Kingfisher Security+ SYO-501 Chapter 14: Encryption and Hashing Concepts

One-Time Pad (aka Vernam cipher)

(Also known as the Vernam cipher, named after the engineer Gilbert Vernam) is a stream cipher that encrypts plaintext with a secret random key that is the same length as the plaintext. It uses a string of bits that is generated at random (known as a keystream). Encryption is accomplished by combining the keystream with the plaintext message using the bitwise XOR operator to produce the ciphertext. Because the keystream is randomized, even an attacker with a plethora of computational resources on hand can only guess the plaintext if the attacker sees the ciphertext. Unlike other encryption types, it can be computed by hand with a pencil and paper (thus the word "pad" in the name), although today computers will be used to create a one-time pad algorithm for use with technology. It has been proven as impossible to crack if used correctly and is known as being "information-theoretically secure"; it is the only cryptosystem with theoretically perfect secrecy. One of the issues with a one-time pad is that it requires perfect randomness. The problem with computer-based random number generators is that they usually aren't truly random because high-quality random numbers are difficult to generate; instead, they are pseudorandom number generators (PRNGs), discussed a bit later. Another issue is that the exchange of the one-time pad data must be equal to the length of the message. It also requires proper disposal, which is difficult due to data remanence.

Symmetric Key Algorithm

A class of cipher that uses a single key, identical keys, or closely related keys for both encryption and decryption. The term symmetric key is also referred to as the following: secret key, private key, single key, and shared key. Ex. DES, 3DES, RC, and AES. Another example of a technology that uses symmetric keys is Kerberos. By default, Kerberos makes use of a third party known as a key distribution center (KDC) for the secure transmission of symmetric keys, also referred to as tickets. Symmetric key algorithms require a secure initial exchange of one or more secret keys to both the sender and the receiver.

Hash Function

A mathematical procedure that converts a variable-sized amount of data into a smaller block of data. The hash function is designed to take an arbitrary data block from the file or message, use that as an input, and from that block produce a fixed-length hash value. Basically, the hash is created at the source and is recalculated and compared with the original hash at the destination.

Private & Public Keys

A private key is only known to a specific user or users who keep the key a secret. A public key is known to all parties involved in encrypted transactions within a given group. An example of a private key would be the usage of an encrypted smart card for authentication. Smart cards, ExpressCard/PC Card technology, and USB flash drives are devices that can store keys. When private keys are stored on these types of devices and delivered outside of a network, it's an out-of-band key exchange. An example of a public key would be when two people want to communicate securely over the Internet; they would require a public key that each of them knows. When this key transfer happens over a network, it is known as in-band key exchange.

Rivest, Shamir, and Adleman (RSA) Algorithm

A public key cryptography algorithm. As long as the proper size keys are used, it is considered to be a secure protocol and is used in many e-commerce scenarios. It is slower than symmetric key algorithms but has advantages of being suitable for signing and for encryption. It works well with credit card security and Transport Layer Security (TLS)/Secure Sockets Layer (SSL). Key lengths for RSA are much longer than in symmetric cryptosystems. Ex. 1024-bit keys are currently considered unbreakable by most, but RSA still recommends using the longer 2048-bit key, which should deter even the most powerful super hackers. Asymmetric algorithm keys need to be much larger than their symmetric key counterparts to be as effective. Ex. A 128-bit symmetric key is essentially equal to a 2304-bit asymmetric key in strength.

Hash

A summary of a file or message, often in numeric format. Hashes are used in digital signatures, in file and message authentication, and as a way to protect the integrity of sensitive data; for example, data entered into databases, or perhaps entire hard drives. A hash is generated through the use of a hash function to verify the integrity of the file or message, most commonly after transit over a network. A hash can fall into the category of a one-way function. This means it is easy to compute when generated but difficult (or impossible) to compute in reverse. In the case of a hash, a condensed version of the message, initial computation is relatively easy (compared to other algorithms), but the original message should not be re-created from the hash. Contrast this concept to encryption methods that indeed can be reversed. A hash can be created without the use of an algorithm, but generally, the ones used in the field require some kind of cryptographic algorithm.

