ISMN modules 24-32

what does cryptography detect

-tampering -injection of false data -deletion of data

Data in unscrambled form

Plaintext/Cleartext

The most important goal of any physical security is:

Preserve human life

stream mode cipher •Variable key size

RC4

block mode cipher •Variable block & key size

RC5 and RC6

Digital signatures don't allow for what? • Authentication of the sender • Confidentiality of the message • 3rd party verification of the sender • Detection of modification of a message

Confidentiality of the message

uses several different alphabets to defeat frequency analysis

Polyalphabetic ciphers

Usually 8 byte (64 bit) ASCII text in block ciphers with length a multiple of 8 bits

block cipher

stream ciphers = block ciphers=

both symmetric key ciphers

• Authentication tool to verify a message origin and sender identity. - Resolve authentication issues.

digital signatures

cipher method that uses 1s and 0s

stream ciphers

what are the strengths of symmetric keys

• Very fast which allows for large amounts of data to be encrypted in very little time • Very difficult to break data encrypted with large keys. • Availability - Algorithms and tools used for symmetric encryption are freely available

what is the purpose of cryptography

•Protect sensitive info from disclosure •Identify the corruption/ unauthorized change of info •Make compromise too expensive or time consuming

All of the following are goals of physical security, EXCEPT Detain Delay Detect Deter

Detain (the goals are deter, delay, detect, assess, respond)

A camera located outside a server room door supports which of the following physical security objectives? Process Delay Detect Review Detect

Detect

• A mathematical function that is easier to compute in one direction (forward direction) than in the opposite direction (inverse direction). • Forward direction could take seconds, the inverse could take months.

One Way Function (asymmetric)

The most important goal of any BCP is: -Preserve human life -Ensure the survivability of the business -Provide clear guidance for defining a disaster -Minimize the downtime of critical systems

Preserve human life

which cipher mode is better for discrete data

block cipher (discrete & unstructured dat)

• Operates on fixed size text blocks - Usually 8-byte (64-bit) ASCII text in block ciphers with length a multiple of 8 bits • Block mode ciphers are generally slower than stream mode • Data Encryption Standard (DES) is best-known block cipher

block ciphers

List of words/phrases (code) with corresponding random groups of numbers/letters (code groups) - Colored flags for navy ships - Morse Code

codes

symmetric key can provide what security function_

only encrypt data and restrict its access. It doesn't provide proof of origin or non-repudiation

Uses several different alphabets to defeat frequency analysis

polyalphabetic cipher

what was cryptography originally used for

secrecy

what does the strength of the encryption (DES) rely on

secrecy of the key

Crypto digital "signature" is made by who

sender's private key

The cryptography domain addresses _____ to ensure its Confidentiality, Integrity, Authenticity, Non-repudiation

the principles, means, and methods of disguising information

Higher the key size #,

the stronger the symmetric algorithm

what are the characteristics of stream ciphers

· Long periods with no repeating · Functionally complex · Statistically unpredictable · Statistically unbiased key stream (as many 0s as 1s) · Key stream not linearly related to key

asymmetric key weaknesses

• Computationally intensive • Slow (1000 or more times slower than symmetric)

Why is simple MIC (message integrity controls) (checksum/parity) a weak form of integrity control - Only detects accidental alteration; forgery possible - Algorithm examines bitstream and calculates MIC value; output appended to bitstream - Receiver must generate new MIC and compare with the original • Addition of Cryptographic functions resists intentional attack

- Only detects accidental alteration; forgery possible - Algorithm examines bitstream and calculates MIC value; output appended to bitstream - Receiver must generate new MIC and compare with the original • Addition of Cryptographic functions resists intentional attack

how is a digital signature created

by encrypting a digest or hash value of a message with senders private key

- The most commonly implemented stream cipher - Variable key size - Highly efficient, much faster than any block cipher - Stream ciphers can be difficult to implement correctly

RC4 (symmetric)

Features data dependant rotations, variable block size, variable key size, variable number of rounds

