CISSP - Sybex Study Guide - Ch. 6 Cryptography and Symmetric Key Algorithms

What does the Caesar cipher do? What is ti AKA? p197

- Shift 3 letters to the right (A becomes D) - ROT 3 cipher

Cryptographic Mathematics / Block Ciphers / What type of cipher is an example of this? p213

- Transposition ciphers

Cryptographic Mathematics / Describe *Substitution Ciphers* p209

- use the encryption algorithm to replace each character or bit of the plaintext message with a different character. - Like the Caesar cipher where letters were shifted to the right

Authentication / Describe the Challenge-response authentication protocol p200

1) Bob contacts Alice and introduces himself 2) Alice asks Bob to encrypt "apple" with a code that only she and Bob knows 3) Bob response with "ppale" 4) Alice authenticates Bob

Cryptographic Mathematics / What is the most popular Polyalphabetic Substitution cipher? p209

- Vigenere cipher - Find message letter at top row and key letter on left column, intersecting letter is the ciphertext letter

Modern Cryptography / Symmetric Key Algorithms / AKA ? p215

- secret key cryptography - private key cryptography (2 people sharing a private key) - shared secret

SYMMETRIC CRYPTOGRAPHY / Twofish / What are two techniques not found in other algorithms? p225

*Prewhitening* involves XORing the plaintext with a separate subkey before the first round of encryption. *Postwhitening* uses a similar operation after the 16th round of encryption.

Cryptographic Mathematics / Substitution cipher / What is a huge advantage of one-time pads? p211

- When used properly, they are an unbreakable encryption scheme. - There is no repeating pattern of alphabetic substitution, rendering cryptanalytic efforts useless.

Cryptography Concepts / Kerchoff Principle p201

- a concept that makes algorithms known and public allowing anyone to examine and test them - a cryptographic system should be secure even if everything about the system, except the key, is public knowledge

Cryptographic Mathematics / Describe *Nonce* p206

- a random number that acts as a placeholder variable in mathematical functions - when function is executed, the nonce is replaced by a unique random number for one-time use - used to create unique ciphertext every time the same message is encrypted using the same key

Cryptography Concepts / Specific implementations of a code or cipher in hardware and software is called what? p201

Cryptosystems

Cryptography Concepts / Cryptographic keys are sometimes known as what? p201

Cryptovariables

Symmetric Key Management / Describe *Key Management Practices* p226

- measures to protect the security of the keying material - safeguards surrounding the creation, distribution, storage, destruction, recovery, and escrow of secret keys

Modern Cryptography / Symmetric Key Algorithm / Why should you be careful not to get confused with the 'private key' reference? p216

- Because the term is also used in asymmetric encryption (private / public key) - with symmetric encryption, it's referring to two people sharing a 'private key'

SYMMETRIC CRYPTOGRAPHY / RC5 (Rivest Cipher 5) / Describe p224

- Block cipher of variable block sizes (32, 64, or 128 bit) - uses key sizes between 0 and 2,040 bits - Subject of brute force cracking - massive effort took 4 years to crack a single message

Cryptographic Mathematics / Stream Cipher / What type of cipher is an example of this? p213

- Caesar Cipher - OTP. Why? Because algorithm operates on each letter of the plaintext message independently

Cryptographic algorithms rely on what two basic operations to obscure plaintext messages? p213

- Confusion - Diffusion

Modern Cryptography / Hashing Algorithms

- Creates message digests, which are summaries of a message's content - extremely difficult, if not impossible, to derive a message from an ideal hash function - very unlikely that two messages will produce the same hash value

SYMMETRIC CRYPTOGRAPHY / Name 6 common symmetric cryptosystems p219

- DES (Data Encryption Systems) - 3DES (Triple DES) - IDEA (International Data Encryption Algorithm) - Blowfish - Skipjack - AES (Advanced Encryption Standard)

SYMMETRIC CRYPTOGRAPHY / 3DES / What are the 4 versions? p222

- DES-EEE3 (3 Encryp ops and 3 diff keys) key length 128 bits - DES-EDE3 (Encryp Decryp and 3 diff keys) key length 128 bits - DES-EEE2 (3 Encryp ops and 2 diff keys) key length 112 bits - DES-EDE2 (Encryp Decryp and 2 diff keys) key length 112 bits

Cryptographic Mathematics / Substitution Ciphers / OTP / What is the major obstacle to wide spread use? p212

- Difficulty of generating, distributing, and safeguarding the lengthy keys required - awkward to implement because they require the physical exchange of pads

Cryptographic Mathematics / Confusion and Diffusion / Describe Diffusion p213

- Diffusion occurs when a change in the plaintext results in multiple changes spread throughout the ciphertext.