Block Cipher

A symmetric key type of algorithm that encrypts a group of bits collectively as individual units known as blocks. Ex. Advanced Encryption Standard (AES) algorithm can use 128-bit or 256-bit block ciphers. Block ciphers can work in different modes including: Electronic Codebook (ECB), Cipher Block Chaining (CBC), Cipher Feedback (CFB), Output Feedback (OFB), Galois/Counter Mode (GCM), and Counter (CTR). The modes define how a message is divided into blocks and encrypted. Ex. ECB divides a message into blocks of plaintext and each block is encrypted separately. CBC is a commonly used mode that builds on ECB by XORing each block of plaintext with the previous ciphertext block that was created. CBC is one of the modes that require a unique binary sequence (an initialization vector, or IV) for each encryption operation. The IV can be a vulnerability, as in the CBC IV attack , where a predictable IV can lead to the deciphering of all blocks, because each one is based on the block previous. Secure coding concepts should be employed when using CBC or a separate block mode should be selected altogether such as GCM, which is considered to be a more efficient mode. The mode chosen will depend on the purpose of the encryption and the application it is being developed for.

Stream Cipher

A symmetric key type of algorithm that encrypts each binary digit in the data stream, one bit at a time.

Genetic Algorithm

A type of evolutionary algorithm, which is inspired by natural, biological evolution. Algorithms such as this are programmed with languages like Python and C++. A genetic algorithm can be used to identify a person from a very broad set of information. This could be based on a set of data gathered via data aggregation, or—and this is related to the book you are reading—it could involve stylometry. Stylometry is the study of linguistic style, music, and other forms of communication. It could be used to identify the author of this book without knowing any reference to the author, or to identify a songwriter. You know, name that tune in three notes!—except a computer does the naming. It's based on style and specific words (and their usage frequency) employed by the writer. A genetic algorithm used in stylometric analysis applies a set of rules (IF-THEN statements). It helps to know a key word that the writer uses somewhat frequently. For example, the word "known": In a chapter such as this, with 10,000 words, I might use that word 30 times. The rule could be "If the word known appears 3 or more times per every 1000 words, then the author is X." In this case, X would equal David L. Prowse, me, and possibly several other technical authors. Stylometry has its uses in identification, but can also be used to provide statistical analysis. But more often than not it is used for identifi cation of anonymous works. Stylometry is just one of many examples of applications that use genetic algorithms.

Elliptic Curve Diffie-Hellman Ephemeral (ECDHE)

A variant of the Diffie-Hellman algorithm that uses Elliptic Curve Cryptography and runs in ephemeral mode, which as previously stated makes sure that a compromised message won't start a chain reaction, and that other messages maintain their integrity. By its very design, the elliptic curve solves the problem of the extra computational power required by DHE. In general, the size of the public key in an elliptic curve-based algorithm can be 1/6 the size of the non-elliptic curve version.

Data in Use

Actively used data undergoing constant change. Ex. Often used data stored in databases or spreadsheets.

Password Creation Advice

An admin needs to remember that the primary line of defense when it comes to passwords is to use complexity and length; not just one or the other. Also, define policies that specify complexity plus length. And if length cannot be incorporated into your password scheme, use key stretching, or salting, or strongly consider using a different hash altogether. Another myth is that password checkers ensure strong passwords. Password checkers can give an idea of whether a password is secure, but may interpret some weak passwords as strong. Also limit the number of times that a password can be tried via policy; for example, limiting password attempts to five or even as little as three. Define delays between consecutive password attempts, especially on websites. It can help to defend against exhaustive key searches. Better yet, use one-time passwords (OTPs), such as the HMAC (Hash-based Message Authentication Code)-based OTP (HOTP). Extend that concept by supporting a time-based moving factor that must be changed each time a new password is generated, and you have the time-based OTP (TOTP).

Cipher

An algorithm that can perform encryption or decryption. Ex. Take the plaintext word "code" and encrypt it as a ciphertext using a specific algorithm. The end result could be anything, depending on the algorithm used, but, for example, let's say the end result was the ciphertext "zlab." Each letter of the plaintext word "code" was stepped back three letters in the alphabet. Historical ciphers use substitution methods such as this, and transposition methods as well.

