Unit 4 - Asymmetric Encryption

16. Describe the hybrid encryption processes for Authenticated Encryption using either Sign-then-Encrypt or Encrypt-then-Sign methods.

(a) generate the digital signature from the (hashed) plaintext, and then encrypt a file containing both the plaintext message and the digital signature (b) encrypt the message first, and then generate a digital signature from the (hashed) encrypted file

13.1 How to protect private keys

-Store them locally (on a device) Need to be protected/Encr subject to passwd attacks PRI key loaded into RAM PBKDF2 (Password-Based Key Derivation Function 2) is a key derivation function that is part of RSA Laboratories' Public-Key Cryptography Standards -Store them on a device (CAC) - passwd protected. signing happens on card - not in RAM PRI key never leaves the card hacker needs access to both passwd & card.

10.1 X509 is the CA format. 1. Signing the X509 Cert 2. Verify the Cert Signature Slide 38.

1. The cert contains select fields used to ID. The Cert is sent in the clear but a hash of the PT is made for integrity. H(CERT) = D E(CA-PRI) (D) = S Signature. --- 2. H (M) = D1 D (CA-Pub) (S) = D2 D1 = D2 -> if yes, it passes the check.

3. Compare and contrast a digital signature using public-key encryption and a MAC utilizing symmetric-key encryption.

A MAC provides data integrity but no authentication. Does not use keys. Signatures require pri/pub keys and when used with a MAC can provide authentication. H(M) = D1 E (sender pri) (D1) = Signature E (rcvr pub) (M) = CT.

Hybrid Encryption

A hybrid cryptosystem is one which combines the convenience of a public-key cryptosystem with the efficiency of a symmetric-key cryptosystem. Note that for very long messages the bulk of the work in encryption/decryption is done by the more efficient symmetric-key scheme, while the inefficient public-key scheme is used only to encrypt/decrypt a short key value

14. Describe the hybrid encryption process for generating a digital signature ensuring message authenticity and non-repudiation. Slide 69

A hybrid encryption scheme is one that blends the convenience of an asymmetric encryption scheme with the effectiveness of a symmetric encryption scheme. Hybrid encryption is achieved through data transfer using unique session keys along with symmetrical encryption. Public key encryption is implemented for random symmetric key encryption. The recipient then uses the public key encryption method to decrypt the symmetric key. Once the symmetric key is recovered, it is then used to decrypt the message. The combination of encryption methods has various advantages. One is that a connection channel is established between two users' sets of equipment. Users then have the ability to communicate through hybrid encryption. Asymmetric encryption can slow down the encryption process, but with the simultaneous use of symmetric encryption, both forms of encryption are enhanced. The result is the added security of the transmittal process along with overall improved system performance.

2. Properly describe how public and private keys are used to provide confidentiality, integrity, and non-repudiation. http://webcache.googleusercontent.com/search?q=cache:D9yBSZUIzkAJ:www.utc.edu/faculty/joseph-kizza/docs/guidetonetworksecurity/instructor_support_materials/notes/chapter11.ppt+&cd=10&hl=en&ct=clnk&gl=us

A public and private key that are mathematically related. Public key is disclosed while the priv. key is not. Sending: Hash PT to get digest for integrity. Encrypt the digest using sender priv. to get a signature (S) for non-repudiation (validate sender). Then encr PT using recvr pub key to get CT - for confidentiality. Recving

Replay Attack

An attempt to subvert security by recording legitimate communications and repeating them to try to impersonate a valid user. A replay attack occurs when an intruder steals a packet from the network and forwards that packet to a service or application as if the intruder was the user who originally sent the packet. When the packet is an authentication packet, the intruder can use the replay attack to authenticate on another person's behalf and consequently access that person's resources or data. To protect against replay attacks, the Kerberos authentication protocol uses the concept of an authenticator

1. Describe the process of asymmetric key encryption to provide message confidentiality. Compare and contrast its use with symmetric key encryption. Slide 5 http://cae2y.morainevalley.edu/compete/resources/tools/cryptool_presentation.pdf

Asymmetric Confidentiality: sender uses rcvr public key to encrypt PT and rcvr private key to decrypt CT. Two keys are used. With symmetric encr a single key is used for both encr and decr. Lacks integrity. REMEMBER - DECR w/PRI key. Symmetric encr: they do not provide authentication or nonrepudation

13. Discuss the advantages and disadvantages of public key cryptography in comparison to symmetric key cryptography. Describe how hybrid cryptography can be used to obtain the advantages of both types of encryption. http://www.programmerinterview.com/index.php/general-miscellaneous/symmetric-vs-public-key-cryptography/