Cryptographic Mathematics / Polyalphabetic substitution ciphers / Prevents against what type of analysis? Vulnerable against what type of analysis? p211

- Direct Frequency Analysis - Vulnerable to another frequency analysis called *period analysis*

SYMMETRIC CRYPTOGRAPHY / DES / What are the 5 modes of operation? p220

- ECB (Electronic Code Book) mode - CBC (Cipher Block Chaining) mode - CFB (Cipher Feedback) mode - OFB (Output Feedback) mode - CTR (Counter) mode

Cryptographic Mathematics / Describe the *modulo* function p205

- Extremely important in cryptography field - It's the remainder left over after division - Ex: 8 mod 6 = 2 10 mod 3 = 1

Cryptographic Mathematics / Give an example of a *Nonce* p206

- Initialization vector (IV)

Cryptography Concepts / Describe *plaintext* p200

- Message before being encoded. Readable. - represented by the letter *P* when encryption functions are described

SYMMETRIC CRYPTOGRAPHY / Skipjack / What two organizations hold a portion of the information required to reconstruct a skipjack key? p224

- NIST and Department of Treasury - When law enforcement authorities obtain legal authorization, they contact the two agencies, obtain the pieces of the key, and are able to decrypt communications between the affected parties

Cryptographic Mathematics / Describe *Split Knowledge* p207

- One person knows half the knowledge to get the job done, the other person knows the other half. - Separation of duties *AND* two-person control contained in a single solution

Cryptographic Mathematics / Describe the *AND* operation p202

- Represented by the ^ symbol - Checks to see if both values are true (1) - X ^ Y

Cryptographic Mathematics / Describe the *OR* operation p203

- Represented by the ∨ symbol - Checks to see if at least one of the input values are true - Only time returns false is when both inputs are false - X v Y

Authentication / Non-repudiation only works with what encryption scheme? p200

Asymmetric encryption

Data in transit is AKA? p199

Data *on the wire*

Cryptography Concepts / Describe *algorithm* p201

- also refers to the name (3DES, blowfish, etc...) - a set of rules, usually mathematical, that dictates how enciphering and deciphering processes are to take place

Cryptography Concepts / Describe *ciphertext* p201

- message after being encrypted. Not readable. - represented by the letter *C* when encryption functions are described

SYMMETRIC CRYPTOGRAPHY / Describe DES p220

- no longer secure - replaced by AES - 64-bit BLOCK CIPHER - Key used is 56 bits long

Cryptographic Mathematics / Describe the *one-way* function p205

- produces output values for each possible combination of inputs but makes it impossible to retrieve the input values Ex: 15 you can easily find out its 1*3*5 But 10,718,488,075,259? Extremely hard

Modern Cryptography / Symmetric Key Algorithms / Describe p215

- relies on a "shared secret" encryption key that is distributed to all members who participate in the communications - The sender encrypts with the shared secret key and the receiver decrypts with it.