Elliptic Curve Cryptography (ECC)

An algorithm that uses elliptic curves instead of prime numbers to compute keys. A type of public key cryptography based on the structure of an elliptic curve. It uses logarithms calculated against a finite field and is based on the difficulty of certain mathematical problems. It uses smaller keys than most other encryption methods. Keys are created by graphing specific points on the curve, which were generated mathematically. All parties involved must agree on the elements that define the curve. This asymmetric algorithm has a compact design, leading to reduced computational power compared to other asymmetric algorithms, yet it creates keys that are difficult to crack.

Diffie-Hellman System

An asymmetric key algorithm where each user generates a public/private key pair and distributes a public key to everyone else. After two or more users obtain a copy of the others' public keys, they can be used to create a shared secret used as the key for a symmetric cipher.

Birthday Attack

An attack on a hashing system that attempts to send two different messages with the same hash function, causing a collision. It is based on the birthday problem in probability theory (also known as the birthday paradox). This can be summed up simply as the following: A randomly chosen group of people will have a pair of persons with the same calendar date birthday. Given a standard calendar year of 365 days, the probability of this occurring with 366 people is 100% (367 people on a leap year). So far, this makes sense and sounds logical. The paradox (thoughtfully and mathematically) comes into play when fewer people are involved. With only 57 people, there is a 99% probability of a match (a much higher percentage than one would think), and with only 23 people, there is a 50% probability. Use hashing functions with strong collision resistance. Because if attackers can find any two messages that digest the same way (use the same hash value), they can deceive a user into receiving the wrong message. To protect against a birthday attack, use a secure transmission medium, such as SSH, or encrypt the entire message that has been hashed.

Pretty Good Privacy (PGP)

An encryption program used primarily for signing, encrypting, and decrypting e-mails in an attempt to increase the security of e-mail communications. PGP uses (actually wrote) the encryption specifications as shown in the OpenPGP standard; other similar programs use this as well. Today, PGP has an entire suite of tools that can encrypt e-mail, accomplish whole disk encryption, and encrypt zip files and instant messages. PGP uses a symmetric session key (also referred to as a pre-shared key, or PSK), and as such, you might hear PGP referred to as a program that uses symmetric encryption, but it also uses asymmetric RSA for digital signatures and for sending the session key. Because of this it is known as a hybrid crypto-system, combining the best of conventional systems and public key cryptography.

Public Key Infrastructure (PKI)

An entire system of hardware, software, policies, and so on, that binds public keys with user identities by way of certificates and a certificate authority (server or other such device). A certificate is an electronic document that uses a digital signature to bind the key with the identity.

Data Encryption Standard (DES) a.k.a Data Encryption Algorithm (DEA)

An older deprecated block cipher selected by federal government in the 1970s as its encryption standard. It groups 64 bits together into encryption units, like other block ciphers. Today, a 64-bit cipher is not considered powerful enough; and its 56-bit key can be cracked fairly easily with a brute-force attack or linear cryptanalysis attack. Also, there are some theoretical weaknesses to the cipher itself. The algorithm is based on the Feistel cipher, which has very similar, if not identical, encryption and decryption processes, reducing the amount of code required. DES was replaced by Triple DES (3DES) in 1999.

Digital Signature

Authenticates a document through math, letting the recipient know that the document was created and sent by the actual sender, and not someone else. So, it ensures integrity and non-repudiation, and it protects against forgery and tampering. Digital signatures can also be hashed for comparison once the document gets to its final destination.

Blowfish, Twofish, and Threefish

Blowfish and Twofish are two ciphers designed by Bruce Schneier. The original Blowfish is a block cipher designed as an alternative to DES (the name also pertains to a suite of products). It has a 64-bit block size and variable key size between 32 and 448 bits. Bruce Schneier recommends the newer Twofish cipher , which has a block size of 128 bits and a key size up to 256 bits and is also based on Feistel. There is also a newer Threefish block cipher with key sizes up to 1024-bit. These symmetrical ciphers have not been compromised, but they do have minor weaknesses that can be exploited by birthday attacks and key separation.

Encryption Algorithm Key Sizes/Lengths

DES (Data Encryption Standard): 56-bit 3DES (Triple DES): 168-bit AES (Advanced Encryption Standard): 256-bit RC4 (Rivest Cipher version 4): 128-bit typical RC5 (Rivest Cipher version 5): 64-bit typical RC6 (Rivest Cipher version 6): 256-bit typical Twofish: 128-, 192-, 256-bit

Data in Transit/Motion

Data that crosses the network or data that currently resides in computer memory.