Because symmetric key cryptography uses the same key for both decryption and encryption, it is much faster than public key cryptography, is easier to implement, and generally requires less processing power. A disadvantage of symmetric key cryptography is that the 2 parties sending messages to each other must agree to use the same private key before they start transmitting secure information. This may be impossible depending on the circumstances - because the 2 parties who want to communicate with each other through a secure means may be on different sides of the world. And this means that they will need a secure way to tell each other what the private key will be - if there were a secure way to do this, then the cryptography would not have been necessary in the first place in order to create that secure channel. --- The advantage of using public key cryptography is that the public key used for encryption does not need to remain secure (that is why it's called "public" - because it does not matter if other people know about it). What often happens is that people use public key cryptography to create a shared session key and then they communicate through symmetric key cryptography using the shared session key. This way they can get the best of both worlds - the performance/speed of shared key cryptography along with the convenience of public key cryptography. -- Actually both forms of cryptography are used today to get secure information from the Web. Using public key cryptography, your browser will actually create a shared session key with the Web site. And then your browser will communicate with the web site through symmetric key cryptography in order to actually obtain the private information.

6 Discuss shortcomings of textbook RSA (i.e., not Semantically Secure), and describe mechanisms for overcoming these shortcomings.

Don't worry about this one.

15. Describe the hybrid encryption process for encrypting a message to ensure confidentiality. Slide 70 The key is what makes hybrid.

Hybrid Encr: Only Confidentiality. Sender: Generate K (Symmetric key) E(k) (M) = C1. E(rcvr pub) (key) = C2 Xmit C1 & C2 --- Rrcv: D (rcvrPriKey) (C2) = K D(k) (C1) = M

5. Describe how textbook RSA is used to encrypt and decrypt messages. slide 25

In RSA, this asymmetry is based on the practical difficulty of factoring the product of two large prime numbers. A user of RSA creates and then publishes a public key based on the two large prime numbers, along with an auxiliary value. The prime numbers must be kept secret

What is Key Escrow

It is a cryptographic key exchange process in which a key is held in escrow, or stored, by a third party.

10.2 Slide 40 - Bootstraps New entity authentication.

New entity authentication: "Who is this? What is its identity?" o New entity authorization: "Is it mine? Do I want it? What are the chances it has been compromised?" o Domain authentication: "What is this domain's claimed identity?" o Domain authorization: "Should I join it?" Established by verification of previously installed credentials certificate, and verified back-end information such as a configured list of purchased devices or communication with a trusted third-party.

11. What is self-signing, and why is it a concern?

Self-signed certificates cannot be revoked or verified. Both types of certificates will encrypt the data to create a secure website. A certificate authority tells your customers that this server information has been verified by a trusted source. The most commonly used Certificate Authority is Verisign. The problem with using a self-signed certificate is that nearly every Web browser checks that an https connection is signed by a recognized CA. If the connection is self-signed, this will be flagged as potentially risky and error messages will pop up encouraging your customers to not trust the site. When Can You Use a Self-Signed Certificate? Since they provide the same protection, you can use a self-signed cerificate anywhere you would use a signed certificate. But some places work better than others. Self-signed certificates are great for testing servers. If you're creating a website that you need to test over an https connection, you don't have to pay for a signed certificate for that testing site. You just need to tell your testers that their browser may pop warning messages.

1.1 asymmetric Authenticity

Sender A private key to encr and sender A public key to decr. Sender is encr w/Pri key.

15.1 Hybrid Integrity, authentication & non-repudiation

Sender: H (M) = D1 E(senderPriKey) (D1) = S Xmit M & S --- Rcvr: H (M) = D2 D (sendrPub) (S) = D1 Does D1 = D2

14.1 Hybrid Integrity, Authentication & Nonrepudiation

Sender: H(M) = D1 E (Sender1PriKey) (D1) = S Encr Hash w/Data ==Xmit M and S LACKS CONFIDENTIALITY --- Rcvr: H(M)=D2 D (Ali-Pub) (S) = D1 D1 = D2?

15.2 Hybrid Confidentiality, Integrity, Authenticity & Nonrepudiation Slide 72

Sender: H(M)=D1 E (sendrPriKey) (D1) = S Generate Symmetric key E(K) (M) = C1 E (rcvrPubKey) (K) = C2 XMit - C1, C2, S --- Rcvr: D(rcvrPriKey) (C2) = K D(K) (C1) = M H(M) = D2 D (sendrPubKey) (S) = D1 --- Does D1 = D2

Asym: Authenticity

Sendr encr with their pri key xmits rcvr decr with sender pub key.

10. Describe how the CA public key is used to verify the validity of a public key certificate, which in turn verifies the validity of the enclosed public key and its binding to the claimed identity. Slide 36

The client uses the CA certificate to verify the CA signature on the server certificate, as part of the checks before establishing a secure connection. A certificate authority (CA) is an organization that stores public keys and their owners, and every party in a communication trusts this organization (and knows its public key). When the user's web browser receives the public key from www.bank.example it also receives a digital signature of the key (with some more information, in a so-called X.509 certificate). The browser already possesses the public key of the CA and consequently can verify the signature, trust the certificate and the public key in it: since www.bank.example uses a public key that the certification authority certifies, a fake www.bank.example can only use the same public key. Since the fake www.bank.example does not know the corresponding private key, it cannot create the signature needed to verify its authenticity.