RC5 and RC6 (symmetric)

what are the characteristics of block ciphers

· Operates on fixed size text blocks o Usually 8 byte (64 bit) ASCII text in block ciphers with length a multiple of 8 bits · Block mode ciphers are generally slower than stream mode · Data encryption standard (DES) is best known block cipher

what are the security requirements for encrypted email

•Privacy- only the intended recipient can read the message •Integrity- the message cannot have been changed •Authentication-we know the message is from who we expected it from •Non-repudiation- originator cannot deny having sent a message

• DSS (Digital Signature Standard) - DSA (Digital Signature Algorithm) • Uses Secure Hash Algorithm (SHA-1). - Condenses message to 160 bits. • Others include RSA, Nyberg-Rueppel, El Gamal, Fiat-Shamir, and Schnorr

Digital Signatures Schemes

• RSA Message Digest • MD2, MD4 and MD5 algorithms • Secure Hash Algorithm - SHA-1, SHA-256, SHA-384, SHA-512 • RIPE MD-160, RIPE MD-128 • TIGER • HAVAL - Supports different Message Digest output sizes between 128 and 256 bits

Hashing Functions - Examples

will use each technology where it is best suited. - Symmetric key algorithm for bulk data encryption. - Asymmetric key algorithm for automated key distribution.

Hybrid systems

• Instead of a single key, there is a 'key pair.' • The two keys are related to each other mathematically. • One of the keys is kept secret (Private key). • The other is made available to everyone (Public key). • 'Computationally infeasible' to derive the private key from knowledge of the public key. • When data is encrypted with either one of the keys, the other key is the only one that can decrypt the ciphertext

asymmetric key cryptograpahy

· Classical substitution ciphers- original Caesar cipher (shift or scramble alphabet) · Transportation (permutation) ciphers- rearranging the letters · Polyalphabetic ciphers- uses several different alphabets to defeat frequency analysis · Running key cipher · One- time pad · Concealment- true letters of plaintext hidden/ disguised by device or algorithm · Steganography- art of hiding communications · Codes- list of words/ phrases (code) with corresponding random groups of numbers/ letters (code groups)

basic methods of encryption

· Operate on fixed size blocks of plain text · More suitably implemented in software than to execute on general-purpose computer · Overlap when block operated as stream

block ciphers

• Operate on fixed size blocks of plain text • More suitably implemented in software to execute on general-purpose computer • Overlap when block operated as stream

block ciphers

- Block of data attached to message (document, file, record, etc.). • Binds message to individual whose signature can be verified. - By receiver or third party. - Difficult to forge.

digital signatures

• Used to condense arbitrary length messages and produce fixed-size representation of message. • Used for subsequent signature by a digital signature algorithm.

hash function

- Should be one-way (messages cannot be generated from their signature) - It should be computationally infeasible to compute the same hash value on two different messages - Should resist birthday attacks

hash functions

-means that the hash function should be designed in such a way that it is computationally difficult for an attacker to find two different inputs that produce the same hash value (a collision). -This concept is related to the birthday paradox or birthday problem, which describes the likelihood of two people in a group sharing the same birthday

meaning to, hash functions should be able to resist birthday attacks

• Art of hiding communications - Deny message exists - Data hidden in picture files, sound files, slack space on floppies • i.e., least significant bits of bitmap image can be used to hide messages, usually without material change to original file

steganography

· operate on continuous streams of plain text (as 1's and 0's) · Usually implemented in hardware · Well suited for serial communications

stream ciphers

• Operate on continuous streams of plain text (as 1's and 0's). • Usually implemented in hardware. • Well suited for serial communications.

stream ciphers

• Also referred to as private key/single key/secret key • Uses a single key shared by originator and receiver • Algorithms include: Rijndael, DES, Triple DES, Blowfish, IDEA, RC4, RC6, SAFER, Serpent, Twofish, etc.