Diffie-Hellman Vulnerabilities/Downsides

Diffie-Hellman is considered secure against eavesdroppers due to the difficulty of mathematically solving the Diffie-Hellman problem. However, it is vulnerable to man-in-the-middle attacks. To prevent this, some method of authentication is used such as password authentication. This algorithm is used by the Transport Layer Security (TLS) protocol during encrypted web sessions. When used in this manner, it works in ephemeral mode, meaning that keys are generated during each portion of the key establishment process, and are used for shorter periods of time than with static keys. It is this ephemeral process that achieves perfect forward secrecy (PFS), which ensures that the compromise of one message will not lead to the compromise of another message. This ephemeral version of Diffie-Hellman is called DHE, or sometimes Ephemeral Diffie-Hellman (EDH), because it uses an ephemeral key, meaning that the cryptographic key is generated for each execution of the key establishment process. One of the drawbacks to DHE is that it requires more computational power; however, there is an elliptic curve alternative.

Elliptic Curve Cryptography (ECC) Vulnerabilities

ECC is used with smart cards, wireless security, and other communications such as VoIP and IPsec (with DSA). It can be susceptible to side-channel attacks (SCAs), which are attacks based on leaked information gained from the physical implementation (number and type of curves) of the crypto-system, and fault attacks (a type of SCA), plus there are concerns about backdoors into the algorithm's random generator. Elliptic curve cryptography (as well as RSA and other algorithms) is also theoretically vulnerable to quantum cryptanalysis-based computing attacks.

Hash-based Message Authentication Code (HMAC)

HMAC stands for Hash-based Message Authentication Code. Message Authentication Code (MAC) is a short piece of information—a small algorithm—used to authenticate a message and to provide integrity and authenticity assurances on the message. It checks the integrity of the cipher used and notifies the receiver if there were any modifications to the encrypted data. This way, the data cannot be denied (repudiated) when received. Building on this concept, HMAC is a calculation of a MAC through the use of a cryptographic hash function such as MD5 or SHA-1. If for example SHA-1 is used, the corresponding MAC would be known as HMAC-SHA1, or better yet, if using SHA-2 (due to SHA-1 deprecation) then you would probably use HMAC-SHA256 (or higher). Warning: Be very careful selecting the type and version of hash function that you use!

Cryptographic Hash Functions

Hash functions based on block ciphers. The methods used resemble that of cipher modes used in encryption. Examples of cryptographic hash functions include MD5 and SHA.

Quantum Cryptography

In the standard digital encryption scenario, the "key" is established between two parties: One person encodes bits of information, and the other decodes them. Standard bits of information are used (1s and 0s). But in a quantum encryption scenario, the bits of the key can be encoded as quantum data (in which bits can exist in multiple states). This allows information to be encoded in such a way that would otherwise be impossible in classical digital encryption schemes. Currently, quantum cryptography is a reality only in the form of quantum key distribution (QKD), which does have various protocols based on it. It commonly uses a fiber channel (fiber-optic matrix) to transmit quantum information, which can be very costly. In fact, the entire procedure is quite expensive and diffi cult to undertake, making it uncommon.

Data at Rest

Inactive data that is archived—backed up to tape or otherwise.

Diffie-Hellman Key Exchange

Invented in the 1970s, it was the first practical method for establishing a shared secret key over an unprotected communications channel. This asymmetric algorithm was developed shortly before the original RSA algorithm. It relies on secure key exchange before data can be transferred. This key exchange establishes a shared secret key that can be used for secret communications but over a public network.

Nonce (Number Used Once)

It is a unique number (that is difficult for attackers to find) that can only be used once. As such, it helps to protect users from replay attacks. It can be added to password-based authentication schemes where a secure hash function (such as SHA) is used.

Caesar Shift Cipher & ROT13 Substitution Cipher

Messages sent in ancient Rome would have each letter shifted by one or more places. Similarly, the ROT13 substitution cipher replaces (or rotates) a letter with the letter 13 steps after it.