What is key escrow & what problem is it trying to solve?

a cryptographic key exchange process in which a key is held in escrow, or stored, by a third party. From one perspective it would allow someone to regain a lost key but that means someone else is in possession of it.

public key

a key that is made available to anyone

4. Describe the basic process of Diffie-Hellman Key Exchange and what is provided by this process.

a method of securely exchanging cryptographic keys over a public channel . Using It's a method such that two parties who don't know about each are able to mathematically exchange data publicly and as a result are able to generate a private key. Two parties working in concert exchange

Asymmetric cryptography

a type of cryptography that is scalable for use in very large, expanding environments where data is frequently exchanged between different communication partners. 2n (2 keys per user).

Asymmetric encryption

also known as public key encryption, uses two keys that are mathematically related. Both keys together are called the key pair. Consider the following asymmetric encryption facts

18. Describe how nonces or timestamps (or both) can be incorporated into an encryption scheme to reduce the vulnerability to replay attacks.

arbitrary number used only once in a cryptographic communication. It is often a random or pseudo-random number issued in an authentication protocol to ensure that old communications cannot be reused in replay attacks.

Ephemeral keys

are generated every time the key establishment process is executed and only exist for the lifetime of a specific communication session. As such, these keys have a relatively short lifespan.

Radom Public Key

are generated for each session. No deterministic algorithm is used when generating the public keys.

Asymmetric key ciphers

are two associated algorithms that are inverses of each other. Both of the two algorithms are easy to compute.

7. Provide examples that demonstrate the difficulties associated with public key distribution and the association of a specific identity to a public key.

biggest obstacle in successfully deploying a symmetric-key algorithm is the necessity for a proper exchange of private keys. This transaction must be completed in a secure manner. Another problem concerns the compromise of a private key A central problem with the use of public-key cryptography is confidence/proof that a particular public key is authentic

Asymmetric key encryption

can provide confidentiality (encryption), strong authentication, and non-repudiation

11.2 Certs come in 2 forms:

certificate signed by a certificate authority or sign it yourself

CA public key compromise

certs build into a browser A must revoke the certificates and inform the organizations identified as subjects in the fraudulent certificates and all potential relying parties that might rely on those certificates. If a CA system compromise or signing key theft occurs, the CA's certificate(s) must be revoked by any CAs that have issued certificates to it, all subjects that the compromised CA has issued certificates to must be notified that they will require new certificates, and all possible relying parties must be notified.

9. Describe the role of a Certificate Authority (CA) in ensuring trusted identity-public key associations. Identify the CA requirements for implementing this responsibility.

http://en.wikipedia.org/wiki/Certificate_authority. The CA (also known as a digital certificate or identity certificate) is an electronic document used to prove ownership of a public key. The certificate includes information about the key, information about its owner's identity, and the digital signature of an entity that has verified the certificate's contents are correct. If the signature is valid, and the person examining the certificate trusts the signer, then they know they can use that key to communicate with its owner. Commercial CAs charge to issue certificates, and their customers expect the CA's certificate to be included by most web browsers, so that secure connections to the certified server work smoothly out of the box. This allows others to rely upon signatures or on assertions made by the private key that corresponds to the certified public key. CA is a trusted third party - trusted both by the subject (owner) of the certificate and by the party relying upon the certificate

8. Apply the "web of trust" method to provide for trusted identity-public key associations within an organization or group. Slide 34.

http://en.wikipedia.org/wiki/Web_of_trust It is a decentralized trust model. Every web of trust without a central controller (e.g., a CA) depends on other users for trust. All nodes need to agree new , new certs will not likely be readily trusted by other users'. Works for small groups.

Digital signing

is use to confirm the integrity of the message and the authenticity of a sender.

12. Describe the purpose and utilization of Certificate Revocation Lists (CRL). Slide 50

list of certificates (or more specifically, a list of serial numbers for certificates) that have been revoked, and therefore, entities presenting those (revoked) certificates should no longer be trusted. It's a running list of compromised certs maintained by the CA - stores the S/N. Needs to be signed by CA to prevent DoS attack

hybrid cryptography system

system combines the strengths of both the symmetric and asymmetric cryptography systems (i.e. symmetric systems can process large amounts of data relatively fast, and asymmetric systems can securely distribute keys).

Key exchange

to ensure keys are secure during transit. Asymmetric encryption is often used to securely exchange symmetric keys.

private key

type of key that is kept secret

Keyspace

typically starts around 1,000 bits and goes as high as 32,000 bits.