symmetric key cryptography

Crypto digital "signature" is decrypted by who

the sender's public key

encryption systems subtopics

• Classical substitution ciphers • Transposition (permutation) ciphers • Polyalphabetic ciphers • Running key cipher • One-time pad • Concealment • Steganography • Codes

what are the weaknesses of symmetric keys

• Key management and implementation - Ensure that sender and receiver can agree upon a key, and how they exchange a key. • Key Distribution - Same key used to both encrypt and decrypt. - Requires very secure mechanism for key distribution. - Keys and data must be delivered separately. • Scalability - Since a unique symmetric key must be used between the sender and each recipient, number of keys grows exponentially with the number of users : N (N-1) / 2 • Limited security - Symmetric keys only encrypt data and restrict its access. - Does not provide proof of origin or non-repudiation.

asymmetric key strengths

• Provides efficient encryption and digital signature services • Efficient symmetric key distribution • Scalability - Only two keys needed per user • 1,000 people need total of 2,000 keys (easier to manage than the 499,500 needed for symmetric)

what are digital signature benefits

• Provides non-repudiation. - Ensures that the sender cannot deny sending the message. - Recipient cannot claim receiving a different message than the original. • Used to authenticate software, data, images, users, machines. - Protects software against viruses. - A smart card with a digital signature can verify a user to a computer. (non-repudiation & authentication)

what are symmetric and asymmetric algorithms good at

• Symmetric algorithms: fast and strong (given sufficiently long keys). • Asymmetric algorithms: good at key management, but terribly slow.

asymmetric key can provide what security elements

•Confidentiality/Privacy (Data cannot be decrypted without the appropriate private key) • Access Control (The private key should be limited to one person) • Authentication (Identity of sender is confirmed) • Integrity (Data has not been tampered with) • Non-repudiation (Sender cannot deny sending)

asymmetric key can provide what security function

•Confidentiality/Privacy (Data cannot be decrypted without the appropriate private key) • Access Control (The private key should be limited to one person) • Authentication (Identity of sender is confirmed) • Integrity (Data has not been tampered with) • Non-repudiation (Sender cannot deny sending)

what does cryptography prevent

-unauthorized disclosure of info -unauthorized access to info, computers, websites, applications, etc. -repudiation

how many bits is a block cipher typically

64 bits (8 bits that uses 8 bytes)

Which of the following examples would best fit the "Deter" goal of physical security? -A ultrasonic sensor system that is deployed on the loading dock at the rear of a manufacturing facility -A biometric lock system installed at an entry door in a building -A dry pipe sprinkler systems that is installed in a data center server room -A sign on a fence that reads "WARNING: Electrified Fence" that is installed around the HVAC system on the side of a building

A sign on a fence that reads "WARNING: Electrified Fence" that is installed around the HVAC system on the side of a building

Asymmetric key cryptography is based on what

'trap-door one way functions'

DES cryptanalysis assumptions

- Algorithm is known by the adversary. The strength of the encryption relies on the secrecy of the key (Kerckhoff's Principle). - Adversary must try all possible keys to find which one was used.

Good cryptographic hash functions should have the following properties:

- Be unable to compute hash value of two messages combined given their individual hash values. - Hash should be computed on the entire message

asymmetric algorithms using discrete logarithms in a finite field problem

- Diffie-Hellman - ECC (Elliptic Curve Cryptosystems) - DSS (Digital Signature Standard) - El Gamal - LUC

Public key (asymmetric) systems are based on problems that are difficult to solve (hard problems):

- Factoring the product of large prime integers - Discrete log problem (difficulty of taking logarithms in finite fields)

A stream cipher algorithm should have these features:

- Long periods with no repeating - Functionally complex - Statistically unpredictable - Statistically unbiased keystream • As many 0's as 1's - Keystream not linearly related to key

how do you verify a message using digital signature

- Receiver computes digest of received message - Decrypts the signature with the sender's public key to extract the original sender's digest - Verifies if the recomputed and decrypted digests match

example of Concealment Cipher

-Example: divide message • Use 1 word at a time • Have it appear as every sixth word in a sentence • Message: "Buy gold now" • Sentence "I have been trying to BUY you a nice gift like GOLD or an antique but prices NOW are really high.

