann
The first publicly described asymmetric algorithm. A cryptographic protocol that allows two parties to establish a shared key over an insecure channel. Often used to allow parties to exchange a symmetric key through some unsecure medium, such as the Internet. It was developed by Whitfield Diffie and Martin Helmann in 1976.
Related Key Attack
Two chosen plaintext attacks run in parallel, but you are using two different but related keys. You would have two streams of text being encrypted into ciphertext by these two keys. Commonly used against wireless network encryption.
Integral Cryptanalysis
Uses lots of sets of plaintext that are similar with slight modifications. These are encrypted and then the variations are analyzed to determine if there's anything that can be zeroed in on.
Distinguishing Algorithm
We can distinguish or understand the cipher from some sort of random permutation based on information you find.
CMAC
Works almost exactly like CBC-MAC, except it treats the last block differently
Cipher Feedback (CFB)
You start with an IV, encrypt it with your key, then XOR it with the plaintext to get cipher text. This value is then used as the starting point for the next round to encrypt with the key again before XORing it with the next block of plaintext.
RSA
• Most widely used asymmetric encryption algorithm • Developed in 1977 by three mathematician researchers from MIT, Ron Rivest, Adi Shamir, and Len Adleman. • Based on the practical difficulty of factoring the product of two large prime numbers. • Key sizes are typically 1024 - 4096 bits. • Encryption formula = Me%n
Levels of NSA Encryption Algorithms
• Suite A Algorithms - Confidential, not published, used for secret and top secret government communications. We have no knowledge of them other than what's on this list is used by the government to securely communicate. • Suite B Algorithms - Commercially available and used in all modern software in one way or another that are recommended by the NSA. o Type 1 Suite B Algorithms - Juniper, Mayfly, Fast hash, Walburn, Pegasus, AES (depending on implementation) o Type 2 Suite B Algorithms - Skipjack, KEA o Type 3 Suite B Algorithms - DES, 3DES, SHA1, AES (depending on implementation) o Type 4 Suite B Algorithms - Not certified by government, but there may be public or private sector algorithms that exist on this level.