Secure Hash Algorithm (SHA)

One of a number of hash functions designed by the U.S. National Security Agency (NSA) and published by the NIST. They are used widely in the U.S. government. SHA-1 is no longer considered to be secure because there is the potential for successful collision-based attacks. It employs a 160-bit hash, and as of 2017 has been deprecated. Any websites or other applications using SHA-1 are required to be updated to a higher level of SHA or other hashing algorithm. SHA-2 is more secure; it has 256-bit and 512-bit block sizes, plus truncated derivatives of each. Keccak was selected from a group of algorithms in 2012 as the SHA-3 winner, but is not meant as a replacement for SHA-2, because no compromise of SHA-2 has yet been demonstrated (as of the writing of this book).

Padding Schemes

Padding schemes work differently depending on the type of cryptography. In public key cryptography, padding is the addition of random material to a message to be sufficient, and incorporating a proof, making it more difficult to crack. A padding scheme is always involved, and algorithm makers such as RSA are always releasing improved versions.

Preventing A Pass The Hash Attack

Prevent a pass the hash attack by only allowing clients that are trusted operating systems to connect to a server; configuring Windows domain trusts securely; using multi-factor authentication; using tokens; and implementing the principle of least privilege for user accounts. When employing least privilege, be sure to include domain accounts and local admin accounts. Finally, standard network security should also be implemented, including IDS/IPS solutions, firewall restrictions, and so on.

RACE Integrity Primitives Evaluation Message Digest (RIPEMD)

RIPEMD stands for the RACE Integrity Primitives Evaluation Message Digest. The original RIPEMD (128-bit) had a collision reported, and therefore it is recommended to use RIPEMD-160 (160-bit), RIPEMD-256, or RIPEMD-320. The commonly used RIPEMD-160 is a 160-bit message digest algorithm used in cryptographic hashing. It is used less commonly than SHA and was designed as an open source hashing algorithm.

RSA's Vulnerabilities

RSA key distribution is vulnerable to man-inthe- middle attacks. However, these attacks are defensible through the use of digital certificates and other parts of a PKI system. It is also susceptible to timing attacks that can be defended against through the use of cryptographic blinding. This blind computation provides encryption without knowing actual input or output information. Due to other types of attacks, it is recommended that a secure padding scheme be used.

Triple Data Encryption Standard (3DES) a.k.a Triple Data Encryption Algorithm (TDEA)

Similar to DES but applies the cipher algorithm three times to each cipher block. The cipher block size is still 64-bit, but the key size can now be as much as 168-bit (three times the size of DES). This was a smart approach to defeating brute-force attacks without having to completely redesign the DES protocol. However, both DES and 3DES have been overshadowed by AES, which became the preferred standard in late 2001.

NTLM Hash a.k.a NT (New Technology) Lan Manager Hash

The NTLM algorithm was first supplied with Windows NT 3.1; it provides Unicode support and, more important to this conversation, the RC4 cipher. Although the RC4 cipher enables a more powerful hash known as NTLM for storing passwords, the systems it ran on were still configured to be backward compatible with the LM hash. So, as long as the LM hash was not disabled, those systems were still at the same risk as older systems that ran the LM hash only. Windows Vista and Windows Server 2008 operating systems (and higher) disable the older LM hash by default. While NTLM uses cyclic redundancy checks (CRCs) and message digest algorithms for integrity, the main issue with NTLM is that it is based on the RC4 cipher, and not any recent cryptographic methods such as AES or SHA-256. RC4 has been compromised, and therefore the NTLM hash is compromised. Due to the weakness of NTLM, we need a stronger hashing algorithm: NTLMv2.

How RSA Works

The RSA algorithm uses what is known as integer factorization cryptography. It works by first multiplying two distinct prime numbers that cannot be factored. Then it moves on to some more advanced math in order to derive a set of two numbers. Finally, from these two numbers, it creates a private and public key pair. The private key is used to decrypt data that has been encrypted with the public key. Ex. If Alice (User A) sends Bob (User B) a message, Alice can find out Bob's public key from a central source and encrypt a message to Bob using Bob's public key. When Bob receives it, he decrypts it with his private key. Bob can also authenticate himself to Alice, for example by using his private key to encrypt a digital certificate. When Alice receives it, she can use his public key to decrypt it. Examples of RSA encryption: Tokens in the form of SecurID USB dongles, and devices such as hardware security modules (HSMs) and trusted platform modules (TPMs). All these devices can store RSA asymmetric keys and can be used to assist in user authentication.