what is cryptography originally used for now

-Prevent unauthorized disclosure of information -Prevent unauthorized access to information, computers, web sites, applications, etc. - Detect tampering - Detect injection of false data - Detect deletion of data - Prevent repudiation

what should good hash functions be able and unable to do

-Unable to: compute hash value of two messages combined given their individual hash values. -Able to: be computed on the entire message

what are hash functions used for

-condense arbitrary length messages and produce fixed-size representation of message -subsequent signature by a digital signature algorithm

list of the weaknesses of symmetric keys

-key management & implementation -key distribution -scalability -limited security

block mode cipher •128, 192, and 256 bits- block size •128, 192, and 256 bits- key size

AES

What is the initial requirement to be performed in establishing a business continuity plan? -Agree on the scope of the plan -Determine the site to be used during a disaster -Demonstrate adherence to standard disaster recovery process -Identify the applications to be run during a disaster

Agree on the scope of the plan

Mathematical function that takes plaintext and a key as input and produces ciphertext as output

Algorithm

set of rules which enciphering and deciphering is done

Algorithm

block mode cipher •64- bit block size •448- bit key size •32-bit microprocessor

Blowfish

- Highly efficient block cipher - Key length up to 448 bits - 64 bit block size - Optimized for 32 bit microprocessors

Blowfish (symmetric)

Scrambled data

Ciphertext/Cryptogram

original Caesar cipher (shift or scramble alphabet)

Classical substitution ciphers

list of words/ phrases (code) with corresponding random groups of numbers/ letters (code groups)

Codes

true letters of plaintext hidden/ disguised by device or algorithm

Concealment

True letters of plaintext hidden/disguised by device or algorithm

Concealment Cipher

Reduction or solution of secret messages without knowledge of the system or the key or the possession of a code book

Cryptanalysis

practice of defeating attempts to hide information

Cryptanalysis

- Art and science of writing secrets. - Storing and transmitting information in a form that allows it to be revealed only to those intended. - Accomplished by crypto system.

Cryptography

includes both cryptography and cryptanalysis

Cryptology

Best known block cipher

DES

block mode cipher •64-bit block size •56-bit key size plus 8 parity bits •16 rounds transposition & substitution

DES

first cryptographic process created. all other processes are based off of this

DES

Descrambling with key

Decipher/Decrypt/Decode

Act of scrambling using key

Encipher/Encrypt/Encode

Using asymmetric (public key) encryption to provide the recipient of a message with "proof of origin" requires that the sender -Encrypt the message with the sender's private key -For asymmetric encryption, the sender's private key is encrypted with a digital signature -The recipient verifies the digital signature by decrypting the sender's public key -Sender uses their private key to create digital signature not to encrypt the message. This allows the recipient to verify the authenticity which provides proof of origin

Encrypt the message with the sender's private key If the entire message was encrypted with the sender's private key rather than public > the contents of the message would have to be disclosed Using asymmetric (private key) encryption to provide the recipient of a message with "proof of origin" usually isn't used

A stream mode cipher would be most applicable for which of the following tasks? -Encrypting a real-time broadcast of a digital video conference between heads of state -Encrypting intra-company emails that contain proprietary information regarding the development of a new product -Encrypting electronic transactions between consumers and an e-commerce website -Encrypting the transmission of a downloadable corporate payroll file to an outsource payroll processor

Encrypting a real-time broadcast of a digital video conference between heads of state

Which of the following best describes a hot site? •Fully equipped back up center with external interfaces (power, water etc.) and telecommunications, as well as complete computing resources on site •Parallel processing location with actively running identical systems •Prepared off site storage location containing basic facilities such as data connections and telecommunications but no computing resources •Relocation of equipment during critical times

Fully equipped back up center with external interfaces (power, water etc.) and telecommunications, as well as complete computing resources on site