Cryptographic Mathematics / Describe the NOT operation p204

- represented by the ~ (tilde) or ! symbol - reverses the value of an input variable - function operates on only one variable at a time - X=0 !X=1

Cryptographic Mathematics / Describe *Work Function* p207

- the strength of a cryptography system by measuring the effort in terms of cost and/or time to successfully break it - The size of the work function should be matched against the relative value of the protected asset

Cryptographic Mathematics / Describe *Transposition Ciphers* p208

- use an encryption algorithm to rearrange the letters of a plaintext message, forming the ciphertext message. Using the same letters, they're just juggled - Decryption simply reverses it - apple to plepa

Modern Cryptography / Symmetric Key Algorithm / Name 4 weaknesses p216

1) *Key distribution is a major problem* - must have a secure method to exchange secret key 2) *Symmetric key cryptography does not implement nonrepudiation* 3) *The algorithm is not scalable* - not good for large groups 4) *Keys must be regenerated often* - each time a person leaves the group, all keys known by that person must be discarded

Cryptographic Mathematics / Substitution cipher / One-Time Pads (OTP) / What requirements must be met in order to ensure the integrity of the OTP algorithm? p211

1) The OTP must be randomly generated. Using a phrase or a passage from a book would introduce the possibility that cryptanalysts could break the code. 2) The OTP must be physically protected against disclosure. If the enemy has a copy of the pad, they can easily decrypt the enciphered messages. 3) Each OTP must be used only once. If pads are reused, cryptanalysts can compare similarities in multiple messages encrypted with the same pad and possibly determine the key values used. 4) The key must be at least as long as the message to be encrypted. This is because each character of the key is used to encode only one character of the message.

Asymmetric Key Algorithm / Name 6 major strengths (1) p218

1) The addition of new users requires the generation of only one public-private key pair 2) Users can be removed far more easily from asymmetric systems via key revocation 3) Key regeneration is required only when a user's private key is compromised

Symmetric Key Management / Creation and distribution of Symmetric Keys / What are the 3 main methods used to exchange secret keys securely? p226

1) offline distribution 2) public key encryption, 3) Diffi e-Hellman key exchange algorithm.

Modern Cryptography / Asymmetric Key Algorithm / Name 6 major strengths (2) p218

4) Asymmetric key encryption can provide integrity, authentication, and nonrepudiation 5) Key distribution is a simple process - users simply make their public key available to who they want to communicate 6) No preexisting communication link needs to exist - no need to exchange the shared key like symmetric

Cryptography Concepts / The art of creating and implementing secret codes and ciphers is known as p201

Cryptography

Cryptographic Mathematics / Describe Exclusive XOR p204

- aka XOR - most common function - represented by ⊕ symbol - returns a true value when only one of the input values is true. If both values are false or both true, output of XOR function is false - 0 ⊕ 0 = 0 0 ⊕ 1 = 1

SYMMETRIC CRYPTOGRAPHY / AES (Advanced Encryption Standard) / Describe p224

- allows the use of three key strengths: 128 bits, 192 bits, and 256 bits - only allows the processing of 128-bit blocks - Can use a block size equal to key length

Modern Cryptography / Asymmetric Key Algorithms - Describe p216

- also known as public key algorithms - user has two keys: a public key, which is shared with all users, and a private key

SYMMETRIC CRYPTOGRAPHY / Twofish / Describe

- block cipher - 128-bit blocks for data - capable of using encryption keys up to 256 bits in length

Cryptographic Mathematics / Describe the Caesar Cipher (ROT3) in mathematical terms p209

- Assign A-Z numbers 0-26 so A is 0 and Z is 25 - P + 3 because adding 3 to a number to get its new value C = (P + 3) mod 26

Modern Cryptography / Asymmetric Key Algorithm / What is the major weakness? p218

- Slow speed of operation - If transmitting large amount of data may use asymmetric to establish connection then symmetric for data

SYMMETRIC CRYPTOGRAPHY / IDEA (International Data Encryption Algorithm) / Describe p223

- 64-bit blocks (block cipher) - begins its operation with a 128-bit key and then broken up in a series of operations into 52 16-bit keys - capable of operating in the same 5 modes used by DES

Cryptographic Mathematics / What is a solution to the OTP physical exchange of pads/key management? p212

Running key cipher (aka book cipher)

SYMMETRIC CRYPTOGRAPHY / Blowfish / Describe p223

- 64-bit blocks of text - extends IDEA's key strength even further by allowing the use of variable-length keys ranging from a relatively insecure 32 bits to an extremely strong 448 bits - no license rquired - much faster than IDEA and DES