Key

The essential piece of information that determines the output of a cipher. It is indispensable; without it there would be no result to the cipher computation. In the previous bullet, the key was the act of stepping back three letters. Just like a person can't unlock a lock without the proper key, a computer can't decrypt information without the proper key (using normal methods). The only way to provide security is if the key is kept secret—or in the case that there are multiple keys, if one of them is kept secret. The terms key and cipher are sometimes used interchangeably, but you should remember that the key is the vital portion of the cipher that determines its output. The length of the key determines its strength. Shorter, weaker keys are desirable to attackers attempting to access encrypted data. When two users exchange encrypted messages, it starts with a key exchange.

Message-Digest Algorithm 5 (MD5)

The newest of a series of algorithms designed by Ron Rivest. It uses a 128-bit key. This is a widely used hashing algorithm; at some point you have probably seen MD5 hashes when downloading files. This is an example of the attempt at providing integrity. By checking the hash produced by the downloaded file against the original hash, you can verify the file's integrity with a level of certainty. However, MD5 hashes are susceptible to collisions. A collision occurs when two different files end up using the same hash. Due to this low collision resistance, MD5 is considered to be harmful today. MD5 is also vulnerable to threats such as rainbow tables (a precomputed table used to reverse engineer a cryptographic hash function, most often used to crack passwords) and pre-image attacks. The best solution to protect against these attacks is to use a stronger type of hashing function such as SHA-2 or higher. Because MD5 and SHA-1 have vulnerabilities, some government agencies started using SHA-2 as early as 2011 (and most likely will use SHA-3 at some point). For added security, a software key (computed with either SHA or MD-5) might be compared to a hardware key. Some software activations require this in fact—if the hardware and software hash values don't match, then the software won't activate.

LANMAN Hash a.k.a LAN Manager Hash/LM Hash

The original hash used to store Windows passwords. It was used in Windows operating systems before Windows NT but is supported by some versions of Windows in an attempt to be backward compatible. This backward compatibility can be a security risk because the LM hash has several weaknesses and can be cracked easily. Its function is based on the deprecated DES algorithm and can only be a maximum of 14 characters. These weaknesses are compounded by the fact that the ASCII password is broken into two pieces, one of which is converted to uppercase, essentially removing a large portion of the character set. Plus, it can store a maximum of only seven uppercase characters. Due to this, brute-force attacks can crack alphanumeric LM hashes in a matter of hours. Due to all these weaknesses, it is highly recommended that the LANMAN hash be disabled on operating systems that run it by default. It should also be checked on operating systems such as Windows Vista/Server 2008 and higher that are supposed to have it disabled by default, just in case the setting was modified.

Cryptography

The practice and study of hiding information, or more accurately, hiding the meaning of the information. It is used in e-commerce and with passwords. Most commonly, encryption is used to hide a message's meaning and make it secret. The word is roughly derived from the Greek words kryptos (meaning "hidden") and graphein (meaning "to write").

Encryption

The process of changing information using an algorithm (or cipher) into another form that is unreadable by others—unless they possess the key to that data. Encryption is used to secure communications and to protect data as it is transferred from one place to another. The reverse, decryption, can be accomplished in two ways: First, by using the proper key to unlock the data, and second, by cracking the original encryption key. Encryption enforces confidentiality of data.

Steganography

The science (and art) of writing hidden messages; it is a form of security through obscurity. The goal is that no one aside from the sender and receiver should even suspect that the hidden message exists. In Greek, steganos means "covered," and this is one example of hiding a message by covering it. Steganography can hide messages within encrypted documents, sound files, image files, slowed-down video files, and regular Word documents or Excel spreadsheets by inserting extra encrypted information. Messages can also be concealed within VoIP conversations (known as Lost Audio Packets Steganography, or LACK), and within any streaming service as well. They can also be obscured on a compromised wireless network with the HICCUPS system (Hidden Communication System for Corrupted Networks). Ex. Using graphic files to send hidden messages. In this scenario, the least significant bit of each byte is replaced. For example, we could shade the color of a pixel (or triad) just slightly. This slight change would change the binary number associated with the color, enabling us to insert information. The color blue is represented as three bytes of data numbered 0, 0, and 255. We could change the color blue slightly to 1, 0, 255. This would not make the graphic look any different to the naked eye, but the change would be there nonetheless. This would be done in several or more pixels of the graphic to form the message. For this to work, the recipient would first need to have possession of the original file. Then the sender would transmit the modified steganographic file to be compared with the original by the recipient.