Which of the following best explains BIA (business impact analysis)? -It is the process of analyzing all business functions to determine the effect of IT outages in the business -It is the process of updating the functions of the business after a disaster -It is the process of documenting events during a disaster -It is the process of managing the recovery at non-primary business sites

It is the process of analyzing all business functions to determine the effect of IT outages in the business

Which of the following is NOT a key strategy for developing a physical security program? -Surveillance with high visual control -Management support for physical measurements of security -Controlled flow of movement through limited access -Territoriality culture among employees

Management support for physical measurements of security

In order of least allowable downtime to most allowable downtime, rank these recovery strategies: -Mirror Site, Hot Site, Warm Site, Cold Site -Warm Site, Cold Site, Hot Site, Mirror Site -Mirror Site, Cold Site, Warm Site, Hot Site -Cold Site, Warm Site, Hot Site, Mirror Site

Mirror Site, Hot Site, Warm Site, Cold Site

parallel processing location with actively running identical systems

Mirror site

- Public key: gives info about the function. - Private key: gives info about the trap door. - Whoever knows the trap door can compute function easily in both directions. - Anyone lacking trap door can only go easily in the forward direction. - Forward direction used for encryption and signature verification - Inverse direction used for decryption and signature generation

One Way Function

Examples of types of physical access controls include all of the following EXCEPT: Passwords Gates Locks Guard stations

Passwords (technical or logical)

asymmetric algorithms using factoring problem

RSA

• Block cipher that can be implemented very efficiently on a wide variety of processors and hardware. • Supports block and key sizes of 128, 192, and 256 bits . • Under FIPS 197, a block size of 128 and a key length of 128, 192 and 256 are approved for use. • Variable number of rounds, each round containing 4 steps (Byte Sub, Shift Row, Mix Column, Add Round Key).

Rijndael (AES)

identifies sender and verifies integrity of the message

Signature decryption

What is a weak form of integrity control

Simple MIC (message integrity controls) checksum/parity

art of hiding communications

Steganography

Which of the following is true regarding symmetric cryptography? · In large groups of users, it's easy to manage the keys · The same key is used by both the sender (encryptor) and receiver (decryptor) · The key must be made available to a 3rd party escrow authority · Symmetric cryptography supports non-repudiation

The same key is used by both the sender (encryptor) and receiver (decryptor) Key escrow is typically associated with asymmetric cryptography (managing private key) Non-repudiation is associated with asymmetric cryptography

Algorithm is known by the adversary (threat). The strength of the encryption relies on the secrecy of the key (Kerckhoff's Principle)

cryptanalysis

rearranging the letters

Transportation (permutation) ciphers

a one way function for which the inverse direction is easily given a piece of information

Trap-door one way function

Prepared off site storage location containing basic facilities such as data connections and telecommunications but no computing resources

Warm site

- Mathematical Problems - One Way Functions - Secure Message - Open Message - Secure and Signed Message - RSA - Elliptic Curve (ECC) - Diffie-Hellman - El Gamal - Others

asymmetric encryption systems subtopics

- trying to break cryptography - practice of defeating attempts to hide information - reduction or solution of secret messages without knowledge of the system or the key or the possession of a code book

cryptanalysis (cracking the code)

Storing and transmitting information in a form that allows it to be revealed only to those intended

cryptography

combination of applying cryptography techniques and breaking cryptography techniques through cryptanalysis

cryptology

• Block mode cipher • 64-bit input and output block size • 56-bit true key plus 8 parity bits - Seventy-two quadrillion possible keys • 16 rounds of transposition and substitution to encrypt and decrypt

data encryption standard (DES)

- Each user has public-private key pair • Private key signs (creates signature), public key verifies it. - A digital signature is created by encrypting a digest or hash value of a message with the senders private key

digital signature

• To "sign" a message - Sender computes digest of message • Using public hash function - Crypto "signature" is made by sender's private key • Applied to digest creates digital signature - Digital signature sent along with message - The message itself is not made private

digital signature operation