SYMMETRIC CRYPTOGRAPHY / Skipjack / Describe p223

- 64-bit blocks of text - uses an 80-bit key - supports the same four modes of operation supported by DES - *it supports the escrow of encryption keys*

Cryptographic Mathematics / Describe *period analysis* p211

- A type of frequency analysis which is an examination of frequency based on the repeated use of the key

Cryptographic Mathematics / Block Ciphers / Describe p213

- Block ciphers operate on "chunks," or blocks, of a message and apply the encryption algorithm to an entire message block at the same time

What is the output value of the math func 16 mod 3

5 with a remainder of 1

Integrity can be protected by Symmetric or Asymmetric crypto? p200

Both.

Cryptographic Mathematics / Note that the AND and OR functions *are not* opposite each other. p203

Note the below 1 ^ 1 = 1 (AND) 1 v 1 = 1 (OR)

Cryptography Concepts / Together, cryptography and cryptanalysis are commonly referred to as what? p201

Cryptology

Cryptographic Mathematics / Stream Cipher / Describe p213

- Stream ciphers operate on one character or bit of a message (or data stream) at a time - Can also function as a type of block cipher by using a buffer that fills up real-time data and then encrypted as a block

Cryptographic Mathematics / Polyalphabetic substitution ciphers / Describe p209

- Uses multiple alphabets in the same message to hinder decryption efforts

Cryptographic Mathematics / Substitution cipher / Describe One-Time Pads p211

- Very powerful type of substitution cipher - uses a different substitution alphabet for each letter of the plaintext message

Cryptographic Mathematics / How are the Caesar Cipher, Vigenere Cipher, and OTP similar? p211

- Very similar, only difference is key length. CIPHER / KEYLENGTH Caesar / 1 Vigenere / usually a word or sentence OTP / key length could be as long as the message itself

Cryptographic Mathematics / *Ciphers* / Describe *Ciphers* p208

- always meant to hide the true meaning of a message Ciphers convert messages from plaintext to ciphertext on a bit basis (that is, a single digit of a binary code), character basis (that is, a single character of an American Standard Code for Information Interchange (ASCII) message), or block basis (that is, a fi xed-length segment of a message, usually expressed in number of bits). The following sections cover several common ciphers in use today.

Cryptography Concepts / Describe *key* p201

basically nothing more than a number. A very large number.

Cryptographic Mathematics / What is the best example of *Split Knowledge* p207

- concept of key escrow. Using key escrow, cryptographic keys, digital signatures, and even digital certificates can be stored or backed up in a special database called the key escrow database. In the event a user loses or damages their key, that key can be extracted from the backup. However, if only a single key escrow recovery agent exists, there is opportunity for fraud and abuse of this privilege. - see also "M of N Control"

Cryptographic Mathematics / *Ciphers* / Describe *Code* p208

- cryptographic systems of symbols that represent words or phrases - not necessarily meant to provide confidentiality - Ex: "10-4" is code for "I received your comm and understanding."

Cryptography Concepts / Describe *key space* p201

- defined by its *bit size* - is the range between the key that has all 0s and the key that has all 1s - is the range of numbers from 0 to 2n, where n is the bit size of the key - So, a 128-bit key can have a value from 0 to 2128

Cryptographic Mathematics / Running key cipher (aka Book Cipher) / Describe p212

- encryption key is as long as the message itself and is often chosen from a common book (like the text of a whole chapter of Moby Dick) - Look at img for example

Modern Cryptography / Instead of relying on secret algorithms, modern cryptosystems rely on what? p214

the secrecy of one or more cryptographic keys used to personalize the algorithm for specific users or groups of users

Cryptographic Mathematics / What is the primary difference between Code and Ciphers? p208

to remember that codes work on words and phrases, whereas ciphers work on individual characters and bits.

Modern Cryptography / Symmetric Key Algorithm / Name strengths p216

very fast / scales well with hardware advances

SYMMETRIC CRYPTOGRAPHY / AES (Advanced Encryption Standard) / Describe how many rounds based on key length p224

■■ 128-bit keys require 10 rounds of encryption. ■■ 192-bit keys require 12 rounds of encryption. ■■ 256-bit keys require 14 rounds of encryption.