Advanced Encryption Standard (AES)

The successor to DES/3DES and is another symmetric key encryption standard composed of three different versions of block ciphers: AES-128, AES-192, and AES-256. Actually, each of these has the same 128-bit cipher block size, but the key sizes for each are 128-bit, 192-bit, and 256-bit, respectively. AES is based on the substitution-permutation network, which takes plaintext and the key and applies x number of rounds to create the cipher text. These rounds consist of substitution boxes and permutation boxes (usually in groups of 4×4 bytes) that convert the plaintext input bits to cipher text output bits. AES specifies 10, 12, or 14 rounds for each of the respective versions. AES is fast, uses minimal resources, and can be used on a variety of platforms.

Rivest's Cipher/Ron's Code (RC)

There are multiple RC versions, most of which are not related aside from the fact that they are all encryption algorithms. RC4 is a somewhat widely used stream cipher in protocols such as Secure Sockets Layer (SSL), Wired Equivalent Privacy (WEP), and Remote Desktop Protocol (RDP). It is known for its speed and simplicity but avoided when designing newer applications and technologies due to several vulnerabilities; when used with WEP on wireless networks, it can be cracked quickly with the use of aircrackptw. One way to avoid this to a certain extent is to use the Temporal Key Integrity Protocol (TKIP) with WEP. However, it still is recommended that AES and WPA2 be used in wireless networks. Some versions of Microsoft Remote Desktop Services use RC4 128-bit but Microsoft recommends using other encryption instead such as Federal Information Processing Standard (FIPS)-compliant encryption (IPsec and EFS) and TLS for authentication. RC5 is a block cipher noted for its simplicity and for its variable size (32-, 64-, or 128-bit). It was cracked by distributed.net, a non-profit, via brute-force attack in 2001. RC6 is a block cipher entered into the AES competition and one of the five finalists. It is a patented algorithm offered by RSA Security as an alternative to AES. It is similar to AES in block size and key size options but uses different mathematical methods than Rijndael.

Data Encryption Key (DEK), Key Encryption Key (KEK), and Master Encrypting Key (MEK)

These are different types of keys used during the encryption process. AES provides a good place to discuss these. Ex. When Advanced Encryption Standard (AES) encrypts data, it does so with a data encryption key (DEK). To make an encryption system more secure, you can store that DEK in an encrypted format. This is done with a key encryption key (KEK) and can be stored in a separate location for additional security if need be. A master encrypting key (MEK)/master key describes either a DEK or KEK being used. For example, in a secure storage scenario, the master key will be a DEK that is used to encrypt data that is put in a user's protected storage area. It is encrypted by a KEK that is based on the user's password. That is a very basic explanation of DEK, KEK, and MEK. For the Security+ exam you should be able to define them, and understand that they can be instrumental in dealing with secure storage of data, potentially in multiple locations.

Asymmetric Key Algorithm

Use a pair of different keys to encrypt and decrypt data. The keys might be related, but they are not identical or even close to it in the way symmetric keys are. The two asymmetric keys are related mathematically. One key is used to encrypt data; the other, dissimilar key is used to decrypt the data. Because of the difference in keys, asymmetric key management schemes (such as PKI) are considered to be the most complicated. Ex. RSA, the Diffie-Hellman system, and elliptic curve cryptography. SSL and TLS protocols use asymmetric key algorithms but generally do so in a public key cryptographic environment. The basic order of functions for the usage of asymmetric keys in this case would be encrypt, sign, decrypt, and verify.

Pseudo-Random Number Generator (PRNG)

Used by cryptographic applications that require unpredictable output. They are primarily coded in C or Java and are developed within a cryptography application such as a key generator program. Within that program there is a specific utility, for example SHA2PRNG, that is used to create the PRNG. (Remember to use SHA-256—as of the writing of this book—or higher.) For additional "randomness" a programmer will increase entropy, often by collecting system noise. One of the threats to PRNGs is the random number generator attack, which exploits weaknesses in the code. This can be prevented by implementing randomness, using AES (Advanced Encryption Standard), using newer versions of SHA (Secure Hash Algorithm), and maintaining physical control of the system where the PRNG is developed and stored.

New Technology LAN Manager Hash Version (NTLM v.2)

Uses an HMAC-MD5 (Hash-based Message Authentication Code & Message-Digest) hash, making it difficult to crack; it is a 128-bit system. NTLMv2 has been available since Windows NT 4.0 SP4 and is used by default on newer Windows operating systems. Even though NTLMv2 responds to the security issues of the LM hash and NTLM, most Microsoft domains use Kerberos as the logon authentication scheme because of its level of security when dealing with one computer logging in to another or in to an entire network/domain. NTLMv2 is used either when Kerberos isn't available, users log in with local accounts, or a connecting OS doesn't support Kerberos.

Public Key Cryptography

Uses asymmetric keys alone or in addition to symmetric keys. It doesn't need the secure exchange of secret keys mentioned in the symmetric key section. Instead, the asymmetric key algorithm creates a secret private key and a published public key. The public key is well known, and anyone can use it to encrypt messages. However, only the owner(s) of the paired or corresponding private key can decrypt the message. The security of the system is based on the secrecy of the private key. If the private key is compromised, the entire system will lose its effectiveness. Public key cryptography can become more intense. In some schemes, the private key is used to sign a message, and anyone can check the signature with the public key. This signing is done with a digital signature.

Algorithm

Well-defined instructions that describe computations from their initial state to their final state. IF-THEN statements are examples of computer algorithms.

Pass The Hash Attack

When an attacker obtains the password hash of one or more user accounts and reapplies the hash to a server or other system in order to fool the system into thinking that the attacker is authentic. The goal is for the attacker to gain access to the system, often a Windows Server, and gain another user's credentials with the potential to escalate privileges. The attack starts with the attacker obtaining the hashes from a target system. That's the hard part. Access to the system is required in one way or another, then the attacker can use a hash dumping utility to collect the hashes for user passwords. Next, the attacker utilizes a "pass the hash" program to place the hashes within the server. For example, within the Local Security Authority Subsystem Service (LSASS) in Windows Server. This can be done using a side-channel attack so that the attacker can impersonate one of the users. If done properly, the attacker does not need to know the password of an account, does need to brute-force the password, and does not need to reverse engineer the hash. While the attack can be carried out on an individual client system also, it is more often something that is focused on Windows Servers (namely domain controllers) because they house many user account credentials.

How Pretty Good Privacy (PGP) Works

When encrypting data, PGP uses key sizes of at least 128 bits. Newer versions allow for RSA or DSA key sizes ranging from 512 bits to 2048 bits. The larger the key, the more secure the encryption is, but the longer it takes to generate the keys; although, this is done only once when establishing a connection with another user. The program uses a combination of hashing, data compression, symmetric key cryptography, and public key cryptography. New versions of the program are not fully compatible with older versions because the older versions cannot decrypt the data that was generated by a newer version. This is one of the issues when using PGP; users must be sure to work with the same version. Newer versions of PGP support OpenPGP and S/MIME (Secure/Multi-Purpose Internet Mail Extensions), which allows for secure communications with just about everyone. Because it works with RSA, the security of PGP is based on the key size. It is considered secure and uncrackable as long as a sufficient key size is used. As an example, it has been suggested that a 2048-bit key should be safe against the strongest of well-funded adversaries with knowledgeable people and the latest in supercomputers until at least the year 2020; 1024-bit keys are considered strong enough for all but the most sensitive data environments .

Key Stretching

Will take a weak key, process it, and output an enhanced and more powerful key. Often, this process will increase the size of the key to 128 bits, making attacks such as brute-force attacks much more difficult, if not impossible. Examples of key stretching software include PBKDF2 and bcrypt. These utilities also incorporate salting to protect against dictionary attacks, brute-forcing, and rainbow table attacks. Salting is additional random data that is added to a one-way cryptographic hash. It is one character or more, but defined in bits. The person with the weaker web server password key, or perhaps the admin with the NTLM hash, would do well to consider key stretching or salting.

GNU Privacy Guard (GPG or GNUPG)

Written using open source code (OpenPGP) to integrate with PGP or replace it. GPG is a combination of symmetric key encryption and public key encryption.