Cryptographic Mathematics / Running key cipher (aka Book Cipher) / Figure out the math for the above example p213

C = (P + K) mod 26 1st Col P=R and K=W so 17+22 so 39 mod 26 is 39/26 so 26 goes into 39 one time with a remainder of 13. C = 13

Cryptographic Mathematics / Substitution cipher / What is the mathematical formula for one-time pads? p211

C = (P + K) mod 26 where K is the encryption key used to encrypt the plaintext letter P into the ciphertext letter C

What is the earliest form of encryption? p196

Caesar Cipher

Modern Cryptography / Hashing Algorithms / What is it called when two different messages produce the same hash value? p219

Collision

What's the 4 goals of Cryptography p198

Confidentiality / Integrity / Availability / Nonrepudiation

Cryptographic Mathematics / Confusion and Diffusion / Describe Confusion p213

Confusion occurs when the relationship between the plaintext and the key is so complicated that an attacker can't merely continue altering the plaintext and analyzing the resulting ciphertext to determine the key

Cryptographic Mathematics / Confusion and Diffusion / Give an example p213

Consider, for example, a cryptographic algorithm that first performs a complex substitution and then uses transposition to rearrange the characters of the substituted ciphertext. In this example, the substitution introduces confusion, and the transposition introduces diffusion.

Cryptographic Mathematics / Substitution cipher / One-Time Pads (OTP) / Why are the 4 integrity requirements so essential? p212

If any one of them are not met, the entire integrity of OTP is compromised, as evidenced in the Soviet VENONA project.

Cryptographic Mathematics / Describe *Zero-Knowledge Proof* p206

Ex: Two individuals. Peggy and Victor. Peggy knows the password to a secret door located inside a circular cave, as shown in Figure 6.2. Victor would like to buy the password from Peggy, but he wants Peggy to prove that she knows the password before paying her for it. Peggy doesn't want to tell Victor the password for fear that he won't pay later. The zero-knowledge proof can solve their dilemma. Victor can stand at the entrance to the cave and watch Peggy depart down the path. Peggy then reaches the door and opens it using the password. She then passes through the door and returns via path 2. Victor saw her leave down path 1 and return via path 2, proving that she must know the correct password to open the door.

Cryptography Concepts / What defines the hardware and software requirements for cryptographic modules used by the federal government? p201

Federal Information Processing Standard (FIPS) 140-2

Cryptographic Mathematics / Describe the *M of N Control* p207

M of N Control requires that a minimum number of agents (M) out of the total number of agents (N) work together to perform high-security tasks. So, implementing three of eight controls would require three people out of the eight with the assigned work task of key escrow recovery agent to work together to pull a single key out of the key escrow database (thereby also illustrating that M is always less than or equal to N).

SYMMETRIC CRYPTOGRAPHY / IDEA / What is a popular implementation of IDEA? p223

PGP (Pretty Good Privacy)

Cryptographic Mathematics / Substitution Ciphers / OTP / What types of messages are OTPs best used for? p212

Short messages, because of key lengths.

Describe the key difference between Symmetric and Asymmetric cryptosystems p199

Symmetric - Shared secret key Asymmetric - Public / Private key

Describe the attack known as *frequency analysis* p197

Takes the most common letters in the english language (E, T, A, O, N, R, I, S, and H), finds them in the encrypted text and experiments with substitutions of these letters to help determine the pattern

How to determine the number of keys in a key space?

To determine the number of keys in a key space, raise 2 to the power of the number of bits in the key space. In this example, 24 = 16.

Cryptographic Mathematics / Describe "columnar transposition" p208

Uses a table approach with columns and rows, with each letter of the keyword being the very top row

Cryptographic Mathematics / Substitution cipher / What is one-time pads aka? p211

Vernam ciphers

Cryptography Concepts / What is the study to defeat codes and ciphers called? p201

cryptanalysis

SYMMETRIC CRYPTOGRAPHY / DES / 5 modes / I'm not going into detail for each one of these modes. If the need arises to know this very minute data, check p 221

p221